Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
File: e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa (raw, json)
Hash identifier: hRHRBGw7l2hS4FpOVn5RiRgSu6Nd5RIoqPZ2Zfn7hO8=
Subject key identifier: 0A:08:54:80:A5:B6:FC:FC:7C:24:0C:36:0B:15:B0:29:C6:A4:19:F8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 565F75A76DC5B780C62BC1CF440877B0107F7D44
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
Signing time: Mon 23 Feb 2026 01:00:08 +0000
ROA not before: Mon 23 Feb 2026 01:00:08 +0000
ROA not after: Sun 24 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:6000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:5f:75:a7:6d:c5:b7:80:c6:2b:c1:cf:44:08:77:b0:10:7f:7d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 23 01:00:08 2026 GMT
Not After : May 24 23:59:59 2026 GMT
Subject: serialNumber=9cf9fa59ed063937443460f816e7bb5c51e13952aea83521b2805d4f9d08f118, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:bd:f3:1b:e7:9e:61:ba:0e:f0:dc:53:52:15:
40:1a:28:71:0b:fc:72:b5:b5:4f:77:57:06:b0:be:
ac:ae:83:c8:53:9f:58:ee:fd:4a:69:7a:86:b8:b6:
37:c3:80:fb:22:3a:a9:7a:9e:fa:2f:de:94:6b:58:
8d:5e:1f:76:df:13:ab:50:84:a7:46:91:04:21:08:
75:46:d2:bd:93:7f:dd:66:a5:e7:09:d1:6a:81:bf:
27:c8:11:29:01:ff:93:21:cd:ea:14:9c:27:12:89:
e0:5c:9c:09:93:63:e4:ae:6c:87:15:60:e0:05:d3:
d2:f6:cf:23:63:bf:63:fe:e1:dc:52:b9:7f:da:56:
d4:95:9d:51:bc:8d:49:2a:53:c3:79:e5:d7:db:1c:
1c:2e:25:c1:9f:de:e1:0b:96:d7:e9:e4:c3:ee:04:
fa:5c:74:d1:5f:f3:c8:4f:57:e5:83:49:c5:ef:9d:
4a:cb:07:17:13:41:0c:2a:58:77:67:4a:03:f4:f5:
61:58:41:ed:ab:a5:b6:b8:ab:70:10:cf:53:cc:38:
98:c1:99:6b:bd:70:8d:b6:4c:93:0b:21:0b:7b:14:
aa:7e:50:81:f4:d5:5b:76:f0:56:aa:0e:4e:14:49:
87:b3:d4:09:0f:25:52:11:4f:c7:c7:7e:8a:a4:d1:
bc:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:08:54:80:A5:B6:FC:FC:7C:24:0C:36:0B:15:B0:29:C6:A4:19:F8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:6000::/48
Signature Algorithm: sha256WithRSAEncryption
a2:d7:cf:cb:59:16:09:c6:86:70:d8:a2:42:a1:3d:12:a1:10:
48:60:7b:bb:7a:e8:4b:6f:10:83:20:2f:7a:73:0a:8c:eb:2f:
b2:f2:3f:b9:fa:eb:e6:11:92:5d:c5:28:80:bc:97:b7:ee:5f:
5c:6f:5e:ec:5d:47:e7:f3:ae:e8:7f:41:6a:d8:31:1e:27:cd:
8e:02:da:24:19:ce:0e:f1:d7:42:ca:6e:24:a8:67:cb:18:26:
c7:4b:4b:88:0a:85:cc:fb:c0:f2:d6:31:0c:74:3d:ad:b6:32:
50:b4:ba:9d:3d:a9:3e:4d:be:95:89:cd:a8:ec:d7:25:48:6b:
dc:1b:e4:dd:3b:7e:41:36:a1:21:45:e3:d4:c3:b2:59:5d:0a:
c8:25:fb:6b:91:0d:46:af:bb:4e:0c:0d:e1:e0:c9:11:5a:f0:
f2:02:77:42:66:90:8a:2c:5a:ac:46:55:5c:9e:96:d5:97:85:
35:6b:16:2b:0f:88:df:19:34:26:4f:d1:4a:cc:81:f4:9d:b3:
51:aa:7c:a7:f1:77:9b:7b:e2:8f:dc:54:13:28:5f:d1:9a:cd:
0a:45:1a:3b:ec:88:4f:78:15:a3:29:18:97:08:f5:32:5b:50:
c1:e3:ac:82:2c:65:21:d2:fc:77:00:fa:92:47:00:3c:fa:b3:
72:b3:61:c7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVl91p23Ft4DGK8HPRAh3sBB/fUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjMwMTAwMDhaFw0yNjA1MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDljZjlmYTU5ZWQwNjM5Mzc0NDM0NjBmODE2ZTdiYjVjNTFlMTM5NTJhZWE4
MzUyMWIyODA1ZDRmOWQwOGYxMTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMS98xvnnmG6DvDcU1IVQBoocQv8crW1T3dXBrC+rK6DyFOfWO79Sml6hri2
N8OA+yI6qXqe+i/elGtYjV4fdt8Tq1CEp0aRBCEIdUbSvZN/3Wal5wnRaoG/J8gR
KQH/kyHN6hScJxKJ4FycCZNj5K5shxVg4AXT0vbPI2O/Y/7h3FK5f9pW1JWdUbyN
SSpTw3nl19scHC4lwZ/e4QuW1+nkw+4E+lx00V/zyE9X5YNJxe+dSssHFxNBDCpY
d2dKA/T1YVhB7aultrircBDPU8w4mMGZa71wjbZMkwshC3sUqn5QgfTVW3bwVqoO
ThRJh7PUCQ8lUhFPx8d+iqTRvK0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQKCFSA
pbb8/HwkDDYLFbApxqQZ+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTliMjRhZDEtMDY5Yi00OTE2LTlkMzMtMzFhZDY5MzdmYjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZg
ADANBgkqhkiG9w0BAQsFAAOCAQEAotfPy1kWCcaGcNiiQqE9EqEQSGB7u3roS28Q
gyAvenMKjOsvsvI/ufrr5hGSXcUogLyXt+5fXG9e7F1H5/Ou6H9BatgxHifNjgLa
JBnODvHXQspuJKhnyxgmx0tLiAqFzPvA8tYxDHQ9rbYyULS6nT2pPk2+lYnNqOzX
JUhr3Bvk3Tt+QTahIUXj1MOyWV0KyCX7a5ENRq+7TgwN4eDJEVrw8gJ3QmaQiixa
rEZVXJ6W1ZeFNWsWKw+I3xk0Jk/RSsyB9J2zUap8p/F3m3vij9xUEyhf0ZrNCkUa
O+yIT3gVoykYlwj1MltQweOsgixlIdL8dwD6kkcAPPqzcrNhxw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:12:59 2026 by rpki-client