Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
File: 96632b04-b91d-4e29-8e82-14fddf17bed9.roa (raw, json)
Hash identifier: ca2qsluo+SEt2AO3bvMvmNOsjwwzaYfZb+IL4d3K8S4=
Subject key identifier: 44:C5:1E:50:DA:D0:34:FE:5F:8B:9E:20:BA:15:FA:01:17:81:37:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FC77F5DA65E81B4EA22CEBC8DD566FA2414FFB3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
Signing time: Sat 28 Feb 2026 06:21:21 +0000
ROA not before: Sat 28 Feb 2026 06:21:21 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:c7:7f:5d:a6:5e:81:b4:ea:22:ce:bc:8d:d5:66:fa:24:14:ff:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:21 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=3f1dabe1254a341d819cff3a296843f866ff0d081ae69ee862cbf980b9fc1c53, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9b:e9:f6:c7:24:c2:7b:42:07:6e:7e:ef:50:
20:45:45:3b:54:87:08:76:eb:db:ae:a1:89:da:8a:
ab:95:aa:bb:1a:a5:ec:78:b3:00:c5:b4:3d:3d:a4:
fb:8b:b0:fc:38:eb:14:81:f6:82:c0:2c:23:28:5b:
2d:44:f5:47:7d:e3:d8:82:c8:e4:90:f2:33:72:d9:
fd:89:c4:c6:bc:8e:2c:8a:7b:e6:62:41:be:a4:f3:
2c:b7:d1:1d:4b:90:ad:6f:90:27:57:82:fc:c3:bb:
a1:a9:74:b7:61:2d:0c:5c:21:80:ab:4d:ea:43:51:
c6:4f:c3:e7:25:01:37:68:3d:43:df:15:7f:7a:43:
34:83:be:aa:69:1f:05:39:c3:76:a6:c0:f8:cf:a4:
2d:0e:5f:5b:09:5b:18:70:9b:73:a9:17:29:6d:74:
c0:18:77:fa:f9:7f:2f:09:f1:7d:1d:40:27:29:3f:
5b:e9:61:f4:80:e6:9b:12:4a:8b:04:e9:e6:fb:cb:
8d:f2:dd:2c:c6:5d:cc:0f:a9:79:f1:d8:cd:a9:0c:
67:76:b6:94:2e:64:44:7f:59:90:64:d7:37:2e:dd:
ab:a6:c4:be:50:36:d6:4b:b2:e1:06:56:b9:2c:aa:
cc:59:9f:f4:a9:26:21:46:e0:25:09:d5:36:49:11:
b9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C5:1E:50:DA:D0:34:FE:5F:8B:9E:20:BA:15:FA:01:17:81:37:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8060::/48
Signature Algorithm: sha256WithRSAEncryption
af:b2:52:00:fc:fa:80:09:4b:62:5a:03:65:e4:7e:f8:76:97:
25:e7:26:e2:f7:d2:01:de:d0:10:02:cd:8a:db:4d:d5:43:f2:
f7:b9:b4:3c:81:eb:37:b9:40:90:d6:bd:de:ca:a9:8c:2c:2e:
f3:90:b2:47:5c:6a:3e:61:a0:2e:39:fe:da:c0:b6:10:ae:b0:
4d:bb:8b:16:2c:8b:4d:6b:3c:bf:a6:d7:ec:ea:ef:0f:fe:b0:
f8:c4:cf:0f:fe:ec:bb:02:23:d0:25:eb:bb:8a:9b:d1:ff:f9:
7a:6b:d2:02:03:21:26:8d:e0:e9:6f:aa:4e:39:ef:a0:21:7a:
23:41:5a:94:f7:a8:40:e9:7d:dd:b8:e2:e9:25:7b:db:3d:ee:
ec:d9:11:43:73:64:7a:f9:d0:bc:24:2f:07:6d:a3:68:6d:2b:
cd:a4:6a:3e:5e:15:30:8c:22:df:71:8b:a5:47:3c:5a:40:94:
3c:91:d0:20:a2:84:39:19:7f:11:10:67:2d:3f:29:78:26:db:
fb:2b:c0:c7:a2:6d:bb:74:5d:6c:a2:01:90:cf:2f:fb:36:fc:
02:3f:6a:46:0f:1d:05:40:15:b3:71:b1:ce:19:c0:d8:6a:12:
35:af:4c:a2:28:a1:5b:a7:5a:39:6a:26:dd:e7:f6:54:fa:01:
ff:aa:e5:9b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUL8d/XaZegbTqIs68jdVm+iQU/7MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMjFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmMWRhYmUxMjU0YTM0MWQ4MTljZmYzYTI5Njg0M2Y4NjZmZjBkMDgxYWU2
OWVlODYyY2JmOTgwYjlmYzFjNTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWb6fbHJMJ7Qgdufu9QIEVFO1SHCHbr266hidqKq5Wquxql7HizAMW0PT2k
+4uw/DjrFIH2gsAsIyhbLUT1R33j2ILI5JDyM3LZ/YnExryOLIp75mJBvqTzLLfR
HUuQrW+QJ1eC/MO7oal0t2EtDFwhgKtN6kNRxk/D5yUBN2g9Q98Vf3pDNIO+qmkf
BTnDdqbA+M+kLQ5fWwlbGHCbc6kXKW10wBh3+vl/LwnxfR1AJyk/W+lh9IDmmxJK
iwTp5vvLjfLdLMZdzA+pefHYzakMZ3a2lC5kRH9ZkGTXNy7dq6bEvlA21kuy4QZW
uSyqzFmf9KkmIUbgJQnVNkkRuTkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRExR5Q
2tA0/l+LniC6FfoBF4E3uDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTY2MzJiMDQtYjkxZC00ZTI5LThlODItMTRmZGRmMTdiZWQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
YDANBgkqhkiG9w0BAQsFAAOCAQEAr7JSAPz6gAlLYloDZeR++HaXJecm4vfSAd7Q
EALNittN1UPy97m0PIHrN7lAkNa93sqpjCwu85CyR1xqPmGgLjn+2sC2EK6wTbuL
FiyLTWs8v6bX7OrvD/6w+MTPD/7suwIj0CXru4qb0f/5emvSAgMhJo3g6W+qTjnv
oCF6I0FalPeoQOl93bji6SV72z3u7NkRQ3NkevnQvCQvB22jaG0rzaRqPl4VMIwi
33GLpUc8WkCUPJHQIKKEORl/ERBnLT8peCbb+yvAx6Jtu3RdbKIBkM8v+zb8Aj9q
Rg8dBUAVs3GxzhnA2GoSNa9MoiihW6daOWom3ef2VPoB/6rlmw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:17 2026 by rpki-client