Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
File: 9a0196e5-a789-4daf-912c-37aa6951f379.roa (raw, json)
Hash identifier: P5awqc3QN6TQ24sSxSybVt6tsH5bCmxCiEAVVGnwTS0=
Subject key identifier: 4C:92:8B:C4:3C:76:85:06:36:F7:4E:9E:2A:F0:81:AE:03:06:EF:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FF3DF69CF25A91E8DA5DFB771D7A9DC3CB56E0F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
Signing time: Fri 20 Feb 2026 01:51:11 +0000
ROA not before: Fri 20 Feb 2026 01:51:11 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:f3:df:69:cf:25:a9:1e:8d:a5:df:b7:71:d7:a9:dc:3c:b5:6e:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:51:11 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=278a3cc68ca59d3c276df8b4d16ea942d22aaa21e65e9b27e5863923fe15480f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ec:45:30:e7:56:b4:dc:a2:fe:32:6d:6c:d8:
c9:20:35:96:05:91:fa:ec:f4:29:01:61:88:b1:04:
e1:1f:53:44:b6:ce:ad:31:11:a0:7e:b5:44:bb:df:
b9:5d:44:10:32:b7:11:26:90:e4:5e:90:e9:0d:b7:
b4:e8:c3:e7:30:e4:97:ef:93:75:a0:a2:a3:2e:5f:
19:52:e5:01:5f:fe:f2:35:7e:b9:c1:b6:17:48:d1:
84:3f:5e:eb:6c:61:7b:b8:48:d5:e7:07:3c:d2:57:
16:26:e2:7a:ae:df:74:74:40:82:dd:8f:b9:d1:28:
d4:65:2c:e4:85:a8:cd:19:79:99:02:3f:65:c6:4b:
c9:34:18:57:36:ee:cc:68:c1:4b:ac:64:1c:55:52:
77:0a:fd:4e:14:29:9b:05:be:64:6c:f3:f6:fd:ba:
54:9c:0a:66:fe:08:3d:75:7b:3e:1a:8d:41:ce:ff:
34:b0:36:e0:4e:08:93:54:c9:15:9b:9c:ab:e5:56:
0f:8d:98:bb:48:f3:38:43:7a:8d:4b:39:58:c1:a6:
03:33:cc:25:50:8b:33:10:83:ae:ba:33:93:a6:12:
d6:c3:8f:55:9e:92:a3:cf:2a:25:85:65:0b:7d:8c:
9c:b0:1c:60:9e:4d:fc:29:7b:e6:d8:53:10:c2:8d:
c5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:92:8B:C4:3C:76:85:06:36:F7:4E:9E:2A:F0:81:AE:03:06:EF:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
23:15:80:3b:aa:64:dc:36:f3:7d:0b:f7:32:b9:68:ea:4f:da:
a9:93:a1:9b:d7:86:bd:33:91:5d:c2:db:55:8c:1d:20:6d:ae:
90:ac:c1:27:5b:68:6d:dc:a7:d1:3c:e6:85:b4:95:ff:d5:5e:
b0:65:6d:35:22:ba:63:74:ee:8a:a2:5e:96:32:57:cc:e7:38:
58:c6:62:98:d9:d8:21:1c:0e:fc:69:7d:7b:6e:71:85:b6:43:
67:82:e5:ba:9d:06:ed:c7:22:b6:e0:a3:df:b4:9f:65:25:d1:
c0:16:10:28:04:b5:60:fd:92:62:1f:77:84:41:a3:5b:11:cc:
f9:01:76:02:40:30:cc:6b:e8:08:58:1d:7f:79:43:09:16:28:
b3:7e:e4:1e:82:5f:d8:ba:2d:c9:2d:09:96:3d:f8:22:bf:fb:
4e:67:5e:dd:3d:bb:59:ff:c3:92:86:b6:40:19:c1:16:cc:01:
0a:43:bc:09:77:e7:86:b0:c6:98:58:aa:9d:b3:36:70:86:e2:
37:fd:f9:7f:00:6e:7d:59:0e:ed:b7:64:1d:c2:09:ba:a1:7f:
da:44:61:62:6d:31:b7:f7:d5:bf:d4:61:91:6d:b6:4d:0f:f6:
9b:46:89:27:8b:56:09:96:7a:70:68:05:ff:8d:f6:fe:e5:c9:
81:ae:b8:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX/Pfac8lqR6Npd+3cdep3Dy1bg8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUxMTFaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3OGEzY2M2OGNhNTlkM2MyNzZkZjhiNGQxNmVhOTQyZDIyYWFhMjFlNjVl
OWIyN2U1ODYzOTIzZmUxNTQ4MGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIbsRTDnVrTcov4ybWzYySA1lgWR+uz0KQFhiLEE4R9TRLbOrTERoH61RLvf
uV1EEDK3ESaQ5F6Q6Q23tOjD5zDkl++TdaCioy5fGVLlAV/+8jV+ucG2F0jRhD9e
62xhe7hI1ecHPNJXFibieq7fdHRAgt2PudEo1GUs5IWozRl5mQI/ZcZLyTQYVzbu
zGjBS6xkHFVSdwr9ThQpmwW+ZGzz9v26VJwKZv4IPXV7PhqNQc7/NLA24E4Ik1TJ
FZucq+VWD42Yu0jzOEN6jUs5WMGmAzPMJVCLMxCDrrozk6YS1sOPVZ6So88qJYVl
C32MnLAcYJ5N/Cl75thTEMKNxZUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRMkovE
PHaFBjb3Tp4q8IGuAwbv3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWEwMTk2ZTUtYTc4OS00ZGFmLTkxMmMtMzdhYTY5NTFmMzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQAjFYA7qmTcNvN9C/cyuWjqT9qpk6Gb14a9M5Fd
wttVjB0gba6QrMEnW2ht3KfRPOaFtJX/1V6wZW01IrpjdO6Kol6WMlfM5zhYxmKY
2dghHA78aX17bnGFtkNnguW6nQbtxyK24KPftJ9lJdHAFhAoBLVg/ZJiH3eEQaNb
Ecz5AXYCQDDMa+gIWB1/eUMJFiizfuQegl/Yui3JLQmWPfgiv/tOZ17dPbtZ/8OS
hrZAGcEWzAEKQ7wJd+eGsMaYWKqdszZwhuI3/fl/AG59WQ7tt2Qdwgm6oX/aRGFi
bTG399W/1GGRbbZND/abRokni1YJlnpwaAX/jfb+5cmBrrhE
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:02:12 2026 by rpki-client