Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
File: ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa (raw, json)
Hash identifier: klRjvnW5zzPgi8gDOYtSxeLrShrX7c0d0uz8pCa3Zto=
Subject key identifier: 96:66:E4:87:A6:58:00:9A:7F:AD:84:68:C3:DC:71:E3:53:35:59:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C54B3F05C3AC8A7565B7E9A632326D2005A53A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
Signing time: Fri 13 Feb 2026 15:20:13 +0000
ROA not before: Fri 13 Feb 2026 15:20:13 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 87.238.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:54:b3:f0:5c:3a:c8:a7:56:5b:7e:9a:63:23:26:d2:00:5a:53:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:13 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=6d74e5c664eefbcce8d5600cab58f440f8622c3108567b1f6f1f06a434afa315, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b2:b5:f6:61:53:2b:b9:d8:cb:a2:ba:b5:6b:
84:6b:fb:6b:db:40:72:05:0f:42:31:b9:2d:fa:68:
b3:ad:4d:38:18:37:d2:d7:5f:91:ff:8c:a9:40:41:
8c:1f:b4:00:9f:c4:54:39:03:f9:e4:6c:19:a1:9d:
e2:1a:4b:f9:7a:cb:a0:cf:26:c2:a3:c7:5b:f9:d8:
45:12:7d:eb:e7:06:0b:d2:c9:85:2f:32:e0:fa:17:
60:b2:63:a2:6a:60:17:a9:aa:d4:2a:45:b0:3a:5d:
35:ec:fe:9c:1e:15:9c:49:ea:ff:51:99:d5:95:c3:
16:52:57:fd:1a:03:b3:48:b0:ee:42:30:48:49:20:
58:62:28:e3:57:d4:42:54:b4:fe:fb:9d:c3:42:34:
78:9b:7e:b0:83:69:7c:fa:01:71:ca:9e:a7:52:80:
c0:78:39:2c:26:cb:3b:96:df:b1:94:aa:b7:db:b2:
cb:d5:98:18:d6:48:98:25:86:64:93:22:a8:90:d9:
0e:96:7c:46:58:d0:69:70:58:f8:99:64:68:44:48:
60:67:72:bd:9b:5f:f4:cc:c3:9b:17:a2:97:62:f3:
57:f4:40:b5:8f:05:71:3d:70:b6:26:6b:9d:9e:93:
81:25:31:32:7c:65:36:65:08:1d:bf:07:8f:a2:23:
65:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:66:E4:87:A6:58:00:9A:7F:AD:84:68:C3:DC:71:E3:53:35:59:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.80.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:cb:34:b6:f6:8c:aa:c5:5d:dd:5b:64:2a:f7:46:07:00:68:
83:e6:a9:1b:3c:ba:c9:e1:15:46:73:04:a4:16:4e:4d:2c:ed:
56:23:77:6e:8d:21:9f:21:77:7f:21:b9:9f:77:14:d0:57:55:
fd:07:a8:7c:32:1e:4b:03:61:86:6c:6c:d1:a0:04:9d:95:10:
09:64:6c:fb:82:c4:d3:fb:43:99:f0:cc:e3:e7:61:66:8c:99:
21:17:c0:92:91:be:74:5d:c6:ee:60:14:d3:70:18:1a:72:ed:
87:35:0d:07:f5:e5:94:ad:b4:b2:65:24:53:b6:92:0f:1b:04:
38:59:6f:94:1b:4a:58:b5:16:b1:40:e8:8f:d4:06:eb:41:62:
90:7f:01:91:39:19:5a:9f:6e:12:cc:9f:2c:95:c2:38:b2:73:
03:1e:fb:de:f4:de:84:41:7c:ea:30:20:bf:25:20:f0:58:80:
34:2d:a5:c4:a2:88:9b:4e:e2:f3:4b:80:d0:10:8e:82:2e:b3:
01:11:e9:05:86:f1:91:92:d5:e5:19:75:28:65:16:76:be:73:
ec:8f:1a:0a:d6:6d:58:91:44:4d:0c:63:4b:6c:11:31:54:4c:
1e:1b:9f:03:13:91:e0:b1:7a:97:3d:b4:31:95:75:90:9f:b5:
42:fc:b6:31
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfFSz8Fw6yKdWW36aYyMm0gBaU6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwMTNaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkNzRlNWM2NjRlZWZiY2NlOGQ1NjAwY2FiNThmNDQwZjg2MjJjMzEwODU2
N2IxZjZmMWYwNmE0MzRhZmEzMTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMuytfZhUyu52MuiurVrhGv7a9tAcgUPQjG5Lfpos61NOBg30tdfkf+MqUBB
jB+0AJ/EVDkD+eRsGaGd4hpL+XrLoM8mwqPHW/nYRRJ96+cGC9LJhS8y4PoXYLJj
ompgF6mq1CpFsDpdNez+nB4VnEnq/1GZ1ZXDFlJX/RoDs0iw7kIwSEkgWGIo41fU
QlS0/vudw0I0eJt+sINpfPoBccqep1KAwHg5LCbLO5bfsZSqt9uyy9WYGNZImCWG
ZJMiqJDZDpZ8RljQaXBY+JlkaERIYGdyvZtf9MzDmxeil2LzV/RAtY8FcT1wtiZr
nZ6TgSUxMnxlNmUIHb8Hj6IjZbcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSWZuSH
plgAmn+thGjD3HHjUzVZkjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmE3MGE4OWMtNWU2Yy00MGFjLTlhNzMtZjkyYmVlMDA1ZDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1fuUDAN
BgkqhkiG9w0BAQsFAAOCAQEATcs0tvaMqsVd3VtkKvdGBwBog+apGzy6yeEVRnME
pBZOTSztViN3bo0hnyF3fyG5n3cU0FdV/QeofDIeSwNhhmxs0aAEnZUQCWRs+4LE
0/tDmfDM4+dhZoyZIRfAkpG+dF3G7mAU03AYGnLthzUNB/XllK20smUkU7aSDxsE
OFlvlBtKWLUWsUDoj9QG60FikH8BkTkZWp9uEsyfLJXCOLJzAx773vTehEF86jAg
vyUg8FiANC2lxKKIm07i80uA0BCOgi6zARHpBYbxkZLV5Rl1KGUWdr5z7I8aCtZt
WJFETQxjS2wRMVRMHhufAxOR4LF6lz20MZV1kJ+1Qvy2MQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:49 2026 by rpki-client