Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
File: 9cdad1cc-641a-4187-9b79-fc696cb535f5.roa (raw, json)
Hash identifier: cdL3w/aj9kp3hdFiOYOdth0Z0BCLQbLANOiDsC95eXQ=
Subject key identifier: 92:06:AA:1E:E0:33:A2:A8:62:05:F3:06:70:6B:83:C7:22:67:73:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F1185D6C0911A271B6CFB7D1615B1A5273BCAFF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
Signing time: Thu 26 Feb 2026 02:10:07 +0000
ROA not before: Thu 26 Feb 2026 02:10:07 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:11:85:d6:c0:91:1a:27:1b:6c:fb:7d:16:15:b1:a5:27:3b:ca:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:10:07 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=954e583eacda590bc46890cc432388f0d147583c09afaf02a60656ff1aeb1fa6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9d:a3:3d:29:75:a2:44:65:87:b4:9e:0d:b0:
0d:30:22:fb:7e:3a:1b:41:b0:8c:22:10:06:52:eb:
64:49:ee:66:2a:6c:47:51:32:e3:b7:56:e1:35:be:
3d:78:53:c2:ab:7c:34:86:15:da:fd:0c:2d:32:c3:
c4:e2:25:47:5d:dc:00:7b:84:8e:46:d3:0a:23:1f:
32:8f:d8:f1:d9:45:5d:4e:7c:5e:77:02:26:c9:0b:
f6:c8:c2:77:64:f4:5d:76:7d:f3:9a:63:d4:90:7e:
e1:bb:e9:ff:e9:3a:99:c3:61:5e:02:30:93:94:a8:
88:65:0b:46:2c:ac:a3:d1:cc:6e:c7:78:d3:ac:b9:
8f:80:dd:ed:dd:ff:ef:22:ba:18:1a:a2:ea:00:b7:
7b:64:38:b5:80:f0:28:8f:c5:3b:99:c5:8b:01:96:
e2:3a:0e:2f:df:55:ad:3c:62:42:1a:51:04:09:05:
c2:8b:af:4e:14:34:e0:ab:cb:dd:a1:17:dd:3e:ee:
53:5f:7d:e4:6d:ea:9b:4a:e1:62:b8:88:b3:e6:45:
05:de:4b:68:19:ae:aa:f0:4b:02:3b:2d:9f:98:f0:
9b:ec:e0:15:73:f9:dd:4d:fc:1c:d5:2c:fc:05:0e:
dc:59:54:bf:34:f9:a2:fd:bd:7c:b0:6b:a5:b3:e7:
95:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:06:AA:1E:E0:33:A2:A8:62:05:F3:06:70:6B:83:C7:22:67:73:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdad1cc-641a-4187-9b79-fc696cb535f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:800::/40
Signature Algorithm: sha256WithRSAEncryption
2a:97:d4:4c:2a:4a:0e:44:67:3e:b8:fd:92:c3:c9:2d:32:e1:
f7:34:50:7f:77:fe:66:12:3b:4e:b7:a3:1f:08:96:9e:0f:88:
f2:e0:c0:b4:0c:07:2e:be:53:70:0f:3c:d4:ec:ef:f3:21:c9:
0e:ad:eb:de:44:a9:ee:20:c2:10:3d:e7:c2:65:6d:b8:37:0f:
d1:f8:37:f0:19:53:0e:54:82:4d:5a:f8:af:08:02:01:28:d2:
d2:62:f6:2b:75:af:fd:35:8c:99:c0:53:9f:9b:5d:2d:38:2c:
b8:85:f1:c5:9d:97:50:2e:7e:5f:96:bd:88:ce:11:f0:bf:f6:
91:23:19:51:72:8a:38:d8:95:c4:25:8d:34:82:73:69:78:92:
bc:37:41:c6:22:2e:89:f4:1b:e0:2c:8a:bf:cd:82:45:88:6d:
31:d0:21:89:fa:d6:2a:c5:e2:88:8d:a5:71:92:c7:5a:9f:c6:
70:58:3a:eb:33:da:52:af:f6:9c:f1:bb:00:66:40:39:04:2e:
e8:d1:cc:64:a8:ec:42:c8:b3:5c:b0:5e:a2:b9:cd:28:d4:95:
1f:e6:02:60:1b:1f:e4:cb:95:94:20:c0:8f:a7:d4:ed:f5:51:
18:45:c1:e7:d0:c8:96:dd:6a:17:6a:ee:9a:c4:b8:28:9f:94:
93:24:13:e3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbxGF1sCRGicbbPt9FhWxpSc7yv8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjEwMDdaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1NGU1ODNlYWNkYTU5MGJjNDY4OTBjYzQzMjM4OGYwZDE0NzU4M2MwOWFm
YWYwMmE2MDY1NmZmMWFlYjFmYTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMydoz0pdaJEZYe0ng2wDTAi+346G0GwjCIQBlLrZEnuZipsR1Ey47dW4TW+
PXhTwqt8NIYV2v0MLTLDxOIlR13cAHuEjkbTCiMfMo/Y8dlFXU58XncCJskL9sjC
d2T0XXZ985pj1JB+4bvp/+k6mcNhXgIwk5SoiGULRiyso9HMbsd406y5j4Dd7d3/
7yK6GBqi6gC3e2Q4tYDwKI/FO5nFiwGW4joOL99VrTxiQhpRBAkFwouvThQ04KvL
3aEX3T7uU1995G3qm0rhYriIs+ZFBd5LaBmuqvBLAjstn5jwm+zgFXP53U38HNUs
/AUO3FlUvzT5ov29fLBrpbPnleECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSSBqoe
4DOiqGIF8wZwa4PHImdz9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWNkYWQxY2MtNjQxYS00MTg3LTliNzktZmM2OTZjYjUzNWY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8I
MA0GCSqGSIb3DQEBCwUAA4IBAQAql9RMKkoORGc+uP2Sw8ktMuH3NFB/d/5mEjtO
t6MfCJaeD4jy4MC0DAcuvlNwDzzU7O/zIckOreveRKnuIMIQPefCZW24Nw/R+Dfw
GVMOVIJNWvivCAIBKNLSYvYrda/9NYyZwFOfm10tOCy4hfHFnZdQLn5flr2IzhHw
v/aRIxlRcoo42JXEJY00gnNpeJK8N0HGIi6J9BvgLIq/zYJFiG0x0CGJ+tYqxeKI
jaVxksdan8ZwWDrrM9pSr/ac8bsAZkA5BC7o0cxkqOxCyLNcsF6iuc0o1JUf5gJg
Gx/ky5WUIMCPp9Tt9VEYRcHn0MiW3WoXau6axLgon5STJBPj
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:53:47 2026 by rpki-client