Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa
File: a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa (raw, json)
Hash identifier: 7Wml0hM2iiL3KOBCkg3xiIG1sAgTpXGLVhNsoEowRsY=
Subject key identifier: 31:05:AC:25:1E:9D:C7:F3:D8:BA:3C:A0:D3:B9:DE:FF:01:07:34:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16F24931668D39F9EE5D52DDB55C255769CE4E65
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa
Signing time: Tue 17 Feb 2026 03:10:07 +0000
ROA not before: Tue 17 Feb 2026 03:10:07 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:f2:49:31:66:8d:39:f9:ee:5d:52:dd:b5:5c:25:57:69:ce:4e:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:07 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=a357fd2eb51ccfc85d2879a1fd2e586d47694d9140daac9b50aa3d0fc0ad317f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:df:42:ec:01:8f:ed:92:fa:94:f2:63:9d:e2:
b9:ef:af:2d:7c:2a:dc:f0:13:e9:ae:81:7e:1a:45:
e3:77:04:8d:b8:58:ac:fd:c8:e9:f8:35:cc:2b:b7:
e7:95:46:ee:60:ee:b2:71:30:25:85:3e:da:55:87:
84:e3:95:bf:cf:93:e1:d1:ae:49:77:8b:67:13:9b:
67:7e:8c:ee:92:a2:0a:1f:03:86:65:1b:b1:7f:39:
4b:14:a4:a8:5d:10:bb:ca:5f:9a:39:9e:b3:5c:ce:
90:02:9f:7c:f2:e2:bc:94:ad:ad:37:76:26:20:92:
35:eb:f9:87:0f:55:c6:07:b9:54:f6:97:a0:c7:d6:
d3:a0:3a:3a:8c:7c:ae:56:b7:54:84:13:bd:4e:b3:
02:9c:f1:9a:e3:b2:19:39:63:55:32:22:44:fe:ae:
43:f5:91:5e:a2:92:e1:5f:cc:ac:bc:6e:86:39:e4:
f4:96:97:53:3f:f8:49:0b:08:ed:f8:60:47:fa:4a:
e5:33:e9:87:ca:67:21:21:5d:5c:b7:f9:d3:6d:ab:
2f:15:12:27:bb:a2:ce:b4:35:f1:59:e1:71:de:f0:
ed:61:cf:ce:5c:da:4f:8c:c5:d9:18:8a:c6:fd:62:
c3:34:52:c1:80:17:59:ee:93:02:55:a7:2e:2d:43:
af:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:05:AC:25:1E:9D:C7:F3:D8:BA:3C:A0:D3:B9:DE:FF:01:07:34:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e::/32
Signature Algorithm: sha256WithRSAEncryption
38:fe:5b:03:a2:c1:bb:08:4b:d8:c2:e2:7f:33:c7:5c:38:75:
2c:ac:76:b4:d3:b3:37:9f:0d:6b:8f:a2:83:a2:84:b9:dc:11:
05:2b:ff:4c:ac:9a:cf:2b:a5:dd:e5:18:ba:ac:4e:83:66:ca:
aa:82:4a:8a:2e:77:5c:e2:de:25:23:2d:45:7b:7f:ec:87:0e:
af:e1:41:d5:73:39:9e:d0:3f:88:50:ed:06:cb:d8:78:2f:3f:
f4:9a:72:9a:12:b3:60:eb:57:84:53:f7:0b:63:c7:0f:d3:58:
67:27:13:83:e2:49:47:38:4e:b8:22:83:33:20:9b:a7:07:62:
54:11:f1:09:b5:c0:e5:12:91:0a:a4:58:7d:d8:9e:d2:18:24:
85:f9:88:a3:c6:42:59:be:fc:22:d2:9a:06:66:75:33:d3:03:
cc:ed:39:32:0b:3a:af:a6:79:43:0e:fe:f8:09:30:72:05:0c:
c6:72:dd:22:53:00:39:6e:6a:a2:05:cd:3e:26:01:2f:9d:14:
df:e8:50:33:d7:c4:6c:eb:8e:41:ed:29:44:1b:a6:7c:6b:de:
c0:74:9d:2b:e3:e5:50:86:0e:e1:0e:d7:cb:1a:4c:57:7d:21:
43:89:85:37:b1:3d:6c:92:87:1e:28:b7:e3:ba:9e:08:96:c8:
cf:9d:8e:67
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUFvJJMWaNOfnuXVLdtVwlV2nOTmUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMDdaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzNTdmZDJlYjUxY2NmYzg1ZDI4NzlhMWZkMmU1ODZkNDc2OTRkOTE0MGRh
YWM5YjUwYWEzZDBmYzBhZDMxN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOTfQuwBj+2S+pTyY53iue+vLXwq3PAT6a6BfhpF43cEjbhYrP3I6fg1zCu3
55VG7mDusnEwJYU+2lWHhOOVv8+T4dGuSXeLZxObZ36M7pKiCh8DhmUbsX85SxSk
qF0Qu8pfmjmes1zOkAKffPLivJStrTd2JiCSNev5hw9Vxge5VPaXoMfW06A6Oox8
rla3VIQTvU6zApzxmuOyGTljVTIiRP6uQ/WRXqKS4V/MrLxuhjnk9JaXUz/4SQsI
7fhgR/pK5TPph8pnISFdXLf5022rLxUSJ7uizrQ18Vnhcd7w7WHPzlzaT4zF2RiK
xv1iwzRSwYAXWe6TAlWnLi1Dr1sCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQxBawl
Hp3H89i6PKDTud7/AQc0FDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTkzNTFmMGYtMWRlNy00ZTc1LTk1MDItOTM5YThlYTcyZWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0G4w
DQYJKoZIhvcNAQELBQADggEBADj+WwOiwbsIS9jC4n8zx1w4dSysdrTTszefDWuP
ooOihLncEQUr/0ysms8rpd3lGLqsToNmyqqCSooud1zi3iUjLUV7f+yHDq/hQdVz
OZ7QP4hQ7QbL2HgvP/SacpoSs2DrV4RT9wtjxw/TWGcnE4PiSUc4TrgigzMgm6cH
YlQR8Qm1wOUSkQqkWH3YntIYJIX5iKPGQlm+/CLSmgZmdTPTA8ztOTILOq+meUMO
/vgJMHIFDMZy3SJTADluaqIFzT4mAS+dFN/oUDPXxGzrjkHtKUQbpnxr3sB0nSvj
5VCGDuEO18saTFd9IUOJhTexPWyShx4ot+O6ngiWyM+djmc=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:06 2026 by rpki-client