Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
File: 97535b7f-b66d-439d-9398-8336783c9ea4.roa (raw, json)
Hash identifier: /l3TolD1LADPA4boZu3Dez9roOdVSYdbCLQ2mVh2tNw=
Subject key identifier: 62:37:C5:C4:6C:34:A1:6E:0A:A9:A3:53:FA:77:7E:D4:18:2B:B4:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4208986FCA36255B827A82B14BC32C886F9F188B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
Signing time: Sat 28 Feb 2026 05:10:32 +0000
ROA not before: Sat 28 Feb 2026 05:10:32 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:08:98:6f:ca:36:25:5b:82:7a:82:b1:4b:c3:2c:88:6f:9f:18:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:32 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=97544af5c2acd39d0a83f9ee757f7970b43a390c97c0e37b2ed9321b5bd81a1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f4:36:e0:dd:ed:98:c8:c9:71:c7:00:33:b1:
f7:7e:9a:e5:3d:53:1e:a5:ab:0a:f0:94:f9:95:9d:
ee:6a:4c:26:3d:08:20:b4:fa:ac:cf:58:96:d0:c6:
c1:5e:22:5d:94:3e:b9:ae:db:38:15:7c:56:55:84:
cb:45:c5:5a:b5:a4:7a:5c:02:5d:64:e3:4a:79:65:
ff:46:c4:b8:65:e5:b9:ba:5e:e0:d2:ff:cd:3d:9f:
60:2f:d3:d1:06:03:dc:8f:24:d1:b2:6e:4e:41:f1:
ab:3b:d8:8d:31:d5:18:43:19:99:1c:61:3e:11:06:
c4:8a:39:fa:d1:0d:d2:b0:28:a4:35:89:13:52:95:
a5:00:1f:fb:67:75:35:c3:fa:9c:0a:7e:b0:78:99:
bf:d2:bf:1d:0d:05:10:b5:54:d7:5e:c2:9b:0a:9a:
e2:fb:e9:52:2c:fb:02:18:04:f8:f1:c1:66:ed:1d:
ea:31:dc:5c:9d:c4:67:f7:de:6d:90:b2:e0:29:92:
4a:b3:3b:53:ad:b2:b4:8c:45:d2:94:15:a9:99:5e:
7c:9c:cc:ef:24:81:03:47:74:c3:5c:77:20:02:b0:
07:5e:e8:e4:51:74:92:9a:0b:b2:6f:44:ba:1b:fb:
8d:c6:dd:8e:42:3a:69:7e:59:f4:7d:44:c3:c3:69:
0d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:37:C5:C4:6C:34:A1:6E:0A:A9:A3:53:FA:77:7E:D4:18:2B:B4:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5040::/48
Signature Algorithm: sha256WithRSAEncryption
0a:dc:bd:b2:e4:e7:7d:39:1f:5b:da:79:67:dc:95:4f:59:17:
f3:20:c8:ae:b2:eb:0e:fb:73:fd:5f:f7:6d:9c:ec:62:7f:dc:
f4:2a:8f:ec:a7:d4:ff:07:9d:69:df:40:29:fa:57:2f:a2:cb:
33:e9:10:ca:13:e1:66:65:84:96:c7:03:ef:7e:9d:ad:e0:1f:
47:0a:dc:ef:91:12:df:ab:5c:a0:3a:31:7a:ff:c0:b1:da:8d:
76:74:6a:1d:95:4a:68:f9:91:c9:d9:17:47:e0:d5:71:c7:61:
62:93:f5:76:60:25:8f:99:8c:e2:ce:26:c2:75:ee:65:52:e8:
ba:1b:00:a6:be:84:5d:78:e7:87:95:1c:25:21:eb:d4:68:d3:
fb:f5:f1:e4:79:bf:a9:48:0d:65:1c:6f:30:36:03:cb:9a:0e:
b0:9d:dd:00:20:11:e8:7d:4a:9e:89:9f:68:c6:48:fd:0f:b4:
48:a4:70:ee:16:45:08:49:6b:6c:4f:0e:6b:1a:f4:03:31:2f:
3a:d8:75:32:0a:c4:08:a0:68:e2:33:3f:1d:17:c5:47:8a:5b:
3b:1d:c7:98:ed:1e:bc:12:67:e0:ec:5f:ce:39:e8:21:2b:3f:
0e:c4:49:28:1f:c8:e8:a0:3c:dd:2f:23:62:a5:ed:d8:50:92:
0e:1f:5c:47
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQgiYb8o2JVuCeoKxS8MsiG+fGIswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMzJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3NTQ0YWY1YzJhY2QzOWQwYTgzZjllZTc1N2Y3OTcwYjQzYTM5MGM5N2Mw
ZTM3YjJlZDkzMjFiNWJkODFhMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALz0NuDd7ZjIyXHHADOx936a5T1THqWrCvCU+ZWd7mpMJj0IILT6rM9YltDG
wV4iXZQ+ua7bOBV8VlWEy0XFWrWkelwCXWTjSnll/0bEuGXlubpe4NL/zT2fYC/T
0QYD3I8k0bJuTkHxqzvYjTHVGEMZmRxhPhEGxIo5+tEN0rAopDWJE1KVpQAf+2d1
NcP6nAp+sHiZv9K/HQ0FELVU117Cmwqa4vvpUiz7AhgE+PHBZu0d6jHcXJ3EZ/fe
bZCy4CmSSrM7U62ytIxF0pQVqZlefJzM7ySBA0d0w1x3IAKwB17o5FF0kpoLsm9E
uhv7jcbdjkI6aX5Z9H1Ew8NpDV8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRiN8XE
bDShbgqpo1P6d37UGCu07DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc1MzViN2YtYjY2ZC00MzlkLTkzOTgtODMzNjc4M2M5ZWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFQ
QDANBgkqhkiG9w0BAQsFAAOCAQEACty9suTnfTkfW9p5Z9yVT1kX8yDIrrLrDvtz
/V/3bZzsYn/c9CqP7KfU/wedad9AKfpXL6LLM+kQyhPhZmWElscD736dreAfRwrc
75ES36tcoDoxev/AsdqNdnRqHZVKaPmRydkXR+DVccdhYpP1dmAlj5mM4s4mwnXu
ZVLouhsApr6EXXjnh5UcJSHr1GjT+/Xx5Hm/qUgNZRxvMDYDy5oOsJ3dACAR6H1K
nomfaMZI/Q+0SKRw7hZFCElrbE8Oaxr0AzEvOth1MgrECKBo4jM/HRfFR4pbOx3H
mO0evBJn4OxfzjnoISs/DsRJKB/I6KA83S8jYqXt2FCSDh9cRw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:27:41 2026 by rpki-client