Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93c73d28-6ada-4f65-bb8d-8fbee434c001.roa
File: 93c73d28-6ada-4f65-bb8d-8fbee434c001.roa (raw, json)
Hash identifier: c91heQXl6xU16OFk6OLoHvt5G9QqEEq/r6MjhXQsnAc=
Subject key identifier: 41:E7:B7:ED:E5:B6:82:F7:EA:6B:E2:2F:4C:B8:26:7A:2D:C9:A1:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D8A8062F18F27C0E5BE25A12026C26B553181B1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93c73d28-6ada-4f65-bb8d-8fbee434c001.roa
Signing time: Sat 28 Feb 2026 05:50:10 +0000
ROA not before: Sat 28 Feb 2026 05:50:10 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:8a:80:62:f1:8f:27:c0:e5:be:25:a1:20:26:c2:6b:55:31:81:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:10 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=e59dac6a84338896047f8fa2ddfc547c440486fe54c348a3f21d406fd335c788, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4b:a0:3c:ca:cc:82:23:23:22:bf:ad:9f:50:
f0:16:8b:bc:4e:f8:cc:66:3d:fd:e5:e0:78:6d:ba:
2d:ba:bc:3f:de:10:9c:fe:80:5f:8d:40:2f:57:05:
16:dc:51:7b:0d:8b:87:9c:2f:9c:cc:b5:16:14:be:
31:e0:a0:7c:58:89:54:59:74:40:26:ff:ef:1c:a1:
b1:bf:14:53:a0:6e:be:3b:c7:ba:29:71:4c:b5:4c:
bf:67:b5:27:ce:fe:2e:2e:f1:30:29:d4:9c:c3:55:
63:84:cb:2b:ac:32:1b:bd:b5:b5:40:74:60:c6:60:
23:c5:2d:b1:5a:14:a6:87:51:45:08:f0:e8:7b:f1:
a8:80:50:30:15:2e:c0:fd:89:a6:92:7d:01:9c:c6:
8d:18:c7:f5:5a:1f:59:c9:c0:5a:60:95:5c:83:89:
a7:d4:ca:27:82:04:a5:0b:4d:5d:89:66:6f:b5:51:
0c:ee:8f:f2:ad:71:7c:20:5d:10:25:d1:02:75:61:
c4:8e:a0:fc:5f:a2:83:04:01:ec:f8:cc:2b:ff:46:
4f:55:8e:39:17:73:f2:bc:ed:36:ee:19:01:e5:27:
75:0c:60:98:71:34:9f:50:06:81:43:b1:a9:4b:b5:
1b:6d:73:48:55:60:d5:dd:10:49:34:52:d0:40:a1:
36:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E7:B7:ED:E5:B6:82:F7:EA:6B:E2:2F:4C:B8:26:7A:2D:C9:A1:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93c73d28-6ada-4f65-bb8d-8fbee434c001.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:400::/38
Signature Algorithm: sha256WithRSAEncryption
13:2c:d7:ca:fc:d8:b0:fa:cf:3e:86:58:ec:95:c4:fd:db:13:
40:f3:85:d5:62:c2:61:43:ff:05:9e:2e:7c:a4:a7:af:76:c8:
03:91:33:ee:e3:24:0c:6a:e5:23:7c:7f:9b:3e:c8:ec:e0:48:
81:bc:ae:d5:2e:a3:af:05:64:8d:34:2c:63:3d:cd:fc:20:7e:
35:af:07:6a:90:fb:97:65:56:5a:15:90:1c:4f:2b:c6:f9:70:
8e:e2:b2:a4:ed:a1:a2:5b:3f:da:f6:a3:d5:ea:e9:80:57:7c:
07:cf:80:f8:c2:d5:7c:6b:71:e6:65:83:b6:65:e8:fc:2a:c8:
ab:a1:3f:54:12:e1:e9:a7:9a:24:7e:e2:8d:43:fd:75:74:76:
13:f0:27:7a:70:c1:6a:9f:e3:59:91:7f:fe:18:3c:51:59:b3:
76:9e:8a:8e:41:4d:f1:93:d4:45:03:5c:98:79:29:25:71:ea:
74:4d:e6:b6:bf:35:a8:37:ed:d5:04:fd:8d:4c:db:32:5a:fc:
c6:b3:b3:c1:60:56:b0:8a:e5:b5:93:49:c3:34:cc:cd:4e:71:
04:59:be:76:ce:41:eb:3d:da:ab:c2:fb:64:61:fc:5a:a4:18:
bc:0e:09:47:b5:6b:45:5e:d4:e5:30:13:37:85:6f:f1:aa:d4:
a7:2a:ec:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfYqAYvGPJ8DlviWhICbCa1UxgbEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwMTBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1OWRhYzZhODQzMzg4OTYwNDdmOGZhMmRkZmM1NDdjNDQwNDg2ZmU1NGMz
NDhhM2YyMWQ0MDZmZDMzNWM3ODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9LoDzKzIIjIyK/rZ9Q8BaLvE74zGY9/eXgeG26Lbq8P94QnP6AX41AL1cF
FtxRew2Lh5wvnMy1FhS+MeCgfFiJVFl0QCb/7xyhsb8UU6BuvjvHuilxTLVMv2e1
J87+Li7xMCnUnMNVY4TLK6wyG721tUB0YMZgI8UtsVoUpodRRQjw6HvxqIBQMBUu
wP2JppJ9AZzGjRjH9VofWcnAWmCVXIOJp9TKJ4IEpQtNXYlmb7VRDO6P8q1xfCBd
ECXRAnVhxI6g/F+igwQB7PjMK/9GT1WOORdz8rztNu4ZAeUndQxgmHE0n1AGgUOx
qUu1G21zSFVg1d0QSTRS0EChNnMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRB57ft
5baC9+pr4i9MuCZ6Lcmh4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTNjNzNkMjgtNmFkYS00ZjY1LWJiOGQtOGZiZWU0MzRjMDAxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUE
MA0GCSqGSIb3DQEBCwUAA4IBAQATLNfK/Niw+s8+hljslcT92xNA84XVYsJhQ/8F
ni58pKevdsgDkTPu4yQMauUjfH+bPsjs4EiBvK7VLqOvBWSNNCxjPc38IH41rwdq
kPuXZVZaFZAcTyvG+XCO4rKk7aGiWz/a9qPV6umAV3wHz4D4wtV8a3HmZYO2Zej8
KsiroT9UEuHpp5okfuKNQ/11dHYT8Cd6cMFqn+NZkX/+GDxRWbN2noqOQU3xk9RF
A1yYeSklcep0Tea2vzWoN+3VBP2NTNsyWvzGs7PBYFawiuW1k0nDNMzNTnEEWb52
zkHrPdqrwvtkYfxapBi8DglHtWtFXtTlMBM3hW/xqtSnKuw1
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:57 2026 by rpki-client