Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa
File: 93549c76-d7f3-48f4-9e55-b485fec00b13.roa (raw, json)
Hash identifier: NJl62vl9NsqdFdcrU6a2xWGfEKygmCrJ6uKMys+QKLY=
Subject key identifier: 03:08:29:4E:CE:71:B1:FC:D0:E2:08:6A:FD:28:54:E2:8D:6C:34:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 621FFDEDD2A6B015DDE34CB231C8544B94FF5ACB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa
Signing time: Tue 24 Feb 2026 04:10:41 +0000
ROA not before: Tue 24 Feb 2026 04:10:41 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:1f:fd:ed:d2:a6:b0:15:dd:e3:4c:b2:31:c8:54:4b:94:ff:5a:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 04:10:41 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=9760a2510af961e45512bc16f80898a10d9feda41eceacdfc70d1abf320aecd2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c8:c0:8d:82:b7:03:a7:c4:12:93:6e:85:36:
89:a4:e9:01:ae:ed:32:b5:65:9f:35:62:73:6b:99:
dd:c9:4f:2f:76:fd:b7:c0:2b:c2:64:fe:1f:86:41:
b8:26:c2:49:b8:eb:2a:99:61:00:20:9f:8f:97:4d:
cc:a1:c4:0b:69:7a:d7:63:7c:6e:10:77:0e:d1:8b:
2d:9d:78:ec:8c:fc:fe:70:96:c4:29:2b:1b:8b:44:
8f:60:05:15:df:4e:00:57:4a:09:5c:94:d9:e8:a4:
e5:ed:f5:3a:2c:0a:c0:77:9f:cb:0e:d6:cf:1c:16:
01:94:71:b9:14:ad:69:6f:89:a3:db:f9:6b:60:f3:
93:af:0b:e4:7a:c8:8a:1c:1a:2e:5e:4b:4a:56:f0:
9a:14:14:25:26:cf:7e:a6:bc:3e:67:a8:01:70:10:
6e:a2:b2:32:27:17:60:e6:42:3e:00:cd:c9:4e:4f:
59:7a:02:ff:96:e7:c5:25:4a:a7:32:2e:7d:d5:d0:
69:cf:c1:20:e5:99:6f:96:ab:f2:e5:91:d0:4d:78:
40:6b:92:eb:4e:9d:f1:a6:53:8e:8d:41:d2:b7:3a:
15:45:57:b1:d5:a5:88:71:1f:b1:10:e5:4c:b2:c0:
b8:c4:e4:fe:0f:8a:39:41:ac:95:d3:72:85:8c:6b:
3d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:08:29:4E:CE:71:B1:FC:D0:E2:08:6A:FD:28:54:E2:8D:6C:34:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:a000::/40
Signature Algorithm: sha256WithRSAEncryption
34:99:cd:30:19:e4:f4:5f:4b:34:07:79:f5:16:72:41:62:e5:
55:e2:1a:ce:87:34:2b:ab:8a:45:b1:39:a3:15:50:a1:11:29:
4d:ee:cd:9c:ba:5f:d7:f6:d1:5a:18:b3:69:e2:04:30:75:f1:
60:95:86:7d:f6:8c:dd:07:24:18:07:d0:50:e1:91:02:bf:ed:
61:d9:f2:3a:ee:fa:86:d9:9c:24:ff:97:fe:56:53:47:c4:47:
42:62:be:3d:42:3e:48:91:86:67:4e:1a:c0:6b:3e:57:f9:d8:
26:d4:9f:08:08:03:ba:75:0a:35:d6:00:3e:15:ac:79:ac:6c:
bb:fa:d8:7c:c1:fe:2b:ff:4e:5b:90:54:35:ee:cb:2a:e8:a7:
09:1c:d8:10:17:01:3e:df:1e:3b:87:f7:e8:3f:46:ce:f8:9a:
5e:2d:4b:a4:8d:6c:3c:a7:3b:b4:c2:ee:05:7f:91:fb:f8:b9:
fd:80:0c:92:e9:76:ea:d0:51:8e:e9:8a:66:95:66:c4:cb:f9:
58:f0:b2:d3:a8:9a:ff:5d:f1:e3:c2:75:b3:42:6f:05:d8:ab:
f3:c2:b4:62:2b:df:46:c1:2b:c8:c7:43:77:48:16:74:de:5e:
9a:21:a2:73:83:37:4b:30:2d:97:9d:bb:41:38:aa:bd:35:05:
16:82:3e:c2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYh/97dKmsBXd40yyMchUS5T/WsswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwNDEwNDFaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3NjBhMjUxMGFmOTYxZTQ1NTEyYmMxNmY4MDg5OGExMGQ5ZmVkYTQxZWNl
YWNkZmM3MGQxYWJmMzIwYWVjZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvIwI2CtwOnxBKTboU2iaTpAa7tMrVlnzVic2uZ3clPL3b9t8ArwmT+H4ZB
uCbCSbjrKplhACCfj5dNzKHEC2l612N8bhB3DtGLLZ147Iz8/nCWxCkrG4tEj2AF
Fd9OAFdKCVyU2eik5e31OiwKwHefyw7WzxwWAZRxuRStaW+Jo9v5a2Dzk68L5HrI
ihwaLl5LSlbwmhQUJSbPfqa8PmeoAXAQbqKyMicXYOZCPgDNyU5PWXoC/5bnxSVK
pzIufdXQac/BIOWZb5ar8uWR0E14QGuS606d8aZTjo1B0rc6FUVXsdWliHEfsRDl
TLLAuMTk/g+KOUGsldNyhYxrPeUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDCClO
znGx/NDiCGr9KFTijWw0YjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM1NDljNzYtZDdmMy00OGY0LTllNTUtYjQ4NWZlYzAwYjEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hug
MA0GCSqGSIb3DQEBCwUAA4IBAQA0mc0wGeT0X0s0B3n1FnJBYuVV4hrOhzQrq4pF
sTmjFVChESlN7s2cul/X9tFaGLNp4gQwdfFglYZ99ozdByQYB9BQ4ZECv+1h2fI6
7vqG2Zwk/5f+VlNHxEdCYr49Qj5IkYZnThrAaz5X+dgm1J8ICAO6dQo11gA+Fax5
rGy7+th8wf4r/05bkFQ17ssq6KcJHNgQFwE+3x47h/foP0bO+JpeLUukjWw8pzu0
wu4Ff5H7+Ln9gAyS6Xbq0FGO6YpmlWbEy/lY8LLTqJr/XfHjwnWzQm8F2KvzwrRi
K99GwSvIx0N3SBZ03l6aIaJzgzdLMC2XnbtBOKq9NQUWgj7C
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:43:39 2026 by rpki-client