Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
File: 93932fd5-a431-4690-94d6-ed2f97f585c1.roa (raw, json)
Hash identifier: QiKu6av4YiWaro2hGttfp5jHPYHfMihzH95oMfiYZrU=
Subject key identifier: 14:9F:D5:FE:66:9A:B5:41:1E:79:F9:61:D0:01:D1:F5:97:68:71:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D05F0C11EDDED7766284CEAF006983464CD93F2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
Signing time: Sat 28 Feb 2026 05:10:06 +0000
ROA not before: Sat 28 Feb 2026 05:10:06 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:05:f0:c1:1e:dd:ed:77:66:28:4c:ea:f0:06:98:34:64:cd:93:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:06 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=5b86d4b670619a64377104d97e289dfbc83a9006b6440e16a7c81066317ed5c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:80:29:e0:ed:76:48:cc:f8:15:71:c1:3a:45:
4d:6f:0f:c4:10:fa:5e:a2:17:c7:81:a9:8b:12:a7:
86:19:34:8f:42:36:43:7e:42:7e:09:6d:63:f1:ac:
73:54:7c:06:4b:7b:f0:21:df:ce:4b:28:c3:91:da:
67:7b:35:e7:f2:de:7f:a5:98:b6:65:c3:da:82:d8:
cd:3f:03:75:56:1b:54:a5:dc:55:69:e7:b3:a9:6a:
6f:39:5c:02:d1:4a:16:ec:bd:47:65:e7:75:22:9a:
10:4c:17:cc:0c:4d:1f:15:c3:63:c9:05:66:b8:74:
08:54:51:a2:47:29:f2:7b:de:41:05:61:bd:f0:17:
e4:a8:31:24:55:61:b9:23:5d:0c:16:d5:c3:62:1e:
d6:c8:1d:6b:ee:db:55:a9:5f:80:6c:91:00:61:bc:
12:b1:42:fb:68:38:96:00:c0:de:71:d8:0e:f5:74:
89:96:20:59:32:cb:83:2b:c1:3a:20:b5:e3:14:e7:
86:b7:ee:3e:60:00:09:6a:5b:7b:1e:e2:c6:3a:fb:
34:8c:3b:ad:b1:22:c7:70:72:0f:6f:98:3c:21:79:
9a:31:60:16:d8:ea:05:2e:f7:07:20:a8:32:38:74:
10:cd:19:21:25:38:d7:51:54:d1:3b:5d:cf:c4:a0:
f0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:9F:D5:FE:66:9A:B5:41:1E:79:F9:61:D0:01:D1:F5:97:68:71:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:800::/38
Signature Algorithm: sha256WithRSAEncryption
b6:a5:6d:25:e9:3e:1f:f8:90:bb:64:4d:ae:80:5b:cb:d5:06:
75:d7:c2:b2:77:73:4d:1e:8b:ec:db:9d:d4:79:38:e7:05:00:
1b:9d:53:33:b9:d9:1e:f8:be:57:83:b0:15:45:5a:e0:60:74:
f9:d8:1c:7a:a1:7e:41:c9:3c:de:c3:4e:cf:b3:dd:97:31:c1:
b0:10:1b:b7:30:fd:31:5b:34:1b:30:46:aa:69:58:b0:1a:65:
65:b9:5c:b0:64:6a:1f:b4:c7:f6:08:e5:7e:57:0c:41:07:67:
fa:69:fe:7d:e0:5b:8f:47:b4:58:ed:f8:0b:81:49:09:c6:d4:
6f:76:94:59:e9:d4:a4:fd:fb:da:80:89:18:96:f1:35:35:17:
bb:f3:28:74:59:dd:50:e1:72:3f:ab:06:54:bd:5c:5b:88:0c:
67:59:50:e2:94:da:16:4c:44:49:13:46:57:7c:03:c9:af:67:
e3:c0:6b:14:24:39:5d:21:95:cb:c8:fb:c4:37:81:14:ae:2a:
02:28:ba:b4:fb:df:cc:44:24:8a:da:05:07:02:40:46:94:87:
61:bb:8e:4d:c5:58:11:29:0b:53:f8:f1:31:75:30:84:82:fe:
78:09:9d:47:4d:50:4d:d1:f5:9f:81:13:fe:0f:f4:f3:1e:47:
4a:e8:a0:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTQXwwR7d7XdmKEzq8AaYNGTNk/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDViODZkNGI2NzA2MTlhNjQzNzcxMDRkOTdlMjg5ZGZiYzgzYTkwMDZiNjQ0
MGUxNmE3YzgxMDY2MzE3ZWQ1YzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGAKeDtdkjM+BVxwTpFTW8PxBD6XqIXx4GpixKnhhk0j0I2Q35CfgltY/Gs
c1R8Bkt78CHfzksow5HaZ3s15/Lef6WYtmXD2oLYzT8DdVYbVKXcVWnns6lqbzlc
AtFKFuy9R2XndSKaEEwXzAxNHxXDY8kFZrh0CFRRokcp8nveQQVhvfAX5KgxJFVh
uSNdDBbVw2Ie1sgda+7bValfgGyRAGG8ErFC+2g4lgDA3nHYDvV0iZYgWTLLgyvB
OiC14xTnhrfuPmAACWpbex7ixjr7NIw7rbEix3ByD2+YPCF5mjFgFtjqBS73ByCo
Mjh0EM0ZISU411FU0Ttdz8Sg8HcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQUn9X+
Zpq1QR55+WHQAdH1l2hxHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM5MzJmZDUtYTQzMS00NjkwLTk0ZDYtZWQyZjk3ZjU4NWMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BII
MA0GCSqGSIb3DQEBCwUAA4IBAQC2pW0l6T4f+JC7ZE2ugFvL1QZ118Kyd3NNHovs
253UeTjnBQAbnVMzudke+L5Xg7AVRVrgYHT52Bx6oX5ByTzew07Ps92XMcGwEBu3
MP0xWzQbMEaqaViwGmVluVywZGoftMf2COV+VwxBB2f6af594FuPR7RY7fgLgUkJ
xtRvdpRZ6dSk/fvagIkYlvE1NRe78yh0Wd1Q4XI/qwZUvVxbiAxnWVDilNoWTERJ
E0ZXfAPJr2fjwGsUJDldIZXLyPvEN4EUrioCKLq0+9/MRCSK2gUHAkBGlIdhu45N
xVgRKQtT+PExdTCEgv54CZ1HTVBN0fWfgRP+D/TzHkdK6KBT
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:44 2026 by rpki-client