Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
File: 9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa (raw, json)
Hash identifier: esa6riEoJitac1cHuwb9K8BZR7iU/yaUVs0HJLH1gEE=
Subject key identifier: 1F:F8:FE:28:BE:09:C8:A6:DE:44:F7:ED:AD:69:8B:0F:1F:88:8D:23
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1889562E2B770D38C3CB9D1977280A1EA7362CFD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
Signing time: Sat 28 Feb 2026 05:31:14 +0000
ROA not before: Sat 28 Feb 2026 05:31:14 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:89:56:2e:2b:77:0d:38:c3:cb:9d:19:77:28:0a:1e:a7:36:2c:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:31:14 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=a804a8b2d1bfefd06813a424252a8c5e5dd1ef0371293f7bc473017ee52b60f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:5e:8a:a2:f2:3a:0b:28:0b:b2:87:d2:dd:3b:
00:83:ae:e9:36:a5:8a:7f:24:ee:b5:44:eb:14:b4:
f7:07:76:95:90:e4:51:86:7c:05:8f:46:a8:63:1e:
e8:7f:55:cb:c1:be:12:c8:79:d0:30:6b:4d:2a:3a:
b2:cf:3f:71:c3:4f:42:d2:6c:7f:03:16:65:4c:4a:
2f:02:eb:07:92:48:62:7c:1f:00:11:c2:2b:3c:64:
6c:3f:69:03:d7:c7:a4:74:80:d2:73:48:8e:40:79:
c5:15:c1:03:70:d5:21:89:53:aa:69:84:d1:bf:19:
ec:b7:f3:91:1a:e8:93:3b:ab:a9:38:76:af:94:4f:
1e:c1:9a:18:9c:b2:33:92:1e:26:59:22:f0:00:36:
7d:5b:d0:06:b0:1b:ff:80:22:fa:17:e0:72:19:3b:
35:9c:1b:2c:f0:df:8c:dd:7d:1c:d1:d5:d5:3d:34:
a7:34:49:0a:b0:29:41:1e:6b:ef:2d:cd:ce:0d:49:
2e:c9:3c:21:b2:5c:01:45:f8:9a:32:de:b2:61:b1:
3e:ee:dd:61:dc:d1:74:35:f5:78:4d:77:14:2e:03:
c8:cc:f7:df:ed:dc:8a:ba:3f:dc:bc:8e:37:ff:b0:
67:fd:f4:0c:d3:a3:ef:8b:21:67:82:7d:e7:c2:a7:
6f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F8:FE:28:BE:09:C8:A6:DE:44:F7:ED:AD:69:8B:0F:1F:88:8D:23
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a000::/40
Signature Algorithm: sha256WithRSAEncryption
58:c6:5a:e1:b2:c5:89:0d:30:00:bc:28:05:b4:ca:b6:b4:49:
28:f5:54:b6:56:e1:eb:93:4d:f4:01:dc:50:1d:ab:fe:5e:37:
fd:1c:c3:74:c6:65:f8:82:c7:b5:e8:09:b9:29:cc:0a:c5:d5:
81:b7:da:80:96:30:e2:0d:79:e9:e3:fd:f2:a6:82:b7:fd:12:
60:e2:8c:c4:8a:17:a3:ea:56:56:26:92:69:44:77:e9:8d:e2:
13:fc:1d:87:55:39:2b:39:c1:2c:ad:9d:b2:bf:0a:6f:80:2b:
a7:69:bd:f0:7c:71:58:65:56:6a:a0:fa:12:0b:b6:b8:85:1d:
81:40:ac:32:61:de:3e:69:28:43:8e:5f:2a:79:97:a2:55:b8:
fa:62:11:f5:ac:07:8b:fd:13:56:ab:fb:69:0d:8b:62:55:e4:
15:17:4d:1d:f8:32:0b:36:b5:18:da:78:98:c2:38:11:2a:09:
9c:75:14:b7:ed:92:93:88:a5:5c:59:c3:75:a8:7e:62:14:28:
2b:c8:45:bc:54:68:b0:3d:45:f9:75:39:8d:63:ce:96:af:3c:
cf:94:d7:ea:b0:72:c7:d9:cf:74:6f:7f:c8:33:66:a3:da:e7:
42:28:be:fc:4a:a5:6b:12:a6:15:b2:b5:cf:16:a0:46:4a:09:
6c:fa:96:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGIlWLit3DTjDy50ZdygKHqc2LP0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMxMTRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4MDRhOGIyZDFiZmVmZDA2ODEzYTQyNDI1MmE4YzVlNWRkMWVmMDM3MTI5
M2Y3YmM0NzMwMTdlZTUyYjYwZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPVeiqLyOgsoC7KH0t07AIOu6Talin8k7rVE6xS09wd2lZDkUYZ8BY9GqGMe
6H9Vy8G+Esh50DBrTSo6ss8/ccNPQtJsfwMWZUxKLwLrB5JIYnwfABHCKzxkbD9p
A9fHpHSA0nNIjkB5xRXBA3DVIYlTqmmE0b8Z7LfzkRrokzurqTh2r5RPHsGaGJyy
M5IeJlki8AA2fVvQBrAb/4Ai+hfgchk7NZwbLPDfjN19HNHV1T00pzRJCrApQR5r
7y3Nzg1JLsk8IbJcAUX4mjLesmGxPu7dYdzRdDX1eE13FC4DyMz33+3ciro/3LyO
N/+wZ/30DNOj74shZ4J958Knb0UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQf+P4o
vgnIpt5E9+2taYsPH4iNIzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZkOTg3ZmEtMzBlOC00MGJjLTg5YzItZDg5NzA1ZDVmYjgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACg
MA0GCSqGSIb3DQEBCwUAA4IBAQBYxlrhssWJDTAAvCgFtMq2tEko9VS2VuHrk030
AdxQHav+Xjf9HMN0xmX4gse16Am5KcwKxdWBt9qAljDiDXnp4/3ypoK3/RJg4ozE
ihej6lZWJpJpRHfpjeIT/B2HVTkrOcEsrZ2yvwpvgCunab3wfHFYZVZqoPoSC7a4
hR2BQKwyYd4+aShDjl8qeZeiVbj6YhH1rAeL/RNWq/tpDYtiVeQVF00d+DILNrUY
2niYwjgRKgmcdRS37ZKTiKVcWcN1qH5iFCgryEW8VGiwPUX5dTmNY86WrzzPlNfq
sHLH2c90b3/IM2aj2udCKL78SqVrEqYVsrXPFqBGSgls+pb6
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:28:10 2026 by rpki-client