Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
File: a96d9971-6d4e-47a3-9408-d633699b643b.roa (raw, json)
Hash identifier: J9Pg4eMe/uoSBGo27A9zuwLRzpHFL7KIn5PZhFXeT6o=
Subject key identifier: FE:54:47:C1:D3:BE:5C:90:23:AB:AD:59:6F:EE:66:5F:C6:3D:4D:2D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 040EFD90D1EBA28B56FAC7B7EBC75E4FC1F02181
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
Signing time: Sat 28 Feb 2026 05:20:47 +0000
ROA not before: Sat 28 Feb 2026 05:20:47 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:0e:fd:90:d1:eb:a2:8b:56:fa:c7:b7:eb:c7:5e:4f:c1:f0:21:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:47 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=8f8a6cb092863c537c31ce3093221ab11d93702760c9392815945ab5dea02b69, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fb:39:2e:7c:8d:94:06:63:2d:0a:66:a2:c4:
21:3a:40:ae:68:38:9e:d8:81:f2:7a:3b:5d:17:5b:
3e:d2:e5:e0:3f:5f:fa:98:20:3a:4a:a3:0a:9d:f6:
af:f1:96:ca:ee:e0:98:58:f7:21:58:2a:b3:a1:95:
47:56:5f:f7:3f:77:31:e9:5a:24:36:ec:cc:bf:c3:
af:1f:40:53:9a:1c:e1:90:85:c5:71:0a:07:4e:43:
15:64:d3:80:8e:ed:05:42:cf:ca:52:0b:1a:3b:99:
0b:a9:ad:a0:b3:ed:00:3d:0f:4b:a5:62:61:77:70:
3e:f0:89:61:a0:de:3e:9b:32:eb:d3:d9:f6:23:13:
e3:7b:4b:30:a8:8d:15:a9:ff:ed:3b:c1:86:22:16:
33:27:63:63:c6:34:6b:80:05:62:ab:7c:44:50:54:
62:08:61:4c:4b:a5:e3:ed:55:b0:62:9e:8b:6e:2f:
d8:80:14:7a:6c:12:92:b1:8e:1b:5a:78:68:10:cb:
39:bf:e6:26:ef:0b:32:56:1a:a4:cd:25:1f:8b:5f:
fd:34:29:6b:79:20:67:f1:cd:14:48:2d:37:72:8f:
eb:47:08:bf:cb:f7:3f:46:78:82:d0:43:3c:c4:0a:
e0:7e:4e:e7:f9:de:6b:d9:72:d3:ab:e8:d2:fb:77:
d0:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:54:47:C1:D3:BE:5C:90:23:AB:AD:59:6F:EE:66:5F:C6:3D:4D:2D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:2000::/40
Signature Algorithm: sha256WithRSAEncryption
9c:7c:fc:34:e3:c1:92:15:3e:a4:62:4d:14:f2:22:ee:22:4d:
72:2a:e3:3e:02:98:cb:b3:65:78:e2:a3:a9:fc:0d:21:8c:ae:
d7:93:d8:28:b0:38:c4:75:c2:6d:01:b2:a1:24:2f:e8:c2:2d:
3a:ec:a9:eb:dd:88:30:b6:3b:a0:5d:41:dc:88:9f:03:6a:e4:
8e:e5:97:a1:39:47:80:9b:d5:03:d5:65:df:a7:da:df:c9:55:
96:75:c4:d7:ac:53:28:1a:1f:ce:38:da:2f:01:12:d8:81:9c:
97:14:b5:9f:c7:10:7f:4b:9a:c1:7c:f9:3a:b6:ce:cc:c2:a2:
b2:6d:55:30:2e:91:04:d7:25:06:fa:12:87:27:c1:41:c1:71:
2a:85:86:a8:97:78:99:03:58:c7:2c:8a:36:52:39:4c:bc:1e:
3d:8d:74:89:9a:be:36:3c:60:45:51:97:5c:ab:c9:e3:02:87:
ba:3d:fb:6e:6f:30:8a:32:b5:df:e2:ea:c1:ee:62:f4:dd:6e:
65:77:0d:5a:44:75:c0:ec:ed:8e:89:53:b0:bc:22:b4:c0:f4:
f8:e5:b7:fe:89:55:7e:37:c3:1f:26:c5:34:5f:0a:3e:1a:14:
9f:32:f8:9b:ab:0c:73:54:34:1f:a9:b7:34:e0:63:f2:ca:9d:
db:62:63:c2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBA79kNHrootW+se368deT8HwIYEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwNDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmOGE2Y2IwOTI4NjNjNTM3YzMxY2UzMDkzMjIxYWIxMWQ5MzcwMjc2MGM5
MzkyODE1OTQ1YWI1ZGVhMDJiNjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL37OS58jZQGYy0KZqLEITpArmg4ntiB8no7XRdbPtLl4D9f+pggOkqjCp32
r/GWyu7gmFj3IVgqs6GVR1Zf9z93MelaJDbszL/Drx9AU5oc4ZCFxXEKB05DFWTT
gI7tBULPylILGjuZC6mtoLPtAD0PS6ViYXdwPvCJYaDePpsy69PZ9iMT43tLMKiN
Fan/7TvBhiIWMydjY8Y0a4AFYqt8RFBUYghhTEul4+1VsGKei24v2IAUemwSkrGO
G1p4aBDLOb/mJu8LMlYapM0lH4tf/TQpa3kgZ/HNFEgtN3KP60cIv8v3P0Z4gtBD
PMQK4H5O5/nea9ly06vo0vt30KkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+VEfB
075ckCOrrVlv7mZfxj1NLTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTk2ZDk5NzEtNmQ0ZS00N2EzLTk0MDgtZDYzMzY5OWI2NDNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4g
MA0GCSqGSIb3DQEBCwUAA4IBAQCcfPw048GSFT6kYk0U8iLuIk1yKuM+ApjLs2V4
4qOp/A0hjK7Xk9gosDjEdcJtAbKhJC/owi067Knr3YgwtjugXUHciJ8DauSO5Zeh
OUeAm9UD1WXfp9rfyVWWdcTXrFMoGh/OONovARLYgZyXFLWfxxB/S5rBfPk6ts7M
wqKybVUwLpEE1yUG+hKHJ8FBwXEqhYaol3iZA1jHLIo2UjlMvB49jXSJmr42PGBF
UZdcq8njAoe6PftubzCKMrXf4urB7mL03W5ldw1aRHXA7O2OiVOwvCK0wPT45bf+
iVV+N8MfJsU0Xwo+GhSfMvibqwxzVDQfqbc04GPyyp3bYmPC
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:29:57 2026 by rpki-client