Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
File: b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa (raw, json)
Hash identifier: DpCFuirOkhW8Um14hYndT4WeR07cQDuqfaDcn5lkZzI=
Subject key identifier: F9:FF:76:22:27:EA:54:73:58:E0:AE:37:9B:B0:8F:96:23:6C:9F:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F479107BCBCB89F9123D2CC1A2B03F27E0C2BA7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
Signing time: Sat 28 Feb 2026 05:20:42 +0000
ROA not before: Sat 28 Feb 2026 05:20:42 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:47:91:07:bc:bc:b8:9f:91:23:d2:cc:1a:2b:03:f2:7e:0c:2b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:42 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=feaee4f98808aa0609f31183560f46c0172a533fd77ac60c8cc51935449a59c2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c2:13:23:45:62:99:8a:3c:63:6e:5b:7a:5b:
ef:9f:03:3e:2d:63:b0:5d:a7:5b:db:ed:77:94:ec:
fc:17:99:d5:aa:3b:f2:18:6d:82:61:2f:06:4e:bb:
e0:d3:1b:f8:84:b7:8b:82:98:99:c2:b6:e4:cd:a1:
3f:3a:1a:ec:6c:24:80:f3:1f:5a:df:be:bb:1b:7a:
62:b0:e4:20:0d:05:99:4b:d6:d6:d4:25:ce:ae:a7:
07:46:aa:d7:59:07:d2:c3:4a:4d:79:75:7c:70:ea:
16:b8:f8:e0:10:ba:92:a2:56:f1:91:12:28:81:2b:
cf:a7:17:8b:0a:33:ca:be:62:b9:d1:73:d2:ef:9f:
18:49:4b:45:86:32:a1:1a:bc:e6:c0:34:ac:2f:cb:
9c:fb:7f:aa:d8:1e:4a:57:78:f9:b5:a5:a2:04:fd:
67:d7:ff:9b:7f:77:94:74:12:85:7a:42:59:a9:75:
90:bd:3a:54:91:90:f5:49:d1:2a:cf:58:c3:55:a8:
de:aa:a1:ae:c5:4a:70:22:1c:e2:03:f8:b4:a1:82:
af:73:07:a1:c6:1d:3f:ef:a7:92:df:8b:97:a3:de:
40:ca:65:1b:a1:cf:9b:4a:bd:44:5f:f9:16:30:c1:
b2:f7:4e:21:fc:70:de:b1:9c:18:5b:c8:80:75:13:
31:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:FF:76:22:27:EA:54:73:58:E0:AE:37:9B:B0:8F:96:23:6C:9F:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:800::/38
Signature Algorithm: sha256WithRSAEncryption
44:51:33:e2:de:4b:b5:95:e4:13:ef:8d:85:41:5b:42:75:72:
98:41:04:1c:16:4a:36:cb:2a:4b:7a:48:c7:ab:ed:1c:07:54:
ee:55:88:70:77:f2:d2:22:a5:8f:e3:4c:68:fb:bf:a1:49:e3:
de:66:bb:9e:f8:2b:61:3f:e4:d9:57:bf:5c:3e:00:e9:91:61:
c6:2a:1e:9c:3c:94:df:77:74:32:57:56:82:4e:22:51:6d:f8:
44:5c:ce:5c:42:84:b3:f1:e4:8d:2a:97:55:d9:26:5c:1c:79:
76:8e:cc:3d:7d:c9:67:0f:79:c4:ec:62:3c:29:fb:a9:75:ba:
01:a0:35:e8:b4:6c:f2:ed:63:51:0d:a3:12:46:b0:c2:e7:8e:
b0:fc:ca:39:9f:53:91:d9:b0:05:06:b0:34:e2:19:6e:d6:98:
30:a8:8c:0b:4a:e4:8d:d6:b3:59:87:ff:e9:45:d2:fd:e9:bc:
5c:c1:82:2d:51:b3:81:7d:c3:b1:56:6e:99:34:b1:3f:06:44:
7b:8a:90:04:99:32:db:66:90:2a:71:40:e5:9e:ae:f5:3b:fe:
6c:14:c6:f9:b4:06:2e:3d:5c:e6:a7:1e:1a:3f:9b:63:9f:88:
0c:81:a1:e1:34:5d:9c:e1:8c:09:10:7a:7e:8a:30:49:c1:3a:
b6:22:2b:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD0eRB7y8uJ+RI9LMGisD8n4MK6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwNDJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlYWVlNGY5ODgwOGFhMDYwOWYzMTE4MzU2MGY0NmMwMTcyYTUzM2ZkNzdh
YzYwYzhjYzUxOTM1NDQ5YTU5YzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnCEyNFYpmKPGNuW3pb758DPi1jsF2nW9vtd5Ts/BeZ1ao78hhtgmEvBk67
4NMb+IS3i4KYmcK25M2hPzoa7GwkgPMfWt++uxt6YrDkIA0FmUvW1tQlzq6nB0aq
11kH0sNKTXl1fHDqFrj44BC6kqJW8ZESKIErz6cXiwozyr5iudFz0u+fGElLRYYy
oRq85sA0rC/LnPt/qtgeSld4+bWlogT9Z9f/m393lHQShXpCWal1kL06VJGQ9UnR
Ks9Yw1Wo3qqhrsVKcCIc4gP4tKGCr3MHocYdP++nkt+Ll6PeQMplG6HPm0q9RF/5
FjDBsvdOIfxw3rGcGFvIgHUTMekCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT5/3Yi
J+pUc1jgrjebsI+WI2yf7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yjc2NjgzZmItZDQxZi00YmZkLWJhNzgtYjRiMjQ5MmFjZDFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4I
MA0GCSqGSIb3DQEBCwUAA4IBAQBEUTPi3ku1leQT742FQVtCdXKYQQQcFko2yypL
ekjHq+0cB1TuVYhwd/LSIqWP40xo+7+hSePeZrue+CthP+TZV79cPgDpkWHGKh6c
PJTfd3QyV1aCTiJRbfhEXM5cQoSz8eSNKpdV2SZcHHl2jsw9fclnD3nE7GI8Kfup
dboBoDXotGzy7WNRDaMSRrDC546w/Mo5n1OR2bAFBrA04hlu1pgwqIwLSuSN1rNZ
h//pRdL96bxcwYItUbOBfcOxVm6ZNLE/BkR7ipAEmTLbZpAqcUDlnq71O/5sFMb5
tAYuPVzmpx4aP5tjn4gMgaHhNF2c4YwJEHp+ijBJwTq2IiuB
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:16 2026 by rpki-client