Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92344a76-d582-4bc9-8fcb-d28a7cd833f1.roa
File: 92344a76-d582-4bc9-8fcb-d28a7cd833f1.roa (raw, json)
Hash identifier: 4JnRIOpydZT97hULNqR+NQe7yPfrn+cGputakRPE6Xk=
Subject key identifier: AF:0E:DB:96:B7:0F:26:42:D4:31:B1:83:C1:3F:94:86:9A:C7:67:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27EB0D2BFE754BE3D94C37FF152FC3D5A0EB5C73
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92344a76-d582-4bc9-8fcb-d28a7cd833f1.roa
Signing time: Sat 28 Feb 2026 05:41:28 +0000
ROA not before: Sat 28 Feb 2026 05:41:28 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:eb:0d:2b:fe:75:4b:e3:d9:4c:37:ff:15:2f:c3:d5:a0:eb:5c:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:28 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=3294dec73a6dd5ff7ce32e314a8519f1e0a2e9cd94bc577f8de3d07bb3f6afe4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:49:3e:c4:47:4e:9e:9e:2c:46:19:43:87:a2:
4f:c2:37:5a:c8:6e:c1:4d:17:82:01:fb:4c:e8:c0:
2a:9d:84:81:32:ba:6d:d4:3b:70:bf:d2:1c:7e:1c:
a8:6b:bf:d5:41:20:22:68:e1:55:2b:85:72:b9:f3:
dc:f2:35:6a:46:6e:ed:d4:83:fa:80:20:63:20:60:
a3:0c:c9:ce:7f:23:fd:13:df:ea:01:c7:f8:8b:32:
42:77:21:86:76:23:86:65:70:f4:bc:66:97:e7:38:
40:05:70:d2:5f:b6:26:98:a2:b0:35:b6:a7:74:64:
e1:4d:a9:7a:53:4a:0a:c7:a6:ed:bd:ec:84:35:66:
6b:47:97:83:aa:cc:17:49:9e:71:88:fc:7b:49:32:
bd:c1:1b:0d:7e:05:02:95:99:48:86:94:ce:22:73:
b0:a6:31:0e:59:39:c1:87:18:25:49:b6:67:23:e4:
37:58:0e:2e:b4:30:63:7a:1a:af:2f:16:67:12:a6:
e2:f2:5e:f4:64:4b:c0:cb:f9:a6:c3:83:c9:ac:27:
6f:de:9a:40:ae:c9:44:87:b9:0a:a7:ef:c1:e4:5d:
ea:96:a9:28:f5:88:84:b5:d5:04:b6:a4:e6:26:4d:
0b:fb:c3:7d:05:f4:4e:51:47:cd:6f:cc:59:c7:51:
e3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:0E:DB:96:B7:0F:26:42:D4:31:B1:83:C1:3F:94:86:9A:C7:67:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92344a76-d582-4bc9-8fcb-d28a7cd833f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:2000::/40
Signature Algorithm: sha256WithRSAEncryption
96:87:11:87:12:a1:14:c5:ec:cd:62:ad:e3:d6:1b:35:dc:35:
6f:eb:1f:67:4c:d0:b3:ae:53:55:58:40:a0:a1:2b:78:96:29:
fc:04:7b:9f:4a:50:1c:f2:fc:a2:2d:11:48:11:4c:81:2c:f2:
36:42:31:fb:f1:9b:ac:e5:64:01:6a:d6:b2:53:65:8f:db:a7:
68:d2:b5:34:6b:44:e2:bf:d1:51:38:a9:dc:27:b1:e1:25:b0:
e7:7b:40:ba:87:34:5f:c4:9a:70:2f:51:f6:e9:54:ac:5f:d0:
e3:4c:72:4d:d1:5a:87:c8:64:bc:55:56:2c:70:9b:08:a6:e3:
30:ae:c8:e9:14:e7:52:38:b8:b2:ee:7e:cd:e5:87:bb:d4:f4:
ec:e2:8e:7a:bc:22:97:0e:f1:9f:ab:48:e3:60:fb:04:f8:c8:
81:95:70:c9:b3:ea:a8:dd:da:31:30:26:d7:81:23:44:28:6d:
da:f9:93:9e:59:85:91:24:c2:ff:12:ca:64:23:dc:bb:92:2f:
0f:f2:92:d2:08:64:b1:c6:43:1b:f2:83:2c:64:a3:1a:c5:c2:
12:4c:5b:49:37:62:31:0c:8d:48:7c:2e:10:ef:e3:f5:f6:47:
4d:a9:67:3d:1a:49:6e:3e:f9:22:66:3d:27:fe:90:c4:1a:25:
47:69:fe:7f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJ+sNK/51S+PZTDf/FS/D1aDrXHMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMjhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyOTRkZWM3M2E2ZGQ1ZmY3Y2UzMmUzMTRhODUxOWYxZTBhMmU5Y2Q5NGJj
NTc3ZjhkZTNkMDdiYjNmNmFmZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJNJPsRHTp6eLEYZQ4eiT8I3WshuwU0XggH7TOjAKp2EgTK6bdQ7cL/SHH4c
qGu/1UEgImjhVSuFcrnz3PI1akZu7dSD+oAgYyBgowzJzn8j/RPf6gHH+IsyQnch
hnYjhmVw9Lxml+c4QAVw0l+2JpiisDW2p3Rk4U2pelNKCsem7b3shDVma0eXg6rM
F0mecYj8e0kyvcEbDX4FApWZSIaUziJzsKYxDlk5wYcYJUm2ZyPkN1gOLrQwY3oa
ry8WZxKm4vJe9GRLwMv5psODyawnb96aQK7JRIe5CqfvweRd6papKPWIhLXVBLak
5iZNC/vDfQX0TlFHzW/MWcdR4ycCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSvDtuW
tw8mQtQxsYPBP5SGmsdnnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTIzNDRhNzYtZDU4Mi00YmM5LThmY2ItZDI4YTdjZDgzM2YxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DEg
MA0GCSqGSIb3DQEBCwUAA4IBAQCWhxGHEqEUxezNYq3j1hs13DVv6x9nTNCzrlNV
WECgoSt4lin8BHufSlAc8vyiLRFIEUyBLPI2QjH78Zus5WQBatayU2WP26do0rU0
a0Tiv9FROKncJ7HhJbDne0C6hzRfxJpwL1H26VSsX9DjTHJN0VqHyGS8VVYscJsI
puMwrsjpFOdSOLiy7n7N5Ye71PTs4o56vCKXDvGfq0jjYPsE+MiBlXDJs+qo3dox
MCbXgSNEKG3a+ZOeWYWRJML/EspkI9y7ki8P8pLSCGSxxkMb8oMsZKMaxcISTFtJ
N2IxDI1IfC4Q7+P19kdNqWc9GkluPvkiZj0n/pDEGiVHaf5/
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:05 2026 by rpki-client