Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
File: 9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa (raw, json)
Hash identifier: sru9rR+mN8zpew6mtJXQ69hgfH3a6YKUCHG+QvzAh/A=
Subject key identifier: C3:33:3B:C4:F9:E0:2A:97:84:21:20:79:B0:CE:7F:8E:CE:4B:5F:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F62F9B416051AC740F14FCC299505CDD37AC344
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
Signing time: Sat 28 Feb 2026 05:20:58 +0000
ROA not before: Sat 28 Feb 2026 05:20:58 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:62:f9:b4:16:05:1a:c7:40:f1:4f:cc:29:95:05:cd:d3:7a:c3:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:58 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=1ac13348390f06158ba181fe907436df39ff2192238b7a12fd49aed377d4893a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:1d:a0:b8:8a:d2:ec:d9:5e:f6:2a:d5:ca:e7:
0d:b7:62:4f:4b:c6:22:e0:cf:d2:ae:f7:5b:e4:dc:
9f:1a:2e:4a:8f:a5:ec:b7:4e:e8:ef:74:53:94:3e:
82:05:2e:6d:a2:5a:dc:94:36:00:36:6a:75:4d:52:
5a:ae:94:d1:41:22:66:82:03:86:be:fe:3d:0a:c4:
9d:fd:45:ed:d3:08:19:90:0d:7e:8e:34:47:3c:69:
db:ec:70:ef:73:7c:93:18:19:6c:17:de:68:65:11:
e9:bb:7a:c2:fd:8d:1b:4f:1f:36:79:11:57:14:23:
e1:bc:8e:51:0d:44:95:af:cf:7d:d3:ec:a8:2b:20:
cf:69:9b:b4:8e:97:12:81:7e:e9:ca:dd:7a:b9:7d:
97:0e:da:37:ff:e7:4d:80:4d:fa:45:c9:e4:ef:1f:
f4:f6:bd:30:e8:8d:37:2f:b7:69:d0:53:cc:4b:f8:
38:7e:1d:40:a0:f0:3a:7d:5d:8a:ae:50:6d:63:e7:
43:48:52:90:25:24:66:3c:00:d0:04:d7:fe:7c:37:
f2:0c:ad:cf:3a:1b:77:d4:19:83:01:28:eb:42:ca:
aa:f7:5d:8b:ac:1a:f4:9f:18:27:80:20:76:01:01:
29:4d:8f:12:52:51:34:ff:20:51:54:c9:2d:ad:4f:
9b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:33:3B:C4:F9:E0:2A:97:84:21:20:79:B0:CE:7F:8E:CE:4B:5F:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:6000::/40
Signature Algorithm: sha256WithRSAEncryption
26:b4:92:87:ed:d0:b7:0c:f7:95:76:4e:bc:dd:58:6c:ba:70:
ac:6b:17:74:cb:9c:ca:31:0a:af:f2:d3:48:78:88:4e:69:48:
0c:f5:fd:01:f8:a3:d2:1c:d7:6a:3b:70:57:01:e7:c2:26:44:
28:81:ca:3a:39:0a:ec:31:65:eb:1b:2d:9b:03:94:0b:0d:f6:
35:f4:6e:c3:76:57:1b:bd:ac:bf:dc:dc:41:69:d0:fc:e2:61:
a6:07:44:16:7a:2d:92:7b:e9:5f:98:77:38:62:98:5a:67:c2:
35:d6:47:ff:67:67:7d:0c:6a:cf:91:2b:01:52:48:68:db:03:
d7:99:3d:69:25:de:f2:ce:cd:5f:84:d9:ce:e2:20:00:3b:9f:
fb:f5:21:64:79:60:f2:9d:84:9d:a0:c1:84:0f:fd:f7:ae:f8:
fc:fb:cf:7c:e0:25:b6:bb:9b:a1:3d:d6:c1:b9:05:e4:bf:17:
1c:84:e7:db:3c:cc:67:bf:86:f4:56:82:b0:bd:59:b9:a3:6a:
a8:8c:85:fe:00:30:88:3b:39:f3:45:d0:f4:e6:c7:a1:b2:58:
cf:3e:6a:6a:71:53:29:e8:0a:c4:6f:ff:3c:f2:2d:35:17:f9:
54:b4:45:8c:fe:e7:17:0f:2a:87:9f:d4:ab:bc:75:ec:bb:92:
ca:f4:ec:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX2L5tBYFGsdA8U/MKZUFzdN6w0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwNThaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhYzEzMzQ4MzkwZjA2MTU4YmExODFmZTkwNzQzNmRmMzlmZjIxOTIyMzhi
N2ExMmZkNDlhZWQzNzdkNDg5M2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANkdoLiK0uzZXvYq1crnDbdiT0vGIuDP0q73W+TcnxouSo+l7LdO6O90U5Q+
ggUubaJa3JQ2ADZqdU1SWq6U0UEiZoIDhr7+PQrEnf1F7dMIGZANfo40Rzxp2+xw
73N8kxgZbBfeaGUR6bt6wv2NG08fNnkRVxQj4byOUQ1Ela/PfdPsqCsgz2mbtI6X
EoF+6crderl9lw7aN//nTYBN+kXJ5O8f9Pa9MOiNNy+3adBTzEv4OH4dQKDwOn1d
iq5QbWPnQ0hSkCUkZjwA0ATX/nw38gytzzobd9QZgwEo60LKqvddi6wa9J8YJ4Ag
dgEBKU2PElJRNP8gUVTJLa1Pm5kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTDMzvE
+eAql4QhIHmwzn+OzktflzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWRjYzcwZGUtNjJiMC00MTBhLThjNDAtZDUxMDJjOWNjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJg
MA0GCSqGSIb3DQEBCwUAA4IBAQAmtJKH7dC3DPeVdk683VhsunCsaxd0y5zKMQqv
8tNIeIhOaUgM9f0B+KPSHNdqO3BXAefCJkQogco6OQrsMWXrGy2bA5QLDfY19G7D
dlcbvay/3NxBadD84mGmB0QWei2Se+lfmHc4YphaZ8I11kf/Z2d9DGrPkSsBUkho
2wPXmT1pJd7yzs1fhNnO4iAAO5/79SFkeWDynYSdoMGED/33rvj8+8984CW2u5uh
PdbBuQXkvxcchOfbPMxnv4b0VoKwvVm5o2qojIX+ADCIOznzRdD05sehsljPPmpq
cVMp6ArEb/888i01F/lUtEWM/ucXDyqHn9SrvHXsu5LK9OyC
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:31:58 2026 by rpki-client