Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
File: 94b69c02-a117-42df-89a0-b463fa809f2d.roa (raw, json)
Hash identifier: Hzcrh47ntFqG+2E1q4QEwgmDYMkN64oqunzdYhSpUz0=
Subject key identifier: 51:8A:13:92:D1:DF:AA:27:C0:05:E0:9E:65:8B:6E:90:14:CC:FB:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D9CECF7CDB60CAF9CDCB9B49EE3FBE425917D16
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
Signing time: Sat 28 Feb 2026 06:10:59 +0000
ROA not before: Sat 28 Feb 2026 06:10:59 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:9c:ec:f7:cd:b6:0c:af:9c:dc:b9:b4:9e:e3:fb:e4:25:91:7d:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:59 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=16066d07f44042b188daad7fa1fad1bd1afda920cc82e3127ecd7b3a71e4ef85, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:22:e3:99:4b:34:58:38:26:14:f9:ab:fb:a7:
63:ff:c0:d2:5d:2c:da:92:30:3b:31:56:26:e8:d2:
e6:fc:eb:6e:87:67:cf:2f:28:54:66:64:29:32:b9:
94:06:a9:3e:b6:8b:89:72:c0:8a:c1:fb:b7:ea:1b:
04:55:8a:81:b7:05:43:d1:cf:f4:c4:b8:f7:22:8d:
1d:03:ad:e3:7d:44:7a:56:3a:ab:38:34:42:da:06:
3d:92:2c:76:17:f8:64:3a:b5:64:93:9d:89:6a:c0:
e6:1f:af:1f:14:77:dd:b3:42:a8:48:90:85:c1:a8:
04:67:f7:ab:9f:bc:6d:61:3a:3c:65:5f:10:0b:17:
70:8c:b3:2f:f6:d1:ec:26:95:80:da:e5:35:49:7d:
30:62:02:85:b7:e0:8e:db:db:bf:63:85:3a:2c:0a:
b9:a9:64:22:cb:22:c3:84:8e:dd:e9:86:b8:11:4b:
cf:c0:7b:1c:1b:95:95:bc:56:82:12:3a:83:a1:02:
d4:f9:d0:97:b0:5d:e3:d4:9a:17:ed:bf:8a:01:d2:
92:2e:03:35:fd:75:9f:85:7c:9e:31:b6:c7:ed:45:
4f:ae:e8:60:21:c7:64:95:49:f5:f5:69:18:42:6c:
50:4d:94:5b:87:50:5b:a9:3b:94:4b:83:8c:09:74:
da:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:8A:13:92:D1:DF:AA:27:C0:05:E0:9E:65:8B:6E:90:14:CC:FB:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:2000::/40
Signature Algorithm: sha256WithRSAEncryption
65:86:23:ab:0c:ed:df:79:35:d5:cb:46:67:7d:06:fc:94:ef:
af:ee:c2:c7:95:a5:7f:54:3c:a1:a4:83:7b:14:08:ba:74:d3:
e3:74:0b:05:e4:96:18:60:5f:a3:72:2c:bc:b1:e7:0d:51:07:
aa:a8:6c:49:84:73:a9:ce:ff:ee:9d:c6:27:de:16:31:5e:21:
57:44:1d:52:8f:5b:d2:f5:bd:d1:2d:bd:21:9a:ff:18:5b:d6:
e3:c8:55:82:f6:3a:bb:f9:70:26:2d:2f:dd:a4:02:82:33:ec:
b0:ac:c7:66:8c:c1:8d:65:95:3c:c6:4f:4f:a9:fb:23:c4:68:
d6:a4:41:2b:e9:be:08:5e:58:01:87:b4:1f:dd:da:5b:61:90:
6f:ac:2e:26:e1:5b:41:07:9b:1a:54:f8:0c:e5:87:4b:a5:5d:
ed:c3:c8:bd:22:30:9c:c7:e3:cf:e1:57:2d:65:b5:86:55:80:
35:65:63:bf:d7:7c:99:7b:dc:02:55:ea:fb:1d:e0:56:d5:26:
16:81:2c:2a:7c:a1:ba:c4:f2:cd:37:31:fe:fd:c3:27:07:40:
ec:91:dc:ad:2e:4f:d6:16:a2:71:75:85:e3:65:df:aa:18:ad:
d8:13:a0:d4:bf:b5:bd:2d:85:6b:fc:3d:e7:1a:0c:e6:e7:5c:
20:14:4d:c7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfZzs9822DK+c3Lm0nuP75CWRfRYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwNTlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MDY2ZDA3ZjQ0MDQyYjE4OGRhYWQ3ZmExZmFkMWJkMWFmZGE5MjBjYzgy
ZTMxMjdlY2Q3YjNhNzFlNGVmODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsi45lLNFg4JhT5q/unY//A0l0s2pIwOzFWJujS5vzrbodnzy8oVGZkKTK5
lAapPraLiXLAisH7t+obBFWKgbcFQ9HP9MS49yKNHQOt431EelY6qzg0QtoGPZIs
dhf4ZDq1ZJOdiWrA5h+vHxR33bNCqEiQhcGoBGf3q5+8bWE6PGVfEAsXcIyzL/bR
7CaVgNrlNUl9MGIChbfgjtvbv2OFOiwKualkIssiw4SO3emGuBFLz8B7HBuVlbxW
ghI6g6EC1PnQl7Bd49SaF+2/igHSki4DNf11n4V8njG2x+1FT67oYCHHZJVJ9fVp
GEJsUE2UW4dQW6k7lEuDjAl02osCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRihOS
0d+qJ8AF4J5li26QFMz7nTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRiNjljMDItYTExNy00MmRmLTg5YTAtYjQ2M2ZhODA5ZjJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYg
MA0GCSqGSIb3DQEBCwUAA4IBAQBlhiOrDO3feTXVy0ZnfQb8lO+v7sLHlaV/VDyh
pIN7FAi6dNPjdAsF5JYYYF+jciy8secNUQeqqGxJhHOpzv/uncYn3hYxXiFXRB1S
j1vS9b3RLb0hmv8YW9bjyFWC9jq7+XAmLS/dpAKCM+ywrMdmjMGNZZU8xk9Pqfsj
xGjWpEEr6b4IXlgBh7Qf3dpbYZBvrC4m4VtBB5saVPgM5YdLpV3tw8i9IjCcx+PP
4VctZbWGVYA1ZWO/13yZe9wCVer7HeBW1SYWgSwqfKG6xPLNNzH+/cMnB0Dskdyt
Lk/WFqJxdYXjZd+qGK3YE6DUv7W9LYVr/D3nGgzm51wgFE3H
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:34:42 2026 by rpki-client