Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97c2fed6-917f-4140-ae69-b6ff028e8f2e.roa
File: 97c2fed6-917f-4140-ae69-b6ff028e8f2e.roa (raw, json)
Hash identifier: FwfIppl3hWQopAdtL0nbLmS7ZIBlZo8kMOeNZKLTCmk=
Subject key identifier: 5C:25:35:82:A2:F5:6C:9A:D2:AF:02:13:14:87:EC:90:18:4A:F1:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 186D871791366E177F9E29C374CE1539E0765F39
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97c2fed6-917f-4140-ae69-b6ff028e8f2e.roa
Signing time: Tue 17 Feb 2026 21:36:50 +0000
ROA not before: Tue 17 Feb 2026 21:36:50 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:6d:87:17:91:36:6e:17:7f:9e:29:c3:74:ce:15:39:e0:76:5f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 21:36:50 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=f55144381a1b933bd56c4cbbf207cd808eacf4765112876393419b4be8487a26, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2b:b9:8b:44:7b:12:96:3a:83:96:15:4c:f1:
42:d0:83:f2:43:bc:95:92:86:6b:96:98:e1:c1:00:
ed:d1:3e:1e:c1:4f:59:88:04:0f:a1:35:d1:79:64:
c8:39:48:34:57:8a:c7:e7:e7:b7:e2:79:12:91:5d:
7d:51:88:58:6c:e1:5c:a9:55:cc:08:e4:76:cc:ac:
06:73:93:af:81:91:d0:5b:7a:f8:69:07:30:4d:2d:
9b:c7:d3:31:f0:f1:81:5b:5a:e0:3e:43:89:be:2c:
c9:a5:72:42:11:33:ab:87:44:74:13:37:fc:03:aa:
65:89:b7:24:c4:f6:ec:4d:32:67:27:58:f4:b4:b7:
20:16:2c:23:b8:fa:ad:9c:2b:55:a2:40:69:0c:3c:
52:87:ad:25:73:20:ed:88:ac:47:4d:a5:6a:6f:9c:
eb:e1:94:7d:12:0b:da:0a:4b:f4:74:ea:2c:64:f6:
5b:2a:b3:ce:96:2a:56:56:43:c9:e0:4f:3a:05:32:
4d:65:01:ac:96:3f:7e:a6:b4:25:69:43:2e:05:9a:
f4:b7:1b:da:59:b7:62:03:ad:05:4f:38:1a:2a:c9:
18:40:06:b2:c0:71:c9:73:16:fe:8a:87:26:1a:08:
62:25:f4:1f:d5:bc:94:de:66:28:6a:a7:dd:0e:0f:
f9:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:25:35:82:A2:F5:6C:9A:D2:AF:02:13:14:87:EC:90:18:4A:F1:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97c2fed6-917f-4140-ae69-b6ff028e8f2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:840::/48
Signature Algorithm: sha256WithRSAEncryption
7c:62:52:7e:16:92:f3:12:75:3f:e6:89:27:f5:be:ea:42:f2:
3b:30:95:9f:bf:17:c5:a4:3b:e1:0d:78:2f:c2:43:d5:95:82:
7e:a8:65:be:40:10:b9:9d:de:64:1a:df:5a:ba:3a:ff:0c:5e:
f6:0c:14:77:66:43:e1:34:7b:02:f8:e8:20:2e:89:72:30:ec:
de:c5:94:06:86:f9:8d:a0:85:88:41:ba:59:cb:f7:ed:90:15:
18:cf:66:fd:2d:61:d7:c8:c7:57:0e:58:2c:a9:7e:3c:07:26:
e8:a4:ca:ac:74:7b:cb:ab:f2:ca:d9:57:e5:08:c5:f4:f1:c7:
34:61:0f:43:9a:6e:5e:62:dc:f1:89:46:2e:4d:f0:36:45:9b:
76:43:fd:b8:c1:25:17:8e:ec:1b:b9:e8:d7:e4:c9:51:0c:b8:
c0:50:6c:60:fc:f1:8a:a7:04:70:04:e6:c3:a9:5e:cf:fc:26:
88:a9:09:31:f2:20:c1:67:9b:0a:16:42:ad:fd:71:88:e5:ca:
43:cc:45:b3:b8:32:94:12:a1:56:44:81:d1:c4:c1:75:aa:6c:
9c:c7:2c:be:ba:b7:d1:a5:d2:fd:6c:ec:fb:5b:66:b0:c8:4a:
1a:d8:aa:fc:60:09:cc:70:34:a7:01:8d:74:40:3d:9a:b9:94:
ff:bf:bf:0f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGG2HF5E2bhd/ninDdM4VOeB2XzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcyMTM2NTBaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1NTE0NDM4MWExYjkzM2JkNTZjNGNiYmYyMDdjZDgwOGVhY2Y0NzY1MTEy
ODc2MzkzNDE5YjRiZTg0ODdhMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJoruYtEexKWOoOWFUzxQtCD8kO8lZKGa5aY4cEA7dE+HsFPWYgED6E10Xlk
yDlINFeKx+fnt+J5EpFdfVGIWGzhXKlVzAjkdsysBnOTr4GR0Ft6+GkHME0tm8fT
MfDxgVta4D5Dib4syaVyQhEzq4dEdBM3/AOqZYm3JMT27E0yZydY9LS3IBYsI7j6
rZwrVaJAaQw8UoetJXMg7YisR02lam+c6+GUfRIL2gpL9HTqLGT2WyqzzpYqVlZD
yeBPOgUyTWUBrJY/fqa0JWlDLgWa9Lcb2lm3YgOtBU84GirJGEAGssBxyXMW/oqH
JhoIYiX0H9W8lN5mKGqn3Q4P+S0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRcJTWC
ovVsmtKvAhMUh+yQGErxgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTdjMmZlZDYtOTE3Zi00MTQwLWFlNjktYjZmZjAyOGU4ZjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAI
QDANBgkqhkiG9w0BAQsFAAOCAQEAfGJSfhaS8xJ1P+aJJ/W+6kLyOzCVn78XxaQ7
4Q14L8JD1ZWCfqhlvkAQuZ3eZBrfWro6/wxe9gwUd2ZD4TR7AvjoIC6JcjDs3sWU
Bob5jaCFiEG6Wcv37ZAVGM9m/S1h18jHVw5YLKl+PAcm6KTKrHR7y6vyytlX5QjF
9PHHNGEPQ5puXmLc8YlGLk3wNkWbdkP9uMElF47sG7no1+TJUQy4wFBsYPzxiqcE
cATmw6lez/wmiKkJMfIgwWebChZCrf1xiOXKQ8xFs7gylBKhVkSB0cTBdapsnMcs
vrq30aXS/Wzs+1tmsMhKGtiq/GAJzHA0pwGNdEA9mrmU/7+/Dw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:35:05 2026 by rpki-client