Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c167813a-1fe2-4420-897c-8f1cda39d0d3.roa
File: c167813a-1fe2-4420-897c-8f1cda39d0d3.roa (raw, json)
Hash identifier: 915hMK0UbqOvNWU+rvPyj3AjzuiM3IFRsi33k4fl2YA=
Subject key identifier: 4E:92:A3:41:D3:CB:8E:00:54:5E:D5:DD:14:67:38:C2:BC:2D:5F:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 782BF12F4066D383EF44412036061B1622F85CB8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c167813a-1fe2-4420-897c-8f1cda39d0d3.roa
Signing time: Wed 11 Feb 2026 01:30:36 +0000
ROA not before: Wed 11 Feb 2026 01:30:36 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:2b:f1:2f:40:66:d3:83:ef:44:41:20:36:06:1b:16:22:f8:5c:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:30:36 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=c656fe68834685b8d5c00a923bab7fc5598c9c90bbb43e9934b9fd53e232805d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a6:af:0d:06:c0:af:e9:3a:1f:3e:d4:13:28:
f7:60:59:74:1e:38:0d:a7:3b:5d:12:4d:b0:ba:84:
36:56:4f:41:31:71:ad:2d:fb:a1:59:f6:99:fa:00:
c5:62:f7:a3:32:f1:89:95:44:6f:fb:18:da:e5:69:
bf:50:0b:89:d0:6c:63:95:66:2d:98:cc:39:29:52:
e9:6d:78:72:4f:57:79:f6:5b:67:25:8f:bc:51:9f:
cd:80:77:82:d2:d5:4c:c3:4b:d0:7e:b4:56:53:8b:
f9:db:75:8c:8b:ab:25:80:62:db:5d:af:15:08:47:
43:e6:ea:ca:00:7a:14:2a:c6:62:15:55:54:d6:1a:
20:12:73:11:8f:1f:b0:06:4d:8e:bb:ee:dc:ff:e8:
61:5c:e3:60:85:99:ec:eb:5d:5d:bc:b1:3d:e3:23:
ae:7e:36:55:39:20:39:ee:73:6f:61:dc:3c:49:3a:
81:1f:35:ae:1a:73:26:20:db:92:97:11:eb:0c:88:
83:2b:a8:bc:5c:84:94:2e:7d:e1:21:b9:84:4a:37:
e6:c2:13:bc:47:0c:d2:2b:53:d4:d6:9a:e4:c3:4d:
af:25:3b:0b:95:19:d6:6e:28:f2:39:89:59:62:1b:
49:09:23:54:40:5e:c2:09:58:33:7d:ec:63:46:94:
b8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:92:A3:41:D3:CB:8E:00:54:5E:D5:DD:14:67:38:C2:BC:2D:5F:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c167813a-1fe2-4420-897c-8f1cda39d0d3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:1080::/48
Signature Algorithm: sha256WithRSAEncryption
70:ca:81:a2:4f:07:f8:a4:81:47:e6:2a:e2:34:a7:8b:f2:b9:
8a:42:b2:b0:6e:b6:25:74:7b:75:cd:06:5c:7c:f1:38:3a:51:
0a:dc:82:b1:d4:a0:cc:bd:7a:fa:aa:fb:cb:e0:da:3e:24:5f:
d8:f0:89:10:04:88:92:bb:4f:43:c9:bf:94:02:9f:cc:56:b9:
62:a1:c8:09:25:2a:3e:27:b8:44:4e:e3:a4:e6:cd:57:d1:d4:
9b:95:ca:bd:46:bc:3f:42:7a:ef:d5:99:f0:34:8c:8c:94:b8:
1b:93:df:30:c6:fb:6e:53:f8:cd:77:a4:9b:91:e5:cc:ac:cd:
66:cc:86:7c:84:05:b3:2e:bc:8e:19:80:87:89:2d:eb:0e:57:
60:c2:09:a7:6d:b9:c5:92:02:86:3e:7a:5f:68:9d:9c:1a:a9:
43:80:b3:5b:51:cd:15:cb:0f:94:af:ee:b4:d3:d1:31:25:9b:
68:af:53:7b:c0:f7:d2:ce:a2:06:9e:d9:cf:10:41:95:27:c7:
56:ce:e5:e1:6d:11:0d:21:32:48:7b:87:44:de:25:ad:69:a7:
b5:a7:1d:a9:de:53:07:f6:7c:eb:72:3e:66:2a:33:6d:68:24:
df:fb:ce:72:6a:2d:cd:1d:5c:6d:15:ee:35:81:59:0f:9e:2c:
e1:25:72:cb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeCvxL0Bm04PvREEgNgYbFiL4XLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTMwMzZaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2NTZmZTY4ODM0Njg1YjhkNWMwMGE5MjNiYWI3ZmM1NTk4YzljOTBiYmI0
M2U5OTM0YjlmZDUzZTIzMjgwNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOamrw0GwK/pOh8+1BMo92BZdB44Dac7XRJNsLqENlZPQTFxrS37oVn2mfoA
xWL3ozLxiZVEb/sY2uVpv1ALidBsY5VmLZjMOSlS6W14ck9XefZbZyWPvFGfzYB3
gtLVTMNL0H60VlOL+dt1jIurJYBi212vFQhHQ+bqygB6FCrGYhVVVNYaIBJzEY8f
sAZNjrvu3P/oYVzjYIWZ7OtdXbyxPeMjrn42VTkgOe5zb2HcPEk6gR81rhpzJiDb
kpcR6wyIgyuovFyElC594SG5hEo35sITvEcM0itT1Naa5MNNryU7C5UZ1m4o8jmJ
WWIbSQkjVEBewglYM33sY0aUuAkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBROkqNB
08uOAFRe1d0UZzjCvC1fjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzE2NzgxM2EtMWZlMi00NDIwLTg5N2MtOGYxY2RhMzlkMGQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GoQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAcMqBok8H+KSBR+Yq4jSni/K5ikKysG62JXR7
dc0GXHzxODpRCtyCsdSgzL16+qr7y+DaPiRf2PCJEASIkrtPQ8m/lAKfzFa5YqHI
CSUqPie4RE7jpObNV9HUm5XKvUa8P0J679WZ8DSMjJS4G5PfMMb7blP4zXekm5Hl
zKzNZsyGfIQFsy68jhmAh4kt6w5XYMIJp225xZIChj56X2idnBqpQ4CzW1HNFcsP
lK/utNPRMSWbaK9Te8D30s6iBp7ZzxBBlSfHVs7l4W0RDSEySHuHRN4lrWmntacd
qd5TB/Z863I+ZiozbWgk3/vOcmotzR1cbRXuNYFZD54s4SVyyw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:59 2026 by rpki-client