Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3736ec9-491c-43bd-b672-c821fdae78f1.roa
File: f3736ec9-491c-43bd-b672-c821fdae78f1.roa (raw, json)
Hash identifier: Z7I6YHTABhqL9diHsZUjuBaC5CYMriG0CUK0vr4YHWo=
Subject key identifier: 91:AA:43:DE:23:75:E4:E2:0D:34:DD:05:31:C6:EC:DB:4B:60:36:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A0063C0F20842561EC6F90331CD6E686A91815D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3736ec9-491c-43bd-b672-c821fdae78f1.roa
Signing time: Tue 24 Feb 2026 04:10:42 +0000
ROA not before: Tue 24 Feb 2026 04:10:42 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:4000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:00:63:c0:f2:08:42:56:1e:c6:f9:03:31:cd:6e:68:6a:91:81:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 04:10:42 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=f7796a528be15de56d5e1c6e7c3e14528b80f8adeb1cbf8ee29e3b0ae13a38a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:23:c1:f8:3d:e8:a9:a5:db:b0:bd:26:01:51:
fe:4c:4d:fe:24:c1:2c:88:17:ba:cf:df:9d:cc:b5:
e4:0b:7a:9f:87:2b:63:fe:61:c2:8c:ca:b0:2e:b4:
cf:dc:40:a0:9e:88:34:8a:6e:e6:e1:91:04:41:bc:
63:75:de:f7:ef:5b:e2:a0:d6:88:fa:52:9d:37:2b:
55:74:b4:85:43:bc:25:0c:86:16:40:85:62:e1:44:
15:92:1f:75:0a:80:5f:88:54:c8:75:e0:60:f3:11:
54:16:08:aa:7f:d2:73:d3:25:20:c4:f2:c1:b5:e5:
4e:f6:bb:5d:db:6b:3c:33:8e:08:c5:92:f9:7c:15:
f7:f2:6d:b9:27:84:5e:4e:ac:be:55:12:8c:e1:01:
98:63:8f:bb:20:5a:17:80:60:55:10:9c:6d:91:f5:
cd:1d:1f:2f:46:ac:43:e9:83:15:1f:9b:53:8e:14:
4a:28:88:5f:63:99:1c:86:a2:0e:dd:76:54:46:56:
fa:1c:ee:bd:99:ba:b5:b9:5e:cd:d9:86:40:a6:c7:
1a:e0:fe:48:a1:9a:ac:4f:8a:6f:8c:2e:fd:ff:35:
fd:88:bb:fb:c2:22:ca:45:df:f6:bf:e5:a8:43:a3:
4c:9b:9e:6d:ec:e7:c4:f7:8f:cb:79:50:71:d5:1c:
19:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:AA:43:DE:23:75:E4:E2:0D:34:DD:05:31:C6:EC:DB:4B:60:36:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3736ec9-491c-43bd-b672-c821fdae78f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:4000::/48
Signature Algorithm: sha256WithRSAEncryption
2b:43:a3:4d:d2:f8:10:68:a9:9e:48:23:1e:9d:9e:a5:a5:74:
91:03:31:1b:f4:f5:06:f8:8a:50:01:6a:84:18:ea:76:22:94:
49:a2:c7:e5:58:75:ce:ea:35:0a:39:dd:12:2e:9b:3a:cc:99:
6c:43:6d:bf:3f:4a:96:38:3e:ba:d1:5b:bb:e0:73:a0:5a:0c:
02:c7:8a:97:e4:9a:0d:36:b5:6b:87:da:b8:34:87:e0:64:aa:
7f:7b:8d:10:6d:33:00:49:01:de:b0:12:cb:a8:b6:29:62:9b:
8b:10:a1:19:31:a7:a1:c4:b5:7a:ed:2c:e7:15:ab:ce:d6:a5:
f3:d6:48:d6:17:d9:fb:62:ac:8c:b6:50:0d:aa:9a:82:9f:be:
d4:dd:4e:d5:f0:ff:9b:85:ce:5d:fb:52:e3:b9:4d:00:bd:e5:
1b:d9:09:25:a0:e4:37:c8:09:4f:82:0a:4b:fa:15:cb:61:0c:
5a:2d:60:1a:03:6f:3f:86:c6:db:c4:24:a8:3f:c5:73:22:82:
06:a2:96:f9:3c:a6:1f:44:03:0f:f4:6f:93:21:c0:21:38:b2:
90:cc:12:4d:66:40:c9:61:41:bd:7e:b3:ce:51:90:77:7e:f9:
54:6b:f0:b8:06:80:3e:92:09:e4:44:75:66:9d:73:87:9e:06:
08:08:d8:6e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUegBjwPIIQlYexvkDMc1uaGqRgV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwNDEwNDJaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3Nzk2YTUyOGJlMTVkZTU2ZDVlMWM2ZTdjM2UxNDUyOGI4MGY4YWRlYjFj
YmY4ZWUyOWUzYjBhZTEzYTM4YTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwjwfg96Kml27C9JgFR/kxN/iTBLIgXus/fncy15At6n4crY/5hwozKsC60
z9xAoJ6INIpu5uGRBEG8Y3Xe9+9b4qDWiPpSnTcrVXS0hUO8JQyGFkCFYuFEFZIf
dQqAX4hUyHXgYPMRVBYIqn/Sc9MlIMTywbXlTva7XdtrPDOOCMWS+XwV9/JtuSeE
Xk6svlUSjOEBmGOPuyBaF4BgVRCcbZH1zR0fL0asQ+mDFR+bU44USiiIX2OZHIai
Dt12VEZW+hzuvZm6tblezdmGQKbHGuD+SKGarE+Kb4wu/f81/Yi7+8IiykXf9r/l
qEOjTJuebeznxPePy3lQcdUcGZsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSRqkPe
I3Xk4g003QUxxuzbS2A2BjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjM3MzZlYzktNDkxYy00M2JkLWI2NzItYzgyMWZkYWU3OGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZA
ADANBgkqhkiG9w0BAQsFAAOCAQEAK0OjTdL4EGipnkgjHp2epaV0kQMxG/T1BviK
UAFqhBjqdiKUSaLH5Vh1zuo1CjndEi6bOsyZbENtvz9Kljg+utFbu+BzoFoMAseK
l+SaDTa1a4fauDSH4GSqf3uNEG0zAEkB3rASy6i2KWKbixChGTGnocS1eu0s5xWr
ztal89ZI1hfZ+2KsjLZQDaqagp++1N1O1fD/m4XOXftS47lNAL3lG9kJJaDkN8gJ
T4IKS/oVy2EMWi1gGgNvP4bG28QkqD/FcyKCBqKW+TymH0QDD/RvkyHAITiykMwS
TWZAyWFBvX6zzlGQd375VGvwuAaAPpIJ5ER1Zp1zh54GCAjYbg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:28 2026 by rpki-client