Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fa19511-0738-48ff-a25a-e667f5ca90f8.roa
File: 9fa19511-0738-48ff-a25a-e667f5ca90f8.roa (raw, json)
Hash identifier: X0Ir49KQHkCnbXme4VJzv3T4VX7BFZAVSwMv0FARUk0=
Subject key identifier: FE:C0:91:A8:E7:7B:A9:67:62:A2:66:2F:AD:F8:24:DC:06:FC:47:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B78C057877C4AAA7E6B7271ECD4268D2A7A345B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fa19511-0738-48ff-a25a-e667f5ca90f8.roa
Signing time: Tue 24 Feb 2026 04:10:37 +0000
ROA not before: Tue 24 Feb 2026 04:10:37 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d077::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:78:c0:57:87:7c:4a:aa:7e:6b:72:71:ec:d4:26:8d:2a:7a:34:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 04:10:37 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=d558c656751d42428e39cb3eb53930409da84b4d71aa4bac56cf7c5b3f7c24f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e4:a3:23:c7:b1:53:30:5f:cf:d6:55:de:e5:
a4:d3:a7:10:bc:ca:ff:b3:14:2f:c4:ce:4a:f0:75:
62:d0:f6:cc:c4:e7:2d:92:18:44:34:a6:04:ac:f7:
69:74:cd:4f:49:11:1f:d2:8e:36:da:e6:22:7a:ba:
27:b9:d7:ad:88:6f:53:7d:9b:e9:74:1f:18:c6:95:
94:a5:1f:2a:a5:47:1a:f9:c7:5f:a8:c1:b0:26:1f:
78:70:5e:fc:5a:14:63:03:17:94:08:32:b2:a9:59:
95:b8:e1:62:f1:42:ca:29:b0:3f:ea:ba:29:6b:22:
46:6f:c1:6f:b2:b0:4b:41:5f:27:ab:b6:52:f4:5a:
cb:cd:54:de:95:51:88:23:66:88:25:b0:66:ba:74:
74:78:0e:db:e6:33:f0:27:00:ce:88:b6:d6:52:1e:
98:b5:d3:21:d9:7b:54:92:67:c7:75:f2:94:2d:da:
6d:fc:8d:f1:44:ec:99:9b:7b:a7:03:29:e8:0e:b6:
87:00:52:c0:e6:71:9b:e1:be:9f:27:43:5e:57:3b:
00:51:58:bc:46:db:7e:01:46:47:1b:0f:54:41:47:
01:86:33:52:63:45:c3:c6:42:82:76:1c:f1:a0:e0:
92:39:ea:a3:b7:c4:62:eb:49:d2:36:7b:f0:c7:b5:
78:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C0:91:A8:E7:7B:A9:67:62:A2:66:2F:AD:F8:24:DC:06:FC:47:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fa19511-0738-48ff-a25a-e667f5ca90f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077::/32
Signature Algorithm: sha256WithRSAEncryption
0e:8d:82:e8:1c:ce:d2:09:61:7c:e7:02:d9:a3:7d:d7:d8:f7:
7b:92:80:eb:77:4a:d4:90:0d:23:1f:20:47:4e:d2:38:f7:7f:
58:ef:cd:31:30:be:c1:61:23:72:76:f4:28:1b:bb:1e:54:a2:
5d:51:eb:06:dc:85:e5:f1:dc:05:2e:2a:cc:e7:67:84:5f:37:
01:5f:a7:bb:94:63:27:d7:11:5c:02:7c:ed:d9:5d:63:49:75:
b5:7a:8e:95:03:ce:65:21:6e:da:99:87:f4:6f:91:e0:7c:e4:
e5:15:1a:63:35:bb:4f:f4:61:a7:d1:83:f2:5d:fe:22:2e:97:
3c:96:c2:e7:16:49:77:3a:d9:a4:d9:ae:4c:e0:67:71:22:ee:
c4:6c:de:10:84:bb:45:a1:92:27:f3:d5:ad:99:8c:f4:8a:66:
42:ef:cb:5e:11:c3:88:75:01:55:7a:fe:5a:e4:48:70:9e:ae:
5b:bb:e2:0a:4a:11:33:c6:97:2f:c8:10:9b:93:a7:51:15:54:
4c:6c:b0:11:16:8d:df:21:0b:e9:16:e7:4f:06:2f:62:0e:ac:
98:d1:8b:1f:b6:e2:f2:c4:0b:88:f7:70:d7:84:09:e7:52:eb:
14:5b:3e:d6:8a:02:aa:40:1c:f4:7c:56:aa:3a:e4:f6:87:1d:
96:35:4f:77
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUa3jAV4d8Sqp+a3Jx7NQmjSp6NFswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwNDEwMzdaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1NThjNjU2NzUxZDQyNDI4ZTM5Y2IzZWI1MzkzMDQwOWRhODRiNGQ3MWFh
NGJhYzU2Y2Y3YzViM2Y3YzI0ZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPkoyPHsVMwX8/WVd7lpNOnELzK/7MUL8TOSvB1YtD2zMTnLZIYRDSmBKz3
aXTNT0kRH9KONtrmInq6J7nXrYhvU32b6XQfGMaVlKUfKqVHGvnHX6jBsCYfeHBe
/FoUYwMXlAgysqlZlbjhYvFCyimwP+q6KWsiRm/Bb7KwS0FfJ6u2UvRay81U3pVR
iCNmiCWwZrp0dHgO2+Yz8CcAzoi21lIemLXTIdl7VJJnx3XylC3abfyN8UTsmZt7
pwMp6A62hwBSwOZxm+G+nydDXlc7AFFYvEbbfgFGRxsPVEFHAYYzUmNFw8ZCgnYc
8aDgkjnqo7fEYutJ0jZ78Me1ePkCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBT+wJGo
53upZ2KiZi+t+CTcBvxHQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZhMTk1MTEtMDczOC00OGZmLWEyNWEtZTY2N2Y1Y2E5MGY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hcw
DQYJKoZIhvcNAQELBQADggEBAA6NgugcztIJYXznAtmjfdfY93uSgOt3StSQDSMf
IEdO0jj3f1jvzTEwvsFhI3J29Cgbux5Uol1R6wbcheXx3AUuKsznZ4RfNwFfp7uU
YyfXEVwCfO3ZXWNJdbV6jpUDzmUhbtqZh/RvkeB85OUVGmM1u0/0YafRg/Jd/iIu
lzyWwucWSXc62aTZrkzgZ3Ei7sRs3hCEu0Whkifz1a2ZjPSKZkLvy14Rw4h1AVV6
/lrkSHCerlu74gpKETPGly/IEJuTp1EVVExssBEWjd8hC+kW508GL2IOrJjRix+2
4vLEC4j3cNeECedS6xRbPtaKAqpAHPR8Vqo65PaHHZY1T3c=
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:48 2026 by rpki-client