Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98ae6903-6674-49ca-b677-ce1e731619a3.roa
File: 98ae6903-6674-49ca-b677-ce1e731619a3.roa (raw, json)
Hash identifier: mC0M3evuVvH83PSWVb+njp8lIuSGPBMdcp6/P8m5MgU=
Subject key identifier: F2:24:E3:18:D4:09:F3:02:C3:8D:89:3B:1C:43:7B:21:5D:5C:28:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32004BFCA033D515AC8E5A999B7DD28DFCA0C18C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98ae6903-6674-49ca-b677-ce1e731619a3.roa
Signing time: Sun 01 Mar 2026 00:00:35 +0000
ROA not before: Sun 01 Mar 2026 00:00:35 +0000
ROA not after: Sat 30 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:00:4b:fc:a0:33:d5:15:ac:8e:5a:99:9b:7d:d2:8d:fc:a0:c1:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 1 00:00:35 2026 GMT
Not After : May 30 23:59:59 2026 GMT
Subject: serialNumber=4ef43d1fb0c87caf0c802dd3b11ac016ed327d9ecdcff42276202bb47d1bc7f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ab:f2:0b:f6:44:01:ce:0a:6a:e0:41:ac:00:
12:87:89:46:c8:a3:90:81:91:c1:4d:bd:ac:8a:48:
c8:d9:a5:ec:f5:88:41:28:a8:c8:04:42:61:06:4e:
af:e1:f0:b2:4d:67:f4:86:8f:26:57:92:97:99:28:
34:27:c9:7e:a9:0b:ae:77:70:fd:f5:87:4e:cf:15:
33:49:64:87:e9:6f:6e:1a:c3:c5:75:f1:b0:4c:43:
cf:87:53:0b:db:78:fb:f0:20:46:b1:8b:3d:89:a5:
d9:41:ca:d5:e6:ac:a1:5e:d3:97:73:94:e6:ee:44:
b3:3b:fa:da:f3:c7:41:de:ab:1c:ac:48:f8:b9:7d:
d7:d9:6a:77:d2:e1:34:df:07:20:ce:00:7f:be:75:
2e:a8:aa:71:ef:b8:19:dd:b0:76:c3:22:06:df:38:
f9:3d:18:52:c6:09:78:50:2a:7e:97:f2:1e:b6:73:
f6:1c:e8:95:a3:cb:ee:b2:8c:4e:d7:23:d3:42:ef:
0e:34:50:c6:a2:f5:71:b5:a3:83:d3:38:14:bf:f0:
50:2e:b1:bf:92:e4:17:b0:16:cd:3a:c4:e3:a9:bb:
de:9d:be:53:8d:b2:52:bc:17:c9:58:b5:ab:59:fc:
a3:ef:03:7c:3d:34:ff:6e:1c:14:c8:0c:83:0c:55:
74:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:24:E3:18:D4:09:F3:02:C3:8D:89:3B:1C:43:7B:21:5D:5C:28:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98ae6903-6674-49ca-b677-ce1e731619a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1c00::/38
Signature Algorithm: sha256WithRSAEncryption
c5:3a:5e:1b:bd:63:ff:b9:79:e2:35:1e:68:a1:10:09:45:fe:
10:62:1f:21:52:8e:ba:32:82:02:b0:10:47:25:13:89:c1:c3:
21:a0:1c:71:37:76:ac:2f:15:f9:be:8e:84:ec:d7:2e:d8:ff:
f7:79:41:b2:de:59:e7:76:b5:e1:03:2d:b2:9a:72:60:69:0b:
b0:2c:9a:8a:9e:bc:b0:09:df:9d:29:db:2b:61:94:f4:42:ba:
7e:2a:d7:98:69:cb:f2:2f:57:3d:fd:a5:55:f5:16:02:6b:54:
88:0b:4e:6c:45:cc:37:f0:8a:7b:40:f1:fa:32:64:22:e9:25:
c2:ac:77:8a:2c:00:48:ec:74:9e:3f:88:b9:44:17:06:c5:9c:
77:48:38:49:78:ea:8d:b7:d7:fd:38:e7:0c:d7:5a:e2:8e:24:
e2:42:e8:ec:ff:af:60:12:32:e8:0f:2c:5e:58:e6:1b:11:25:
56:0f:42:0c:93:dd:af:29:d2:d4:de:41:78:ce:63:4d:e5:3a:
35:ee:11:ba:d3:8c:2c:da:f1:f2:93:0f:fa:57:01:aa:ce:7b:
ce:f0:97:d3:92:7b:ce:75:bf:c0:aa:08:e2:8b:d1:2c:3d:1b:
56:81:8f:ed:bf:30:a4:d3:d0:74:62:10:0d:fd:24:c2:3f:14:
04:be:f6:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMgBL/KAz1RWsjlqZm33SjfygwYwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMDEwMDAwMzVaFw0yNjA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlZjQzZDFmYjBjODdjYWYwYzgwMmRkM2IxMWFjMDE2ZWQzMjdkOWVjZGNm
ZjQyMjc2MjAyYmI0N2QxYmM3ZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCr8gv2RAHOCmrgQawAEoeJRsijkIGRwU29rIpIyNml7PWIQSioyARCYQZO
r+Hwsk1n9IaPJleSl5koNCfJfqkLrndw/fWHTs8VM0lkh+lvbhrDxXXxsExDz4dT
C9t4+/AgRrGLPYml2UHK1easoV7Tl3OU5u5Eszv62vPHQd6rHKxI+Ll919lqd9Lh
NN8HIM4Af751Lqiqce+4Gd2wdsMiBt84+T0YUsYJeFAqfpfyHrZz9hzolaPL7rKM
Ttcj00LvDjRQxqL1cbWjg9M4FL/wUC6xv5LkF7AWzTrE46m73p2+U42yUrwXyVi1
q1n8o+8DfD00/24cFMgMgwxVdCsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTyJOMY
1AnzAsONiTscQ3shXVwoZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OThhZTY5MDMtNjY3NC00OWNhLWI2NzctY2UxZTczMTYxOWEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQc
MA0GCSqGSIb3DQEBCwUAA4IBAQDFOl4bvWP/uXniNR5ooRAJRf4QYh8hUo66MoIC
sBBHJROJwcMhoBxxN3asLxX5vo6E7Ncu2P/3eUGy3lnndrXhAy2ymnJgaQuwLJqK
nrywCd+dKdsrYZT0Qrp+KteYacvyL1c9/aVV9RYCa1SIC05sRcw38Ip7QPH6MmQi
6SXCrHeKLABI7HSeP4i5RBcGxZx3SDhJeOqNt9f9OOcM11rijiTiQujs/69gEjLo
DyxeWOYbESVWD0IMk92vKdLU3kF4zmNN5To17hG604ws2vHykw/6VwGqznvO8JfT
knvOdb/Aqgjii9EsPRtWgY/tvzCk09B0YhAN/STCPxQEvvYL
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:31:56 2026 by rpki-client