Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b163c4ff-990b-4080-b1ba-e854e6bb4cb1.roa
File: b163c4ff-990b-4080-b1ba-e854e6bb4cb1.roa (raw, json)
Hash identifier: 36uZdYRmbgkB3V635+/b8+0ABMgJuHY+fcY+YzYFEQU=
Subject key identifier: F8:34:BA:17:22:98:57:BE:B0:6F:D7:89:32:D2:3C:8D:B2:93:12:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6741E09C9280246B5D3DBA3A7CEF283115A0950B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b163c4ff-990b-4080-b1ba-e854e6bb4cb1.roa
Signing time: Wed 11 Feb 2026 01:20:12 +0000
ROA not before: Wed 11 Feb 2026 01:20:12 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:41:e0:9c:92:80:24:6b:5d:3d:ba:3a:7c:ef:28:31:15:a0:95:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:20:12 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=adab54f97c43a6808dd3289b1aafa9200238880b8271211f98be66ade26ff3c1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:84:60:eb:78:e4:81:22:4c:20:1d:14:bc:b7:
79:b1:1b:3e:45:45:93:72:34:9d:1b:56:c0:d2:5e:
97:4b:1a:ca:40:c0:09:89:ab:8a:90:35:40:5f:49:
fe:0d:70:58:d2:5f:b8:dd:29:63:ce:96:41:df:d4:
fa:c7:08:6c:67:64:39:3d:33:b0:1f:df:7f:6c:38:
91:e0:60:eb:df:ee:b2:cd:4c:22:0e:86:00:24:d2:
75:f4:ca:ce:80:17:ae:56:c7:dd:c2:4e:1e:86:d0:
93:e5:4c:d0:84:8d:a2:11:d2:2e:8e:54:41:e7:34:
4c:12:31:85:53:0b:9d:e7:6e:84:c3:cc:60:03:fa:
91:a9:1c:d8:c6:69:46:ec:a7:70:93:28:65:cf:1c:
f1:b3:71:70:cc:ec:55:ff:cb:e8:3a:90:2f:03:7f:
29:32:5b:65:31:8e:47:ab:fc:03:4d:ee:3b:e6:dd:
ea:63:90:17:97:f9:73:63:e8:a4:2d:31:c9:62:50:
67:76:e7:8c:68:59:cc:e0:b0:3c:dd:16:70:62:5d:
44:d8:d8:1b:44:61:7d:e6:d4:b1:9e:12:8a:b0:eb:
c1:5c:b2:7f:66:c7:66:66:77:d7:80:84:0f:45:b1:
3c:20:0c:aa:74:9c:d3:f2:a5:f4:84:b2:fc:01:bc:
d0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:34:BA:17:22:98:57:BE:B0:6F:D7:89:32:D2:3C:8D:B2:93:12:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b163c4ff-990b-4080-b1ba-e854e6bb4cb1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
9a:b4:be:80:dd:7c:c9:aa:99:dd:1d:2d:e5:e2:3a:a3:7e:b5:
79:24:42:fd:f9:04:7c:9e:92:82:49:9f:e0:d9:88:3c:6f:f8:
92:2b:b4:d8:67:24:c4:35:3c:89:35:7d:a5:d7:80:4c:e3:25:
f9:10:0a:f2:d5:d4:bc:86:af:f0:25:0e:61:af:e9:bb:83:c6:
26:70:69:44:01:e6:71:1c:02:28:67:53:c9:10:d4:29:3e:ff:
5f:e6:84:ab:d1:d0:e3:48:b2:eb:00:5c:01:ca:f2:bf:10:a5:
85:3f:31:67:a2:ae:e0:99:8b:05:cd:f4:a4:87:ac:c6:b2:bd:
8e:2a:5c:c7:65:4a:75:5c:1c:74:10:2b:46:0c:13:32:5c:49:
72:f4:34:cc:34:b3:bc:c3:0a:d6:c2:dc:99:b8:e5:e8:95:e3:
05:1a:42:03:3a:e4:ad:19:ce:75:e6:ec:38:2b:45:27:81:a7:
8f:7c:e3:b3:b7:b5:20:91:80:30:3b:c5:bc:d2:87:50:25:4d:
c3:5c:15:91:70:bf:4a:48:a7:59:84:a4:61:e7:57:24:62:7f:
d7:14:a3:3b:68:11:37:a5:5e:60:ea:14:4b:29:2f:3d:96:ca:
44:97:c0:ee:9a:08:93:cc:c6:ca:f9:31:a7:3b:ce:ba:85:c7:
aa:19:f7:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ0HgnJKAJGtdPbo6fO8oMRWglQswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTIwMTJaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkYWI1NGY5N2M0M2E2ODA4ZGQzMjg5YjFhYWZhOTIwMDIzODg4MGI4Mjcx
MjExZjk4YmU2NmFkZTI2ZmYzYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+EYOt45IEiTCAdFLy3ebEbPkVFk3I0nRtWwNJel0saykDACYmripA1QF9J
/g1wWNJfuN0pY86WQd/U+scIbGdkOT0zsB/ff2w4keBg69/uss1MIg6GACTSdfTK
zoAXrlbH3cJOHobQk+VM0ISNohHSLo5UQec0TBIxhVMLneduhMPMYAP6kakc2MZp
RuyncJMoZc8c8bNxcMzsVf/L6DqQLwN/KTJbZTGOR6v8A03uO+bd6mOQF5f5c2Po
pC0xyWJQZ3bnjGhZzOCwPN0WcGJdRNjYG0RhfebUsZ4SirDrwVyyf2bHZmZ314CE
D0WxPCAMqnSc0/Kl9ISy/AG80IsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT4NLoX
IphXvrBv14ky0jyNspMSKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE2M2M0ZmYtOTkwYi00MDgwLWIxYmEtZTg1NGU2YmI0Y2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GpA
MA0GCSqGSIb3DQEBCwUAA4IBAQCatL6A3XzJqpndHS3l4jqjfrV5JEL9+QR8npKC
SZ/g2Yg8b/iSK7TYZyTENTyJNX2l14BM4yX5EAry1dS8hq/wJQ5hr+m7g8YmcGlE
AeZxHAIoZ1PJENQpPv9f5oSr0dDjSLLrAFwByvK/EKWFPzFnoq7gmYsFzfSkh6zG
sr2OKlzHZUp1XBx0ECtGDBMyXEly9DTMNLO8wwrWwtyZuOXoleMFGkIDOuStGc51
5uw4K0UngaePfOOzt7UgkYAwO8W80odQJU3DXBWRcL9KSKdZhKRh51ckYn/XFKM7
aBE3pV5g6hRLKS89lspEl8DumgiTzMbK+TGnO866hceqGffX
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:11:33 2026 by rpki-client