Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5a5a5a-fd59-4048-875c-f0e74ec0a0f1.roa
File: 9a5a5a5a-fd59-4048-875c-f0e74ec0a0f1.roa (raw, json)
Hash identifier: YoLAsqiVSfhY7DxNjTjfiRPghhj21EI2tGeTMBnw1xU=
Subject key identifier: A8:85:60:1A:DB:A3:EE:AF:42:11:5E:17:1A:AA:8A:0F:3F:7C:FB:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A505F17F61006161E9B89D0BC593CE3EE423A81
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5a5a5a-fd59-4048-875c-f0e74ec0a0f1.roa
Signing time: Tue 24 Feb 2026 04:10:05 +0000
ROA not before: Tue 24 Feb 2026 04:10:05 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:50:5f:17:f6:10:06:16:1e:9b:89:d0:bc:59:3c:e3:ee:42:3a:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 04:10:05 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=1ab989f0d19dfe469290826298ea31d5414c136408bf8a1cd6f51566d63a0993, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:e8:54:7b:b0:40:1e:17:6a:b8:87:36:18:4f:
50:c6:df:23:f7:a8:74:30:82:6d:61:e8:c7:a7:aa:
c7:b8:95:d5:c9:13:e1:e5:56:7c:a8:be:32:b4:58:
f6:41:42:10:c1:a0:ad:30:d9:6c:e8:ea:4d:9d:94:
7d:19:36:ce:33:54:9d:69:d4:80:c9:21:62:00:73:
58:68:ce:15:d2:45:7f:a2:22:ce:b1:20:13:49:62:
24:7a:65:4b:3d:95:db:31:6a:7d:88:c6:7a:01:50:
63:d2:64:3a:b4:0c:4b:6a:00:b8:7e:f2:24:59:b6:
1a:d1:af:24:6a:a5:f1:8c:c8:c7:e4:b7:95:b4:bf:
e6:c5:58:41:f4:a8:89:24:fb:dd:e7:4f:da:00:2d:
41:6b:f1:f8:d9:00:7a:b5:5b:b8:a3:95:33:64:49:
7b:8d:ed:93:aa:fe:07:5f:62:01:1d:68:d2:7b:44:
ae:2a:93:e7:82:7a:58:9a:80:25:91:59:ab:cc:05:
a2:05:fa:92:16:52:61:d7:e2:34:3b:bd:21:b6:99:
58:8d:d4:92:b6:37:28:e1:0f:20:63:56:18:91:ab:
81:30:3c:ed:d0:23:dd:ef:15:0f:9b:40:91:01:8f:
56:10:81:2e:6e:d9:77:c0:25:f6:06:04:84:f6:2a:
23:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:85:60:1A:DB:A3:EE:AF:42:11:5E:17:1A:AA:8A:0F:3F:7C:FB:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5a5a5a-fd59-4048-875c-f0e74ec0a0f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b8:25:35:3a:e4:7a:1f:6a:ef:45:e0:04:27:7b:98:22:b9:43:
f9:2a:74:79:31:6b:1b:54:a1:78:20:ac:66:3b:ff:cb:31:09:
aa:2f:36:0f:dc:be:48:04:c7:f0:16:91:2d:bb:9c:48:f8:4c:
dd:a0:59:6e:3b:42:df:be:1a:ec:1b:4c:9e:08:6b:9c:d9:8d:
ae:2d:ba:0c:6c:2d:d0:7c:0c:a2:23:aa:bf:17:45:bc:56:d9:
5b:82:22:28:ab:04:cc:8a:67:4d:96:9d:e1:7e:2e:56:c5:5c:
fd:d2:96:6d:1c:26:30:37:5d:4f:cd:0b:c3:dc:8a:95:a6:08:
b5:9e:7f:d0:2a:c8:51:e6:81:9e:eb:84:88:0c:61:12:62:6e:
e7:f0:24:5b:31:74:ff:ed:cf:2f:9e:10:4c:c5:82:7c:51:06:
99:e2:40:02:4f:0a:31:7e:01:cb:34:4b:11:8c:13:10:07:37:
56:31:53:fd:30:bf:c8:89:dd:5e:1a:92:7f:88:cc:e2:39:d7:
8d:44:77:f8:f3:85:a1:93:27:59:2a:16:af:b1:16:76:60:77:
1a:19:18:11:5e:4c:8e:e2:08:c6:0c:20:96:c9:03:1c:f6:12:
a8:89:76:18:0b:56:9d:54:4b:60:7c:a7:c7:14:e9:9f:f1:d3:
0a:c7:08:10
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWlBfF/YQBhYem4nQvFk84+5COoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwNDEwMDVaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhYjk4OWYwZDE5ZGZlNDY5MjkwODI2Mjk4ZWEzMWQ1NDE0YzEzNjQwOGJm
OGExY2Q2ZjUxNTY2ZDYzYTA5OTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzoVHuwQB4XariHNhhPUMbfI/eodDCCbWHox6eqx7iV1ckT4eVWfKi+MrRY
9kFCEMGgrTDZbOjqTZ2UfRk2zjNUnWnUgMkhYgBzWGjOFdJFf6IizrEgE0liJHpl
Sz2V2zFqfYjGegFQY9JkOrQMS2oAuH7yJFm2GtGvJGql8YzIx+S3lbS/5sVYQfSo
iST73edP2gAtQWvx+NkAerVbuKOVM2RJe43tk6r+B19iAR1o0ntEriqT54J6WJqA
JZFZq8wFogX6khZSYdfiNDu9IbaZWI3UkrY3KOEPIGNWGJGrgTA87dAj3e8VD5tA
kQGPVhCBLm7Zd8Al9gYEhPYqI50CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSohWAa
26Pur0IRXhcaqooPP3z7mzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWE1YTVhNWEtZmQ1OS00MDQ4LTg3NWMtZjBlNzRlYzBhMGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hvg
MA0GCSqGSIb3DQEBCwUAA4IBAQC4JTU65Hofau9F4AQne5giuUP5KnR5MWsbVKF4
IKxmO//LMQmqLzYP3L5IBMfwFpEtu5xI+EzdoFluO0LfvhrsG0yeCGuc2Y2uLboM
bC3QfAyiI6q/F0W8VtlbgiIoqwTMimdNlp3hfi5WxVz90pZtHCYwN11PzQvD3IqV
pgi1nn/QKshR5oGe64SIDGESYm7n8CRbMXT/7c8vnhBMxYJ8UQaZ4kACTwoxfgHL
NEsRjBMQBzdWMVP9ML/Iid1eGpJ/iMziOdeNRHf484WhkydZKhavsRZ2YHcaGRgR
XkyO4gjGDCCWyQMc9hKoiXYYC1adVEtgfKfHFOmf8dMKxwgQ
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:04:49 2026 by rpki-client