Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
File: 97700b94-3ec6-472c-97f5-b54fb1f56f76.roa (raw, json)
Hash identifier: rtBLqLJpkKbbg140L/228IkeBb/zAI2nG+kDCk0Bcd8=
Subject key identifier: 74:DA:74:65:41:2A:15:10:CC:EC:89:DE:5C:9A:7E:CE:2A:33:16:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2000680D854C0712CE405457408F8B401F305137
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
Signing time: Fri 13 Feb 2026 15:30:12 +0000
ROA not before: Fri 13 Feb 2026 15:30:12 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:2040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:00:68:0d:85:4c:07:12:ce:40:54:57:40:8f:8b:40:1f:30:51:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:30:12 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=95e126614ded8f21faed124ee7a851b5fd1fc67dfcdebbf7a4f3320321ed1c75, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:41:b5:6d:92:95:02:2c:1c:69:54:59:0a:eb:
aa:de:fd:db:ac:83:b3:04:2b:be:aa:30:93:4b:8b:
31:7d:4d:80:ce:d3:f2:ce:5d:d2:e9:05:53:1d:34:
c1:c5:12:02:a2:2d:5c:0c:10:f9:6c:5c:15:2a:ed:
83:eb:bc:2e:66:8b:dc:07:67:a5:1e:68:9c:04:de:
43:a9:e7:78:be:b3:46:21:86:4b:df:a3:72:09:5c:
8e:c3:6f:c5:cf:5d:37:b1:05:3b:99:a8:65:ee:c2:
f3:dd:51:95:56:3a:6d:39:39:34:78:50:93:c4:15:
4b:31:db:d9:eb:c6:5d:c4:8d:26:3f:f5:ce:b3:69:
70:d5:cd:c0:8c:b6:f8:cb:f7:3f:8d:da:8d:bb:95:
79:4c:87:25:37:42:da:42:4e:6a:f3:89:b1:39:85:
81:43:54:87:c2:99:44:f1:b2:35:28:a7:de:8b:41:
73:19:4a:b1:f7:0b:d2:80:d6:dc:01:da:db:5c:75:
81:89:02:f0:68:42:10:97:e1:5e:d3:be:b9:9a:e4:
b4:55:da:0e:2c:27:f3:6c:31:91:6d:da:64:db:5f:
2a:a5:4a:9f:f0:25:6d:fe:50:7c:11:55:b4:c0:d8:
56:33:3a:4d:02:5f:bd:29:8e:9e:71:c7:5f:8e:02:
19:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:DA:74:65:41:2A:15:10:CC:EC:89:DE:5C:9A:7E:CE:2A:33:16:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:2040::/46
Signature Algorithm: sha256WithRSAEncryption
86:60:ed:ba:f8:7b:10:23:b3:c4:ae:b8:bf:3c:9d:93:97:fb:
d0:fb:3a:a8:d5:14:c1:df:f5:c4:ff:ca:87:4a:0e:28:8c:fd:
2d:56:1c:e9:f9:da:d6:13:ff:7c:d8:91:93:b8:cc:4d:c7:c2:
09:6b:10:0a:cb:3d:d0:7d:2c:ab:0e:b0:9f:d7:74:49:21:5a:
af:8c:d8:f8:14:30:7d:92:5f:25:04:19:c8:f9:21:d1:40:63:
4c:cf:19:ae:18:85:f9:a6:a1:07:6f:fa:aa:e9:4d:e9:a0:f8:
a9:da:09:42:cb:b7:3a:49:d3:5d:12:32:5a:b6:1b:37:82:ce:
2f:de:19:40:00:b7:c5:15:78:07:7e:43:1b:13:f3:85:5b:d4:
fd:eb:c1:41:a0:c7:a2:fd:74:67:1a:3f:e7:84:91:69:71:d3:
ee:ad:02:b0:c5:f8:9a:94:0e:c4:86:dd:81:e8:5d:96:3e:70:
fa:99:4e:b5:dc:0f:4f:9b:2a:00:49:30:3c:23:12:73:4a:ce:
77:52:82:ac:94:f8:59:24:5d:63:17:4c:e6:82:8a:3a:d8:f0:
88:fc:b8:93:20:bc:db:85:a4:76:cc:cc:d1:f5:a9:a0:75:78:
8e:74:9d:6c:ce:d6:3e:61:88:28:9b:8a:00:a3:b2:2e:b4:4a:
59:36:23:74
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIABoDYVMBxLOQFRXQI+LQB8wUTcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTMwMTJaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1ZTEyNjYxNGRlZDhmMjFmYWVkMTI0ZWU3YTg1MWI1ZmQxZmM2N2RmY2Rl
YmJmN2E0ZjMzMjAzMjFlZDFjNzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPFBtW2SlQIsHGlUWQrrqt7926yDswQrvqowk0uLMX1NgM7T8s5d0ukFUx00
wcUSAqItXAwQ+WxcFSrtg+u8LmaL3AdnpR5onATeQ6nneL6zRiGGS9+jcglcjsNv
xc9dN7EFO5moZe7C891RlVY6bTk5NHhQk8QVSzHb2evGXcSNJj/1zrNpcNXNwIy2
+Mv3P43ajbuVeUyHJTdC2kJOavOJsTmFgUNUh8KZRPGyNSin3otBcxlKsfcL0oDW
3AHa21x1gYkC8GhCEJfhXtO+uZrktFXaDiwn82wxkW3aZNtfKqVKn/Albf5QfBFV
tMDYVjM6TQJfvSmOnnHHX44CGQUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR02nRl
QSoVEMzsid5cmn7OKjMWCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc3MDBiOTQtM2VjNi00NzJjLTk3ZjUtYjU0ZmIxZjU2Zjc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMg
QDANBgkqhkiG9w0BAQsFAAOCAQEAhmDtuvh7ECOzxK64vzydk5f70Ps6qNUUwd/1
xP/Kh0oOKIz9LVYc6fna1hP/fNiRk7jMTcfCCWsQCss90H0sqw6wn9d0SSFar4zY
+BQwfZJfJQQZyPkh0UBjTM8ZrhiF+aahB2/6qulN6aD4qdoJQsu3OknTXRIyWrYb
N4LOL94ZQAC3xRV4B35DGxPzhVvU/evBQaDHov10Zxo/54SRaXHT7q0CsMX4mpQO
xIbdgehdlj5w+plOtdwPT5sqAEkwPCMSc0rOd1KCrJT4WSRdYxdM5oKKOtjwiPy4
kyC824WkdszM0fWpoHV4jnSdbM7WPmGIKJuKAKOyLrRKWTYjdA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:10 2026 by rpki-client