Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
File: a1796bea-01c9-41b7-b13d-6932c4f36a42.roa (raw, json)
Hash identifier: vpmcde8xt6IYdV5BjT4mBmrLl5uwhLyn1BiszhB9MmQ=
Subject key identifier: D9:84:BF:79:EC:2A:63:92:EE:15:5B:34:CF:51:3A:56:B2:86:C7:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13F80697388B5ACD5C8A2A2A64D00EF7127B646A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
Signing time: Sat 28 Feb 2026 05:30:13 +0000
ROA not before: Sat 28 Feb 2026 05:30:13 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:f8:06:97:38:8b:5a:cd:5c:8a:2a:2a:64:d0:0e:f7:12:7b:64:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:13 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=598261470037e84d2cb5f80c239a047ae6f7898787ac47930b1df5a70f041e7d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b2:c4:65:e1:d3:37:b5:b3:1c:91:0a:1c:77:
cb:50:96:8f:00:2d:3e:4a:57:38:29:a5:3a:9c:bb:
98:43:c0:4a:b8:0c:39:b8:a2:07:db:f2:98:76:c4:
a9:1f:ba:26:11:4b:c6:38:7c:f2:7f:48:2d:95:d6:
5c:4b:b1:1b:7f:2d:d2:7f:3d:78:b7:b0:e1:d1:91:
9f:06:b4:bd:60:88:e3:e8:9a:92:cb:29:e6:67:06:
0c:b2:a0:0b:d2:80:b9:15:23:85:c8:0a:09:29:2a:
20:3c:23:e9:7b:58:b7:34:50:76:22:0a:b0:38:6c:
a8:86:d3:2c:ca:f4:4b:32:01:f5:0e:da:5c:29:41:
b7:58:6f:d5:41:90:72:6e:27:e9:b2:b2:53:55:46:
61:9b:17:85:fa:c2:b1:f3:5a:d7:fd:40:84:a6:d3:
d7:63:ea:d3:bb:42:56:74:c0:e1:ac:d3:7f:d9:2f:
73:54:72:f7:2b:9f:16:b6:9f:79:0d:33:4a:aa:a5:
54:ea:88:a8:8f:a2:7a:6b:5f:0b:42:58:20:2a:a5:
f3:4b:5e:43:22:6d:b8:25:b1:2a:ff:8a:dc:3c:9a:
79:29:7c:65:19:3f:8d:7c:a2:6f:26:36:f5:f0:42:
99:33:99:f5:a9:d4:c0:f0:97:32:f2:85:72:60:04:
b5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:84:BF:79:EC:2A:63:92:EE:15:5B:34:CF:51:3A:56:B2:86:C7:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a000::/40
Signature Algorithm: sha256WithRSAEncryption
49:1e:6a:75:2a:22:e3:d2:e1:9e:c1:af:61:1d:67:6a:6b:9a:
d2:c7:51:bb:c5:4b:9a:94:7e:22:b9:85:c2:97:aa:ae:61:e9:
ea:dd:cd:48:bd:9e:9b:4f:21:f2:71:9f:f6:f5:a1:ad:6b:12:
33:34:ad:93:ee:c1:2d:dd:a7:53:8c:94:6e:b4:8e:ba:e6:61:
93:00:49:a2:52:50:76:2f:51:89:dc:0f:0b:1a:b9:62:a1:4e:
3d:68:4a:15:38:62:e5:95:e4:16:6f:b8:0f:62:a6:b0:b0:c2:
0a:38:9a:1a:18:59:53:a7:d3:fe:8b:21:49:2c:8b:0b:33:ce:
da:c7:20:50:5d:c5:33:e2:f0:12:ce:75:53:cd:ab:51:2e:22:
a3:39:51:8b:d5:ec:0e:a7:31:f7:4e:70:5c:d6:04:25:aa:88:
23:e5:13:37:e2:5e:a9:22:66:fc:6e:22:0b:60:88:6d:e3:07:
12:34:1a:23:3c:3d:55:3e:eb:3c:52:66:d6:35:88:67:94:71:
24:3a:77:8b:f5:99:92:3b:b4:bf:37:96:d8:8b:d6:8e:0a:64:
34:fc:22:98:d7:d2:60:92:bb:35:a6:ff:18:7a:35:ac:52:be:
eb:69:48:cd:35:6b:c1:77:a3:4b:2b:95:c1:a7:81:64:2e:af:
c9:f8:b6:0c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE/gGlziLWs1ciioqZNAO9xJ7ZGowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwMTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5ODI2MTQ3MDAzN2U4NGQyY2I1ZjgwYzIzOWEwNDdhZTZmNzg5ODc4N2Fj
NDc5MzBiMWRmNWE3MGYwNDFlN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKOyxGXh0ze1sxyRChx3y1CWjwAtPkpXOCmlOpy7mEPASrgMObiiB9vymHbE
qR+6JhFLxjh88n9ILZXWXEuxG38t0n89eLew4dGRnwa0vWCI4+iakssp5mcGDLKg
C9KAuRUjhcgKCSkqIDwj6XtYtzRQdiIKsDhsqIbTLMr0SzIB9Q7aXClBt1hv1UGQ
cm4n6bKyU1VGYZsXhfrCsfNa1/1AhKbT12Pq07tCVnTA4azTf9kvc1Ry9yufFraf
eQ0zSqqlVOqIqI+iemtfC0JYICql80teQyJtuCWxKv+K3DyaeSl8ZRk/jXyibyY2
9fBCmTOZ9anUwPCXMvKFcmAEtesCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZhL95
7Cpjku4VWzTPUTpWsobHkjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTE3OTZiZWEtMDFjOS00MWI3LWIxM2QtNjkzMmM0ZjM2YTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGg
MA0GCSqGSIb3DQEBCwUAA4IBAQBJHmp1KiLj0uGewa9hHWdqa5rSx1G7xUualH4i
uYXCl6quYenq3c1IvZ6bTyHycZ/29aGtaxIzNK2T7sEt3adTjJRutI665mGTAEmi
UlB2L1GJ3A8LGrlioU49aEoVOGLlleQWb7gPYqawsMIKOJoaGFlTp9P+iyFJLIsL
M87axyBQXcUz4vASznVTzatRLiKjOVGL1ewOpzH3TnBc1gQlqogj5RM34l6pImb8
biILYIht4wcSNBojPD1VPus8UmbWNYhnlHEkOneL9ZmSO7S/N5bYi9aOCmQ0/CKY
19Jgkrs1pv8YejWsUr7raUjNNWvBd6NLK5XBp4FkLq/J+LYM
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:13 2026 by rpki-client