Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
File: 94d1ece6-a642-4297-8fb7-d7003b36fe75.roa (raw, json)
Hash identifier: SW5cEikSF2NCku1GlbV/n/JjQAvKHf0L0/8ysWDy0BM=
Subject key identifier: 8E:81:FB:00:8B:04:EE:F6:72:56:04:A1:76:D1:50:C0:2B:A4:52:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12233E5195F014B2BB1D2AE16BDDF0266CB290A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
Signing time: Sat 28 Feb 2026 06:10:48 +0000
ROA not before: Sat 28 Feb 2026 06:10:48 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:23:3e:51:95:f0:14:b2:bb:1d:2a:e1:6b:dd:f0:26:6c:b2:90:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:48 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=01ad2f4a40381f6a13fcda255fa689050f6dbf4c6e61ae4a487725b7807383cb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:70:d1:50:0c:3e:d0:cf:6e:b3:81:73:24:89:
a9:5a:32:4d:c5:2f:a2:ec:78:bc:87:11:e0:02:cc:
36:a1:f9:0f:aa:8a:d4:74:ec:35:99:45:2c:d9:dc:
00:e0:25:62:8d:67:6e:02:01:e3:4e:b7:bd:9b:4a:
8e:5a:e1:55:a2:7c:1a:6f:d7:25:8f:00:70:81:4c:
34:cb:3e:d9:d7:58:4e:57:22:ef:55:5e:a0:f4:a7:
78:1c:60:88:0a:4e:b7:02:3d:76:c4:fa:e1:b6:06:
c2:af:9c:4c:a4:6a:b0:6c:8b:e3:3c:50:99:1b:66:
b2:0d:86:e2:06:da:00:54:c5:7d:72:78:23:6d:0f:
30:11:66:c6:29:df:1c:0d:fe:f0:c0:89:f3:05:81:
7c:b8:d4:88:22:47:9c:18:da:21:2b:3d:e3:a5:a3:
ae:ff:35:fb:45:bc:3e:e9:21:90:28:2e:55:c8:c3:
46:2f:05:cf:a3:56:f4:7e:42:a9:6f:96:63:59:fe:
7d:9b:60:b7:4a:a3:2c:ea:4b:78:99:65:ca:51:2a:
00:94:2e:84:62:ef:dd:10:57:47:1f:f8:99:1f:85:
30:e8:3e:ac:0b:a6:9f:54:70:8c:77:2f:00:cd:0c:
98:f0:80:03:3f:c9:4f:cd:f5:05:83:4e:26:f8:57:
25:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:81:FB:00:8B:04:EE:F6:72:56:04:A1:76:D1:50:C0:2B:A4:52:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:800::/38
Signature Algorithm: sha256WithRSAEncryption
6e:1a:47:72:ea:4b:87:3d:19:ad:7b:88:83:b9:06:27:6d:e8:
fd:5f:8f:5c:51:f3:96:76:62:15:ad:4d:33:fc:4c:f6:e6:b3:
6a:bf:8e:b1:68:a9:7b:40:98:44:50:62:d4:c6:44:4d:58:93:
29:ec:96:44:08:2f:3c:fc:07:06:6c:ea:d9:c3:e4:8c:09:1a:
eb:4e:3f:ef:cf:d5:32:ee:45:e8:60:1b:6b:4b:42:bf:b6:70:
7a:5e:af:b6:dc:e0:50:56:d0:87:32:39:d3:65:7d:e7:db:64:
c2:3a:2d:b0:9d:98:2c:a4:87:69:19:a7:df:b8:32:6b:01:64:
1b:bb:69:5d:b8:25:ed:84:80:1f:6d:91:c2:5f:51:84:26:ce:
f0:73:c2:c1:a6:a6:7d:36:b7:33:1a:9e:b0:48:be:45:73:a4:
33:d0:c4:88:fc:5e:8d:8d:24:0a:ab:e3:b3:e5:81:a5:72:0b:
4c:a6:93:c2:8a:aa:93:0d:33:38:8f:4d:d9:b1:1d:5b:ac:f1:
3c:c9:77:02:20:bd:a3:94:69:16:82:70:06:35:99:4a:9a:94:
00:e1:84:38:52:bd:04:91:72:a5:d0:e8:4b:2a:87:29:ea:84:
8c:e1:a4:ed:2a:82:87:fc:3e:9c:0e:b1:53:57:78:be:21:c9:
54:c2:5c:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEiM+UZXwFLK7HSrha93wJmyykKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwNDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxYWQyZjRhNDAzODFmNmExM2ZjZGEyNTVmYTY4OTA1MGY2ZGJmNGM2ZTYx
YWU0YTQ4NzcyNWI3ODA3MzgzY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBw0VAMPtDPbrOBcySJqVoyTcUvoux4vIcR4ALMNqH5D6qK1HTsNZlFLNnc
AOAlYo1nbgIB4063vZtKjlrhVaJ8Gm/XJY8AcIFMNMs+2ddYTlci71VeoPSneBxg
iApOtwI9dsT64bYGwq+cTKRqsGyL4zxQmRtmsg2G4gbaAFTFfXJ4I20PMBFmxinf
HA3+8MCJ8wWBfLjUiCJHnBjaISs946Wjrv81+0W8PukhkCguVcjDRi8Fz6NW9H5C
qW+WY1n+fZtgt0qjLOpLeJllylEqAJQuhGLv3RBXRx/4mR+FMOg+rAumn1RwjHcv
AM0MmPCAAz/JT831BYNOJvhXJWsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSOgfsA
iwTu9nJWBKF20VDAK6RSZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRkMWVjZTYtYTY0Mi00Mjk3LThmYjctZDcwMDNiMzZmZTc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgI
MA0GCSqGSIb3DQEBCwUAA4IBAQBuGkdy6kuHPRmte4iDuQYnbej9X49cUfOWdmIV
rU0z/Ez25rNqv46xaKl7QJhEUGLUxkRNWJMp7JZECC88/AcGbOrZw+SMCRrrTj/v
z9Uy7kXoYBtrS0K/tnB6Xq+23OBQVtCHMjnTZX3n22TCOi2wnZgspIdpGaffuDJr
AWQbu2lduCXthIAfbZHCX1GEJs7wc8LBpqZ9NrczGp6wSL5Fc6Qz0MSI/F6NjSQK
q+Oz5YGlcgtMppPCiqqTDTM4j03ZsR1brPE8yXcCIL2jlGkWgnAGNZlKmpQA4YQ4
Ur0EkXKl0OhLKocp6oSM4aTtKoKH/D6cDrFTV3i+IclUwlw1
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:08 2026 by rpki-client