Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa
File: 9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa (raw, json)
Hash identifier: AXV77JBB5xZ0MoLypVeiRzBGIGScOWaRdwfmUHyhtm4=
Subject key identifier: E7:99:DA:05:0F:19:A1:B4:49:C9:9E:28:0C:34:BB:AD:0A:EF:63:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C6B322215B18A713AF5CFDBC9BD90D85551B095
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa
Signing time: Sat 28 Feb 2026 05:10:32 +0000
ROA not before: Sat 28 Feb 2026 05:10:32 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:6b:32:22:15:b1:8a:71:3a:f5:cf:db:c9:bd:90:d8:55:51:b0:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:32 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=5feef3fcfe1700ca3ae43b6c7d938cebba32eb6dd4786f69deaababc4ea95301, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2b:d9:ad:94:65:44:b9:84:0f:97:27:b7:00:
65:dc:f3:b4:5c:98:23:7e:1e:5e:16:83:1e:be:6f:
b0:ce:6b:3f:37:3a:af:e8:c9:7b:5b:b8:8d:c8:e3:
ab:43:34:a7:b9:f3:9c:e2:89:c4:16:c5:71:c7:21:
3e:01:32:3f:cb:a8:95:67:a9:0e:99:7b:39:8b:79:
2e:ca:1a:33:b0:77:73:94:85:b2:04:72:2a:6b:6b:
b2:2b:59:db:af:03:91:cb:25:0a:52:62:67:1d:69:
4a:f8:91:de:6c:1a:bb:35:84:09:35:5d:03:a5:27:
d4:0f:72:bc:70:cf:0e:13:86:bf:68:9b:2a:f5:c4:
68:07:53:c7:2c:c6:3d:ff:f4:25:ca:23:51:8c:47:
a8:da:75:3d:a6:24:0a:a1:70:04:8e:a2:3b:27:05:
b9:97:4b:82:42:9e:ef:d3:e2:7e:da:a4:01:79:b6:
9e:4d:c7:b6:49:09:70:8e:a2:c2:b1:7b:90:c4:31:
36:0a:33:f5:9a:bc:72:64:a1:89:89:4d:57:78:90:
9d:cb:30:7f:b7:d9:76:4a:5e:1b:5c:09:04:a1:63:
b9:e3:f5:46:ef:0c:07:18:dd:f4:ae:0b:88:37:38:
0d:e9:d1:94:00:11:61:e4:ac:79:d7:67:65:5d:02:
5c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:99:DA:05:0F:19:A1:B4:49:C9:9E:28:0C:34:BB:AD:0A:EF:63:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9926a15e-d7fd-4d7b-ad1e-d0df98f546cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9080::/48
Signature Algorithm: sha256WithRSAEncryption
c8:08:3b:12:08:9f:f6:30:8f:66:e4:9a:1c:50:3f:7b:c8:6a:
39:42:95:11:19:99:f3:b6:b5:44:e6:4c:44:82:7b:bb:a6:a1:
4c:a5:71:d6:30:8e:e4:65:a9:a4:28:93:11:fb:c6:6d:65:24:
2d:35:07:c2:30:85:b2:8a:83:e7:fe:4a:fd:90:25:5d:83:9b:
d3:03:f4:8d:65:33:f6:1a:cb:a9:88:03:00:b7:48:7a:b9:2f:
d5:2b:6d:43:2c:4f:75:36:3b:e1:c2:e0:38:ee:03:63:fe:f5:
ae:28:d2:9b:60:8e:58:43:70:e8:d2:b5:41:9c:80:a0:f4:a8:
8a:3d:aa:13:11:2a:a4:9e:72:5d:fe:3a:df:4b:35:c8:f9:15:
24:5b:d4:e3:72:4d:ac:c3:f1:12:9f:23:b6:33:08:e8:a4:76:
5a:8d:78:c3:ba:f5:d2:43:0c:7d:8d:a5:5a:ce:58:8c:31:2a:
27:17:5b:87:37:70:ca:91:25:ee:60:95:fd:5b:eb:62:db:1c:
2a:e4:e3:90:4f:c7:e4:92:6d:7d:b9:16:82:b4:1a:1b:b1:12:
b6:34:43:d2:15:17:09:5a:32:f1:64:40:07:ba:f0:06:10:bc:
d3:89:00:a4:71:29:1c:10:ee:c0:b7:42:ac:2f:2c:40:68:37:
b2:2b:b0:38
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPGsyIhWxinE69c/byb2Q2FVRsJUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMzJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmZWVmM2ZjZmUxNzAwY2EzYWU0M2I2YzdkOTM4Y2ViYmEzMmViNmRkNDc4
NmY2OWRlYWFiYWJjNGVhOTUzMDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsr2a2UZUS5hA+XJ7cAZdzztFyYI34eXhaDHr5vsM5rPzc6r+jJe1u4jcjj
q0M0p7nznOKJxBbFccchPgEyP8uolWepDpl7OYt5LsoaM7B3c5SFsgRyKmtrsitZ
268DkcslClJiZx1pSviR3mwauzWECTVdA6Un1A9yvHDPDhOGv2ibKvXEaAdTxyzG
Pf/0JcojUYxHqNp1PaYkCqFwBI6iOycFuZdLgkKe79PiftqkAXm2nk3HtkkJcI6i
wrF7kMQxNgoz9Zq8cmShiYlNV3iQncswf7fZdkpeG1wJBKFjueP1Ru8MBxjd9K4L
iDc4DenRlAARYeSseddnZV0CXNECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTnmdoF
DxmhtEnJnigMNLutCu9jIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTkyNmExNWUtZDdmZC00ZDdiLWFkMWUtZDBkZjk4ZjU0NmNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+Q
gDANBgkqhkiG9w0BAQsFAAOCAQEAyAg7Egif9jCPZuSaHFA/e8hqOUKVERmZ87a1
ROZMRIJ7u6ahTKVx1jCO5GWppCiTEfvGbWUkLTUHwjCFsoqD5/5K/ZAlXYOb0wP0
jWUz9hrLqYgDALdIerkv1SttQyxPdTY74cLgOO4DY/71rijSm2COWENw6NK1QZyA
oPSoij2qExEqpJ5yXf4630s1yPkVJFvU43JNrMPxEp8jtjMI6KR2Wo14w7r10kMM
fY2lWs5YjDEqJxdbhzdwypEl7mCV/VvrYtscKuTjkE/H5JJtfbkWgrQaG7EStjRD
0hUXCVoy8WRAB7rwBhC804kApHEpHBDuwLdCrC8sQGg3siuwOA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:00 2026 by rpki-client