Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1d03194-ccbe-4f42-86ad-223ce18146d3.roa
File: a1d03194-ccbe-4f42-86ad-223ce18146d3.roa (raw, json)
Hash identifier: VsD/Iyno6ImyJBn6SCaVcZIZe9bY5+gsn6i73OZUvYs=
Subject key identifier: 24:7F:06:A3:65:95:EF:AE:76:46:55:96:0B:AE:92:FC:A8:E9:75:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24C431AD17D69AF300F9BB5F05F3DB3D4273A510
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1d03194-ccbe-4f42-86ad-223ce18146d3.roa
Signing time: Wed 11 Feb 2026 01:30:34 +0000
ROA not before: Wed 11 Feb 2026 01:30:34 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:c4:31:ad:17:d6:9a:f3:00:f9:bb:5f:05:f3:db:3d:42:73:a5:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:30:34 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=905ae8988927346c1940368314a6b50ec15907015995a191b416fa16851c8163, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4d:ac:6d:fe:4e:4b:ad:d9:aa:6b:48:a1:37:
2e:0d:66:09:47:0b:6d:a8:91:09:1f:53:8c:53:df:
48:57:45:81:3f:99:a1:95:3d:b7:03:7a:69:cb:46:
be:3f:e6:da:df:95:96:e5:47:17:23:09:17:75:8d:
16:62:d7:38:53:d8:8b:e8:b5:6c:c8:35:22:6f:f9:
c0:1c:66:9a:c8:ce:73:a9:ea:d8:4a:c4:bc:2b:ac:
23:96:fb:16:b8:2c:c2:db:02:7f:4a:8e:13:6a:88:
ed:4f:b8:30:bc:27:7f:c7:3a:a6:fa:f1:a2:92:7a:
52:a7:be:25:5d:2c:a4:65:0c:c6:10:15:71:1f:18:
7c:14:ce:f0:d1:29:2f:b0:84:e2:2b:43:c2:ff:5c:
07:b5:e2:49:e5:e8:df:dd:8c:e5:35:de:69:a2:5b:
b6:a2:34:f5:3b:89:1b:eb:37:a2:08:dd:33:e5:b0:
68:fe:b6:ae:f3:f5:66:b4:ce:15:4e:a8:17:54:aa:
a8:c7:ee:b2:7d:7d:e6:81:be:34:b1:20:c5:2a:59:
5f:f8:9c:e8:5c:35:38:3d:23:93:0f:3b:fb:76:4e:
62:48:93:0c:34:e3:e1:00:ed:5f:da:0b:3b:68:02:
3b:aa:d3:88:a7:65:9e:ac:47:ca:7f:1c:53:75:ed:
23:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:7F:06:A3:65:95:EF:AE:76:46:55:96:0B:AE:92:FC:A8:E9:75:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1d03194-ccbe-4f42-86ad-223ce18146d3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:9000::/40
Signature Algorithm: sha256WithRSAEncryption
40:6a:3c:6f:2e:84:8d:47:57:2e:0a:65:be:fe:ae:23:17:66:
11:0e:01:a2:9e:89:9c:9b:8a:0f:95:89:3c:40:9a:c3:61:22:
5a:8a:3e:90:85:74:68:a2:3c:b5:65:f1:af:9f:75:ee:71:32:
92:af:91:3b:7d:26:6b:c5:a6:5b:63:16:d3:36:86:63:fe:7f:
40:de:b7:51:50:99:70:46:b4:e9:b1:f3:ee:46:40:69:5a:86:
ac:53:69:db:25:06:13:cd:0d:0e:75:d6:93:9e:e8:98:e6:e4:
67:53:ba:02:eb:5c:48:32:00:95:90:ea:e1:04:54:86:aa:a8:
0f:1d:63:f6:58:45:de:bf:a4:86:26:11:dc:1b:e5:b8:6f:3e:
2c:d8:5b:b9:dd:71:69:78:a6:35:6f:64:0f:e8:e9:91:de:a5:
3e:12:a0:b2:8f:03:c2:6f:be:6b:d8:a1:ae:ea:a7:e0:2a:44:
aa:8b:51:db:ce:55:ac:b8:70:c8:7d:97:1f:cc:a5:b6:90:a8:
6c:2b:00:46:b4:e1:8a:89:f2:a5:11:98:91:70:f8:32:dd:e4:
34:41:b6:b6:56:a8:fd:36:c2:37:6c:50:af:d9:95:4d:dc:26:
53:94:6a:c5:38:27:91:ba:2f:8c:fb:f0:b8:bb:e7:45:71:08:
82:47:1a:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJMQxrRfWmvMA+btfBfPbPUJzpRAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTMwMzRaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwNWFlODk4ODkyNzM0NmMxOTQwMzY4MzE0YTZiNTBlYzE1OTA3MDE1OTk1
YTE5MWI0MTZmYTE2ODUxYzgxNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1NrG3+Tkut2aprSKE3Lg1mCUcLbaiRCR9TjFPfSFdFgT+ZoZU9twN6actG
vj/m2t+VluVHFyMJF3WNFmLXOFPYi+i1bMg1Im/5wBxmmsjOc6nq2ErEvCusI5b7
FrgswtsCf0qOE2qI7U+4MLwnf8c6pvrxopJ6Uqe+JV0spGUMxhAVcR8YfBTO8NEp
L7CE4itDwv9cB7XiSeXo392M5TXeaaJbtqI09TuJG+s3ogjdM+WwaP62rvP1ZrTO
FU6oF1SqqMfusn195oG+NLEgxSpZX/ic6Fw1OD0jkw87+3ZOYkiTDDTj4QDtX9oL
O2gCO6rTiKdlnqxHyn8cU3XtIxMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQkfwaj
ZZXvrnZGVZYLrpL8qOl1dTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTFkMDMxOTQtY2NiZS00ZjQyLTg2YWQtMjIzY2UxODE0NmQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GqQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBAajxvLoSNR1cuCmW+/q4jF2YRDgGinomcm4oP
lYk8QJrDYSJaij6QhXRoojy1ZfGvn3XucTKSr5E7fSZrxaZbYxbTNoZj/n9A3rdR
UJlwRrTpsfPuRkBpWoasU2nbJQYTzQ0OddaTnuiY5uRnU7oC61xIMgCVkOrhBFSG
qqgPHWP2WEXev6SGJhHcG+W4bz4s2Fu53XFpeKY1b2QP6OmR3qU+EqCyjwPCb75r
2KGu6qfgKkSqi1HbzlWsuHDIfZcfzKW2kKhsKwBGtOGKifKlEZiRcPgy3eQ0Qba2
Vqj9NsI3bFCv2ZVN3CZTlGrFOCeRui+M+/C4u+dFcQiCRxoH
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:54:36 2026 by rpki-client