Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
File: 98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa (raw, json)
Hash identifier: 7+Qg1aK32nbrGBe5bPkIAerbSYNNsnr3cm+KC+ADIFE=
Subject key identifier: 9D:5C:72:86:7C:B3:C4:C1:FD:8A:55:36:38:C1:76:40:42:D2:17:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7AC561AE092B243F5E5CC06CF80E7D4998761E4B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
Signing time: Sat 28 Feb 2026 05:51:32 +0000
ROA not before: Sat 28 Feb 2026 05:51:32 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:c5:61:ae:09:2b:24:3f:5e:5c:c0:6c:f8:0e:7d:49:98:76:1e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:32 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=19766eeaed0527a8204e6aa19dc8394c9f92eff8f5999231efccc6ae565df426, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:a0:eb:7b:09:85:1e:42:40:a8:44:4f:14:77:
6a:6f:a6:10:95:78:13:50:4e:2c:a3:d6:02:dd:ac:
16:8c:1c:91:fa:7b:49:0f:67:93:5b:2e:85:66:ed:
39:c6:49:10:1e:9c:08:d5:08:70:d6:df:51:66:d3:
13:08:3c:31:c2:8d:dd:69:b3:06:0b:e5:cc:52:f9:
7a:da:59:6f:28:7a:a0:4c:bb:3e:50:f2:70:cc:d8:
eb:28:58:94:0f:b7:99:e8:a5:e7:83:6a:44:d1:3d:
67:86:fb:0a:4e:8a:eb:a6:7e:f9:34:48:87:09:a7:
e2:1c:0d:f2:6c:3f:ed:78:f3:00:3a:6b:a1:67:20:
c7:07:b4:4a:43:9d:9d:72:1b:1a:f6:8a:e7:df:9a:
53:65:8e:3e:6c:e5:57:d4:be:19:82:df:0a:03:c5:
12:b6:6c:f3:35:cf:9f:bb:0f:a2:5d:8b:31:f5:a2:
eb:be:a4:31:74:29:58:c7:cc:a2:3f:ab:00:b8:08:
33:c1:21:be:37:5c:6d:23:51:2e:b5:06:1d:d2:93:
94:ba:88:32:94:64:35:bb:0e:df:cc:6f:aa:05:92:
86:59:14:2b:eb:a3:08:7d:40:59:53:8f:5e:f0:5c:
3a:5a:09:42:8b:15:60:3e:2f:7b:7f:1e:37:f9:8b:
4e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:5C:72:86:7C:B3:C4:C1:FD:8A:55:36:38:C1:76:40:42:D2:17:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015::/36
Signature Algorithm: sha256WithRSAEncryption
4a:44:c2:9e:59:71:ec:90:df:1e:4e:da:ed:67:60:aa:27:9e:
63:53:40:a3:dd:d8:51:d8:1b:f6:22:55:39:ae:01:17:c7:39:
e9:44:92:f2:63:30:ea:55:dc:cc:8e:45:04:39:f9:2f:05:69:
81:55:74:5e:33:c9:6e:49:f3:5a:b7:cf:a1:bd:80:00:fd:dd:
07:03:ad:d3:fe:d8:a0:da:43:31:0b:75:7d:ae:57:75:5f:03:
40:f5:37:d4:16:f6:9d:8d:a7:e2:dc:fc:5d:6b:5f:de:ae:68:
e9:40:0b:9c:70:fc:c3:a0:1c:99:2c:48:77:ba:3d:35:71:97:
8e:f2:d3:4a:ad:b0:7e:e0:99:f5:be:17:49:4d:a1:7c:53:0d:
5d:1c:24:34:14:a9:bf:82:2a:13:e9:ae:8a:af:39:ea:01:dd:
cc:fd:e1:e0:ca:e4:04:61:7a:74:60:16:f3:e6:86:57:7c:2a:
44:57:25:15:7c:ab:4c:c9:57:4b:50:84:f9:73:19:ae:70:15:
fe:f0:f8:90:a1:14:a5:c4:3e:e7:0e:1e:a2:7a:46:19:81:b3:
4c:26:1b:58:94:6d:1d:36:96:d9:59:fa:0b:f5:95:ea:b8:50:
7f:e6:df:57:e5:6a:ae:3f:83:bd:7a:2d:85:94:25:53:2b:0a:
b0:24:7b:61
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUesVhrgkrJD9eXMBs+A59SZh2HkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMzJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5NzY2ZWVhZWQwNTI3YTgyMDRlNmFhMTlkYzgzOTRjOWY5MmVmZjhmNTk5
OTIzMWVmY2NjNmFlNTY1ZGY0MjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPqg63sJhR5CQKhETxR3am+mEJV4E1BOLKPWAt2sFowckfp7SQ9nk1suhWbt
OcZJEB6cCNUIcNbfUWbTEwg8McKN3WmzBgvlzFL5etpZbyh6oEy7PlDycMzY6yhY
lA+3meil54NqRNE9Z4b7Ck6K66Z++TRIhwmn4hwN8mw/7XjzADproWcgxwe0SkOd
nXIbGvaK59+aU2WOPmzlV9S+GYLfCgPFErZs8zXPn7sPol2LMfWi676kMXQpWMfM
oj+rALgIM8EhvjdcbSNRLrUGHdKTlLqIMpRkNbsO38xvqgWShlkUK+ujCH1AWVOP
XvBcOloJQosVYD4ve38eN/mLTi8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSdXHKG
fLPEwf2KVTY4wXZAQtIXNTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OThjZjU1YzUtYmI0YS00NmE1LWE2NjctOTAxYjFhMmZmYjRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BUA
MA0GCSqGSIb3DQEBCwUAA4IBAQBKRMKeWXHskN8eTtrtZ2CqJ55jU0Cj3dhR2Bv2
IlU5rgEXxznpRJLyYzDqVdzMjkUEOfkvBWmBVXReM8luSfNat8+hvYAA/d0HA63T
/tig2kMxC3V9rld1XwNA9TfUFvadjafi3Pxda1/ermjpQAuccPzDoByZLEh3uj01
cZeO8tNKrbB+4Jn1vhdJTaF8Uw1dHCQ0FKm/gioT6a6KrznqAd3M/eHgyuQEYXp0
YBbz5oZXfCpEVyUVfKtMyVdLUIT5cxmucBX+8PiQoRSlxD7nDh6iekYZgbNMJhtY
lG0dNpbZWfoL9ZXquFB/5t9X5WquP4O9ei2FlCVTKwqwJHth
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:36 2026 by rpki-client