Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa
File: a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa (raw, json)
Hash identifier: zljpvvX4ec8RHLy8xx5GwkMBuWeruZ9Oq6v3qiCppKw=
Subject key identifier: F6:21:D7:D2:35:3B:09:A4:1E:28:32:53:3B:91:2F:21:CF:00:13:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71424C553B64785A90987680B9198BED5E01F33C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa
Signing time: Sat 28 Feb 2026 06:00:52 +0000
ROA not before: Sat 28 Feb 2026 06:00:52 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:42:4c:55:3b:64:78:5a:90:98:76:80:b9:19:8b:ed:5e:01:f3:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:52 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c79f4467ba3c643ddb8e4462dc1b7ead68c2bf93a500090e30e2a5cf3903ffc8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:78:07:a1:9e:72:01:f2:0a:de:06:32:f4:0a:
11:ab:be:2b:1c:80:00:a4:34:a6:e0:a7:db:a8:ce:
c3:25:ea:6c:bf:b3:1d:73:4d:d0:bf:3f:cd:10:35:
b9:20:26:36:44:5f:cc:46:f8:e9:f0:f1:49:c7:79:
f8:a7:3d:b5:83:cb:9f:3e:b0:d0:36:06:81:53:4c:
29:81:3f:ac:8d:be:32:56:f9:f3:a4:9f:19:1c:ee:
75:18:48:98:c2:84:d9:46:26:a2:1c:16:a4:03:ba:
ca:4e:46:34:5c:96:a5:f9:58:71:a7:48:e6:63:05:
f4:65:4a:08:4d:b8:db:65:bb:6e:68:1d:68:2d:08:
08:cf:5f:c4:41:ee:a7:f7:fd:e6:a2:94:81:98:1b:
2c:e3:73:13:9a:c7:62:9a:ac:19:0c:58:f4:40:1a:
80:03:59:34:ae:11:96:dd:ea:68:db:63:14:c0:f9:
cb:60:94:04:ea:10:d2:e4:15:2d:a4:63:9c:e5:ed:
62:54:b4:13:00:ac:91:ec:64:b7:f2:fa:43:5b:11:
0d:7a:ab:69:cb:d9:0a:4a:75:f5:88:43:c7:da:b5:
2e:e0:d0:1d:5b:29:b8:25:51:b3:a0:46:8c:6d:02:
ce:3a:7b:8c:0e:95:5c:4c:ce:d2:41:b5:46:83:f8:
8f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:21:D7:D2:35:3B:09:A4:1E:28:32:53:3B:91:2F:21:CF:00:13:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8c00::/38
Signature Algorithm: sha256WithRSAEncryption
69:0e:cb:bc:33:33:61:79:89:50:e8:fa:2d:3c:4e:af:b0:cf:
00:a8:7e:05:f0:51:76:c3:66:6b:7a:c0:26:32:56:9d:25:c9:
5c:1d:13:fe:c8:df:46:1b:6b:b0:c5:ae:2d:81:b2:8a:b9:19:
6a:69:06:22:bf:2d:48:5e:90:1c:c3:63:69:65:ee:fd:94:7c:
74:43:7f:e6:51:52:42:c9:d0:d2:a1:51:e1:3f:3c:07:4e:48:
48:eb:99:df:8b:55:a9:95:e7:84:45:c9:d7:50:f3:7d:7e:58:
a1:39:16:b2:cc:02:93:4c:3c:1b:58:0c:41:8d:71:9c:e7:c9:
60:fc:6d:a4:99:7a:fa:0b:71:80:78:55:7c:b9:bc:ca:67:a5:
6b:80:70:cc:70:81:2e:6a:6f:a7:18:ce:e2:89:85:ed:cf:d8:
d7:4e:9f:b0:f1:94:51:c1:40:c8:b2:99:a0:7f:7e:57:1d:dc:
bd:5d:04:a6:76:51:0d:ef:ff:fa:db:98:43:d0:b6:d3:c1:9a:
e9:e5:8a:30:ad:72:ee:83:7a:6d:f4:73:26:05:5f:2c:1b:47:
39:45:90:bb:5c:80:e5:84:58:89:17:87:f4:57:82:47:1f:db:
26:da:8b:a5:14:d5:25:0b:92:11:1e:77:fa:db:d1:2a:61:c7:
64:7b:79:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcUJMVTtkeFqQmHaAuRmL7V4B8zwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwNTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3OWY0NDY3YmEzYzY0M2RkYjhlNDQ2MmRjMWI3ZWFkNjhjMmJmOTNhNTAw
MDkwZTMwZTJhNWNmMzkwM2ZmYzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIt4B6GecgHyCt4GMvQKEau+KxyAAKQ0puCn26jOwyXqbL+zHXNN0L8/zRA1
uSAmNkRfzEb46fDxScd5+Kc9tYPLnz6w0DYGgVNMKYE/rI2+Mlb586SfGRzudRhI
mMKE2UYmohwWpAO6yk5GNFyWpflYcadI5mMF9GVKCE2422W7bmgdaC0ICM9fxEHu
p/f95qKUgZgbLONzE5rHYpqsGQxY9EAagANZNK4Rlt3qaNtjFMD5y2CUBOoQ0uQV
LaRjnOXtYlS0EwCskexkt/L6Q1sRDXqracvZCkp19YhDx9q1LuDQHVspuCVRs6BG
jG0Czjp7jA6VXEzO0kG1RoP4j1kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT2IdfS
NTsJpB4oMlM7kS8hzwATtDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTlhNGYzY2QtNjAzYS00ZmRjLWJkNjUtOGQ5NDg4ZDRmZDA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCM
MA0GCSqGSIb3DQEBCwUAA4IBAQBpDsu8MzNheYlQ6PotPE6vsM8AqH4F8FF2w2Zr
esAmMladJclcHRP+yN9GG2uwxa4tgbKKuRlqaQYivy1IXpAcw2NpZe79lHx0Q3/m
UVJCydDSoVHhPzwHTkhI65nfi1WpleeERcnXUPN9flihORayzAKTTDwbWAxBjXGc
58lg/G2kmXr6C3GAeFV8ubzKZ6VrgHDMcIEuam+nGM7iiYXtz9jXTp+w8ZRRwUDI
spmgf35XHdy9XQSmdlEN7//625hD0LbTwZrp5YowrXLug3pt9HMmBV8sG0c5RZC7
XIDlhFiJF4f0V4JHH9sm2oulFNUlC5IRHnf629EqYcdke3ma
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:11:12 2026 by rpki-client