Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
File: 9ea9340f-dd25-4e30-a952-27ce8d9906df.roa (raw, json)
Hash identifier: m4mfW8c2mBhp5tgJfUdSVYKffyFSpWNEO5exl9pMj8Q=
Subject key identifier: 01:3C:9B:CF:30:B3:9D:2D:E0:3E:7B:D5:CC:42:6D:88:7B:B6:10:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3BBF056F643709DF78B800277C5DF9639F6B1161
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
Signing time: Fri 20 Feb 2026 01:50:07 +0000
ROA not before: Fri 20 Feb 2026 01:50:07 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:bf:05:6f:64:37:09:df:78:b8:00:27:7c:5d:f9:63:9f:6b:11:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:07 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=41c2085e3f2aa6db102946caf367b8a2fb9ca688c4ef9f63c1d76e07efff7c3d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5e:81:e4:ea:cb:85:3f:9e:3a:ad:86:e5:8f:
4b:0f:d0:66:29:2d:cb:d4:c5:dd:80:b9:31:c9:28:
5d:23:65:d0:36:bb:9c:f2:dd:32:d7:b4:6b:b9:13:
05:36:b4:58:36:cb:c8:40:d6:3a:3d:32:3c:9f:a8:
00:d8:98:af:08:0d:29:59:6d:59:23:53:4a:93:95:
71:c1:93:03:7f:e3:60:30:f1:83:d3:ad:73:0d:1e:
18:48:c9:71:86:83:e7:15:2c:b3:87:b2:bf:03:be:
d2:ed:ce:c5:72:6c:e3:6d:46:f0:b2:d0:11:65:8b:
83:e3:5d:78:53:b1:fd:a0:03:77:7d:8f:e7:fa:88:
7f:5c:02:fa:b7:cc:76:cd:62:64:3f:1a:bb:2f:65:
ee:43:3c:26:b5:75:6b:27:86:8c:ff:76:ed:61:3d:
43:9e:f6:2a:88:46:5e:07:87:e8:a8:79:a5:94:bc:
f2:6b:12:a6:69:8b:f8:9a:fe:7e:5a:ad:61:80:72:
54:32:cd:cb:8c:31:21:fd:61:f9:25:c4:b5:26:fd:
d1:77:70:24:b7:70:78:ac:c4:69:5f:0f:fc:7d:12:
48:c3:59:41:42:9e:93:d3:e5:d5:71:bf:ef:05:95:
3a:ab:94:f0:58:f1:a8:68:4a:39:b0:2a:64:9b:8e:
52:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:3C:9B:CF:30:B3:9D:2D:E0:3E:7B:D5:CC:42:6D:88:7B:B6:10:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:4000::/40
Signature Algorithm: sha256WithRSAEncryption
c0:ab:19:aa:a6:f7:f5:5b:ed:ee:14:3a:32:47:eb:70:84:cb:
6c:47:6d:4f:d9:6d:a6:e1:e8:16:e2:94:9d:09:38:0b:a6:c0:
e1:67:ce:4e:28:07:bd:3b:2a:ef:be:30:32:97:84:f3:32:4c:
21:7d:81:d4:a1:c1:cd:c9:c0:29:2d:0f:2b:e5:3d:fd:81:78:
4c:42:67:8c:71:35:98:04:b9:38:07:3b:68:84:b6:c4:2c:b3:
c6:ce:bb:7d:19:b5:1d:fb:90:cd:ba:42:fa:b6:52:c5:36:cd:
e2:00:da:da:87:b4:d2:4f:ff:73:b8:29:3f:3a:8c:db:ba:ec:
f6:76:0a:61:73:a4:9d:82:92:f1:0a:90:85:b7:03:50:ba:fd:
a1:6d:43:1a:86:55:d5:0f:7f:5f:da:a2:bd:aa:cf:e4:67:cc:
7a:30:05:6c:70:68:75:ea:a3:70:07:a6:ff:89:af:d3:34:2a:
0c:1c:eb:ae:06:3e:df:39:e6:06:52:2b:98:51:c3:f6:63:10:
bc:62:7d:b3:dc:0e:13:42:aa:88:0f:e6:d1:5a:12:5c:0b:7b:
a7:fb:92:6a:61:96:59:2e:40:b9:39:8b:34:bd:2f:e5:ae:87:
aa:75:1f:78:53:92:a0:76:3e:72:04:3b:cc:9d:42:52:5b:f7:
39:52:ed:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUO78Fb2Q3Cd94uAAnfF35Y59rEWEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMDdaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxYzIwODVlM2YyYWE2ZGIxMDI5NDZjYWYzNjdiOGEyZmI5Y2E2ODhjNGVm
OWY2M2MxZDc2ZTA3ZWZmZjdjM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFegeTqy4U/njqthuWPSw/QZikty9TF3YC5MckoXSNl0Da7nPLdMte0a7kT
BTa0WDbLyEDWOj0yPJ+oANiYrwgNKVltWSNTSpOVccGTA3/jYDDxg9Otcw0eGEjJ
cYaD5xUss4eyvwO+0u3OxXJs421G8LLQEWWLg+NdeFOx/aADd32P5/qIf1wC+rfM
ds1iZD8auy9l7kM8JrV1ayeGjP927WE9Q572KohGXgeH6Kh5pZS88msSpmmL+Jr+
flqtYYByVDLNy4wxIf1h+SXEtSb90XdwJLdweKzEaV8P/H0SSMNZQUKek9Pl1XG/
7wWVOquU8FjxqGhKObAqZJuOUv8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQBPJvP
MLOdLeA+e9XMQm2Ie7YQGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVhOTM0MGYtZGQyNS00ZTMwLWE5NTItMjdjZThkOTkwNmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBA
MA0GCSqGSIb3DQEBCwUAA4IBAQDAqxmqpvf1W+3uFDoyR+twhMtsR21P2W2m4egW
4pSdCTgLpsDhZ85OKAe9OyrvvjAyl4TzMkwhfYHUocHNycApLQ8r5T39gXhMQmeM
cTWYBLk4BztohLbELLPGzrt9GbUd+5DNukL6tlLFNs3iANrah7TST/9zuCk/Oozb
uuz2dgphc6SdgpLxCpCFtwNQuv2hbUMahlXVD39f2qK9qs/kZ8x6MAVscGh16qNw
B6b/ia/TNCoMHOuuBj7fOeYGUiuYUcP2YxC8Yn2z3A4TQqqID+bRWhJcC3un+5Jq
YZZZLkC5OYs0vS/lroeqdR94U5Kgdj5yBDvMnUJSW/c5Uu2s
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:24:33 2026 by rpki-client