Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
File: 9a732efb-e23f-49a4-ad51-1a43431e07c9.roa (raw, json)
Hash identifier: f1AGJey9ZjVJX7RAJgWTMVzZc0996QOUCzg0ctlXiEE=
Subject key identifier: 6B:8C:33:DB:AB:FF:CA:84:D8:E3:72:82:85:8E:D6:D0:A5:4B:D9:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1358F6F7D06A1ACDA0FE9CB9173945C37A3CE76A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
Signing time: Sat 28 Feb 2026 06:20:10 +0000
ROA not before: Sat 28 Feb 2026 06:20:10 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:58:f6:f7:d0:6a:1a:cd:a0:fe:9c:b9:17:39:45:c3:7a:3c:e7:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:20:10 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=b63254a648da9ebea7cb5d717d10414c10f0425ce9b7ddde9a649da8e5ec5c39, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:53:e8:43:53:bb:73:f6:2b:61:f0:21:a0:cd:
95:ba:c3:5f:10:18:88:ca:13:2c:99:bf:75:34:d2:
a2:1c:50:8d:87:4c:cf:a9:7f:43:60:bd:a2:b5:1e:
da:54:a9:57:aa:de:31:84:07:1c:d5:7e:69:10:01:
77:37:b6:b5:a1:c0:53:47:da:75:cc:c7:98:9f:25:
02:74:6b:39:b1:f6:0d:21:9e:01:fd:c2:12:89:54:
d2:43:0a:f1:1c:15:9f:b4:57:f7:69:87:0c:6e:59:
04:bd:86:f0:46:7a:df:22:ff:69:e8:d4:56:42:47:
0f:32:0d:f5:17:11:51:e5:f5:2e:3a:53:01:a5:7b:
aa:8b:90:4a:5c:fb:7d:9e:70:fa:2d:70:92:88:a1:
d2:ba:7c:88:b6:80:39:97:57:1f:e8:fa:45:07:18:
b7:91:1e:dc:8e:5a:19:24:87:d8:1c:95:fb:ba:4e:
93:77:e0:33:67:e5:01:74:2e:dc:92:99:01:dd:85:
2e:5f:c6:ac:f8:97:4f:85:09:c5:f2:05:43:e1:7c:
37:21:25:d4:af:fb:af:12:c8:ad:b0:d6:07:cf:34:
8a:86:61:09:a2:b7:af:a5:e4:0c:e2:51:df:9d:00:
6a:fd:20:58:f6:27:3a:8c:2b:54:e0:72:c1:c5:48:
f5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:8C:33:DB:AB:FF:CA:84:D8:E3:72:82:85:8E:D6:D0:A5:4B:D9:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:9000::/40
Signature Algorithm: sha256WithRSAEncryption
88:b9:ac:1a:47:79:1b:44:db:5c:ef:04:9f:95:ec:bc:43:a0:
e9:86:0b:05:bd:3c:f1:57:5b:88:c3:11:4c:23:89:ad:54:73:
27:a8:c6:7c:55:76:50:db:e3:88:80:4b:58:f4:57:88:25:44:
3f:4c:65:13:61:1e:62:cd:20:ba:64:c6:b8:90:b0:5f:f1:4c:
46:56:3d:86:b0:b0:5f:99:38:45:e2:b0:42:a5:3e:a4:dd:e0:
5b:ad:96:07:e2:8c:32:7c:04:3b:08:0a:af:fb:38:c8:68:ff:
37:1d:d8:e5:7e:63:13:19:8b:47:d8:ce:82:f1:2b:62:b9:ed:
47:99:5e:99:46:ed:3d:d1:82:6a:ce:b0:9c:27:33:fe:59:e1:
a3:71:e3:c0:b5:55:4f:66:46:51:31:41:d3:bc:52:2e:4a:db:
86:49:5c:a4:c7:3e:a5:d1:4b:9a:cd:f5:e1:ae:b8:15:04:ba:
f9:ed:ea:d8:5f:d1:15:0f:ef:bc:9b:6d:37:5a:d5:2a:7f:b3:
09:7b:32:96:ad:29:f0:01:19:02:d4:c3:ee:98:c8:dc:2d:3d:
13:b6:f0:1a:98:d7:28:d6:32:f9:9b:30:a1:c9:71:29:1d:d2:
a2:65:3b:f1:b6:b7:9d:68:00:c1:28:f3:ce:1e:e5:1c:d3:36:
5a:d2:c1:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE1j299BqGs2g/py5FzlFw3o852owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIwMTBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2MzI1NGE2NDhkYTllYmVhN2NiNWQ3MTdkMTA0MTRjMTBmMDQyNWNlOWI3
ZGRkZTlhNjQ5ZGE4ZTVlYzVjMzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1T6ENTu3P2K2HwIaDNlbrDXxAYiMoTLJm/dTTSohxQjYdMz6l/Q2C9orUe
2lSpV6reMYQHHNV+aRABdze2taHAU0fadczHmJ8lAnRrObH2DSGeAf3CEolU0kMK
8RwVn7RX92mHDG5ZBL2G8EZ63yL/aejUVkJHDzIN9RcRUeX1LjpTAaV7qouQSlz7
fZ5w+i1wkoih0rp8iLaAOZdXH+j6RQcYt5Ee3I5aGSSH2ByV+7pOk3fgM2flAXQu
3JKZAd2FLl/GrPiXT4UJxfIFQ+F8NyEl1K/7rxLIrbDWB880ioZhCaK3r6XkDOJR
350Aav0gWPYnOowrVOBywcVI9ckCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrjDPb
q//KhNjjcoKFjtbQpUvZzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWE3MzJlZmItZTIzZi00OWE0LWFkNTEtMWE0MzQzMWUwN2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCIuawaR3kbRNtc7wSfley8Q6DphgsFvTzxV1uI
wxFMI4mtVHMnqMZ8VXZQ2+OIgEtY9FeIJUQ/TGUTYR5izSC6ZMa4kLBf8UxGVj2G
sLBfmThF4rBCpT6k3eBbrZYH4owyfAQ7CAqv+zjIaP83HdjlfmMTGYtH2M6C8Sti
ue1HmV6ZRu090YJqzrCcJzP+WeGjcePAtVVPZkZRMUHTvFIuStuGSVykxz6l0Uua
zfXhrrgVBLr57erYX9EVD++8m203WtUqf7MJezKWrSnwARkC1MPumMjcLT0TtvAa
mNco1jL5mzChyXEpHdKiZTvxtredaADBKPPOHuUc0zZa0sEB
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:59:27 2026 by rpki-client