Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94da73c8-c1bb-4329-a141-1dcbab6b0213.roa
File: 94da73c8-c1bb-4329-a141-1dcbab6b0213.roa (raw, json)
Hash identifier: oiAC6SaZQi1U8lToUnj1ZoILR/wcuEFn4Ix990Rc3lE=
Subject key identifier: 03:42:1B:9E:45:27:E8:EF:A8:65:BB:C5:86:3B:DE:B4:86:EE:6B:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 243370CE701E26D17EEA1C6C9F820FB17B1AC0FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94da73c8-c1bb-4329-a141-1dcbab6b0213.roa
Signing time: Fri 13 Feb 2026 15:20:46 +0000
ROA not before: Fri 13 Feb 2026 15:20:46 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:33:70:ce:70:1e:26:d1:7e:ea:1c:6c:9f:82:0f:b1:7b:1a:c0:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:46 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=1e11c7894d1d5b2894e1ac9cca07e90b411f3360b067f49d9a3bfc69ea5db011, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:04:18:58:5f:dc:02:2c:75:df:8c:ae:b0:14:
6f:54:15:7f:17:21:68:cd:1e:1b:9e:a2:3b:02:5b:
3f:01:31:d4:1e:e6:1e:0e:b6:c1:b7:3d:aa:89:0f:
76:5a:48:97:7c:2f:e2:13:29:2b:a5:c8:f3:18:84:
9a:b2:cc:b3:4c:ad:b9:8a:97:71:41:e9:59:1e:ed:
4d:b2:c7:9e:cf:07:50:30:f6:3a:aa:d4:56:92:91:
ea:49:8f:dc:8e:54:64:77:45:93:f0:ea:1d:c7:38:
66:48:a4:17:6f:bc:b0:1c:06:33:31:fd:30:59:9c:
22:fd:c3:8a:6c:9a:04:5c:c0:84:a4:65:f8:e1:ee:
c1:1f:1f:e3:19:c8:15:f2:ff:cb:9b:07:4c:54:9a:
72:9a:42:88:ec:18:34:c2:b2:27:58:a0:ce:9a:eb:
db:1c:bf:56:49:42:ab:03:57:a5:88:fc:9e:2f:f9:
00:7f:f6:0f:3c:b5:c6:19:f0:4e:09:ac:a9:9a:49:
c3:e9:e7:99:70:e6:4b:49:0e:f2:63:c7:ed:29:f2:
36:96:84:78:05:d2:f0:0d:fe:f8:5f:f6:38:74:6a:
17:8f:44:65:14:9c:f9:3f:46:dc:b9:6f:4c:cd:6f:
5b:45:45:05:09:55:14:85:c9:66:92:cc:38:9e:be:
81:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:42:1B:9E:45:27:E8:EF:A8:65:BB:C5:86:3B:DE:B4:86:EE:6B:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94da73c8-c1bb-4329-a141-1dcbab6b0213.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4020::/48
Signature Algorithm: sha256WithRSAEncryption
03:de:c1:5b:18:50:8d:64:fe:49:cf:f2:70:3b:a8:bb:52:e5:
25:91:00:2a:d0:48:be:e3:2b:f1:e3:5f:14:8c:11:09:ed:92:
57:8b:d9:28:a6:65:a8:d7:b6:24:f8:09:f3:5d:25:bb:ec:e9:
b9:08:da:3d:d0:b3:6d:10:c4:11:c0:a6:83:d4:57:cf:eb:73:
40:56:5c:e2:7b:8a:7e:5f:5f:32:65:47:1c:7d:ae:e9:a0:5d:
f3:98:91:08:cd:fc:3d:40:2d:21:41:84:98:01:48:c5:05:60:
44:ba:f8:7f:b5:ee:eb:55:09:b9:eb:5e:0c:e2:77:fd:70:6f:
96:ea:a0:97:fa:ac:e9:0b:12:a8:91:13:4b:74:95:dd:e2:ff:
9d:24:f5:2a:94:b2:0b:51:14:d3:5b:c3:43:03:5f:24:04:6f:
18:2c:a8:35:ef:70:c6:4b:da:71:f0:91:c2:e0:d2:86:0e:5e:
58:7e:b9:73:c0:be:54:f0:ca:41:a1:7d:d1:9b:fb:04:4c:20:
d6:d6:ad:0e:01:07:b2:b6:bd:b0:b1:fe:e7:a2:31:d5:29:95:
84:87:e1:4e:74:8b:9b:c2:88:d1:b1:c6:cd:cb:78:31:fa:2e:
b5:41:bd:ee:7c:9f:8f:ce:3f:f4:ad:fd:2e:ef:ec:37:8e:5e:
f2:42:68:14
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJDNwznAeJtF+6hxsn4IPsXsawP4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwNDZaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlMTFjNzg5NGQxZDViMjg5NGUxYWM5Y2NhMDdlOTBiNDExZjMzNjBiMDY3
ZjQ5ZDlhM2JmYzY5ZWE1ZGIwMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEEGFhf3AIsdd+MrrAUb1QVfxchaM0eG56iOwJbPwEx1B7mHg62wbc9qokP
dlpIl3wv4hMpK6XI8xiEmrLMs0ytuYqXcUHpWR7tTbLHns8HUDD2OqrUVpKR6kmP
3I5UZHdFk/DqHcc4ZkikF2+8sBwGMzH9MFmcIv3DimyaBFzAhKRl+OHuwR8f4xnI
FfL/y5sHTFSacppCiOwYNMKyJ1igzprr2xy/VklCqwNXpYj8ni/5AH/2Dzy1xhnw
TgmsqZpJw+nnmXDmS0kO8mPH7SnyNpaEeAXS8A3++F/2OHRqF49EZRSc+T9G3Llv
TM1vW0VFBQlVFIXJZpLMOJ6+gYcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQDQhue
RSfo76hlu8WGO960hu5rZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRkYTczYzgtYzFiYi00MzI5LWExNDEtMWRjYmFiNmIwMjEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
IDANBgkqhkiG9w0BAQsFAAOCAQEAA97BWxhQjWT+Sc/ycDuou1LlJZEAKtBIvuMr
8eNfFIwRCe2SV4vZKKZlqNe2JPgJ810lu+zpuQjaPdCzbRDEEcCmg9RXz+tzQFZc
4nuKfl9fMmVHHH2u6aBd85iRCM38PUAtIUGEmAFIxQVgRLr4f7Xu61UJueteDOJ3
/XBvluqgl/qs6QsSqJETS3SV3eL/nST1KpSyC1EU01vDQwNfJARvGCyoNe9wxkva
cfCRwuDShg5eWH65c8C+VPDKQaF90Zv7BEwg1tatDgEHsra9sLH+56Ix1SmVhIfh
TnSLm8KI0bHGzct4MfoutUG97nyfj84/9K39Lu/sN45e8kJoFA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:55:44 2026 by rpki-client