Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
File: 190e1645-8146-4d32-be0a-feed324f8efa.roa (raw, json)
Hash identifier: iyVCpuQnZvwAu7LSRmew9GbNzQTrD4/tylznN7i2oeY=
Subject key identifier: D0:D6:64:11:5B:F2:B4:AF:E9:12:3B:91:D1:23:B4:E8:2E:F3:30:45
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D7266F42B73D9380982023A9B65A65BADA1F71C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
Signing time: Sat 28 Feb 2026 05:30:53 +0000
ROA not before: Sat 28 Feb 2026 05:30:53 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:72:66:f4:2b:73:d9:38:09:82:02:3a:9b:65:a6:5b:ad:a1:f7:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:53 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=671a5cfa30ddbfa461a6710b5f04c5a8a31ab444534421c2b8fb403b4a36457e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b0:7e:53:f1:66:1b:3e:cf:5e:d7:57:8b:e2:
af:eb:52:e3:21:59:16:e3:16:9f:71:07:9e:64:e8:
8d:b0:8b:66:5f:cc:0f:fc:60:2d:97:f2:2c:ed:40:
e2:10:d7:77:d2:83:d8:98:49:96:a7:22:04:ef:5e:
4d:f2:26:cd:5e:48:bd:00:3a:48:5f:24:e5:c7:e9:
eb:be:b3:4d:52:7d:66:b3:4a:41:ba:17:b6:21:45:
2e:29:bc:50:3a:13:89:1e:a1:d3:fa:1a:35:bb:8a:
3f:dc:39:08:fb:83:53:52:61:e1:8c:ac:a1:a6:a2:
3c:b1:cb:35:1f:0e:6b:2f:a2:04:b9:89:5d:89:04:
96:32:44:99:f5:70:17:c7:1c:67:c4:8e:9e:fc:39:
f2:a9:71:eb:18:b1:fd:be:07:4a:6e:f8:12:e3:65:
4c:31:4c:19:51:79:a0:78:4b:41:cc:76:ed:35:48:
05:2e:06:5c:a5:6e:2e:2f:7c:28:2b:1a:9e:23:53:
0d:73:e1:f2:7f:66:27:2d:16:99:25:e4:72:f5:df:
6e:95:58:c6:ab:23:a9:10:98:48:3b:92:07:57:ec:
84:c8:25:69:63:ae:68:07:ed:15:96:77:75:8f:83:
c2:55:ae:cd:45:e7:93:78:9f:53:64:27:b6:3a:da:
3f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D6:64:11:5B:F2:B4:AF:E9:12:3B:91:D1:23:B4:E8:2E:F3:30:45
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:a000::/40
Signature Algorithm: sha256WithRSAEncryption
7d:76:c1:cd:b9:a7:94:85:a9:ce:51:e0:45:c8:3b:3b:55:57:
ce:18:dd:9f:8e:a6:12:2e:ac:15:c9:18:6d:8b:4a:a4:2e:84:
8d:ae:4e:2a:ae:a6:56:7a:38:c7:43:33:19:05:5f:07:46:38:
2a:79:e4:fc:a6:0c:55:af:d9:ce:f6:d9:ea:58:3f:7e:f7:93:
86:76:e1:26:9e:e2:5c:d9:79:35:a5:ce:9d:5b:c6:94:0f:a0:
95:e2:f3:3e:4e:39:56:54:d6:a2:5b:78:41:57:6b:dd:10:23:
72:8b:33:3d:76:ff:94:cc:a6:85:8b:93:4f:d0:d3:95:42:0e:
f4:5f:f5:3a:c2:3c:31:be:8f:0b:56:10:ee:6b:a7:12:e5:be:
b1:01:5c:b5:2f:43:f2:05:96:7d:28:ba:5b:51:82:e5:14:17:
54:a4:21:40:33:4c:94:da:f5:e7:9e:6c:18:47:a9:cc:c2:db:
15:8c:28:03:91:18:18:4b:5a:34:22:0d:ba:0d:14:47:07:bd:
4b:d8:02:12:6b:cd:2d:ee:9d:a4:d7:31:ed:fe:ae:a4:f1:60:
4d:3c:09:f0:8c:06:7d:da:ff:b0:da:9d:3d:7d:af:23:e0:6e:
11:0c:b2:c3:c1:70:23:e4:4e:2b:b8:58:28:e0:83:3d:7a:22:
89:ed:ca:ff
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTXJm9Ctz2TgJggI6m2WmW62h9xwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwNTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3MWE1Y2ZhMzBkZGJmYTQ2MWE2NzEwYjVmMDRjNWE4YTMxYWI0NDQ1MzQ0
MjFjMmI4ZmI0MDNiNGEzNjQ1N2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+wflPxZhs+z17XV4vir+tS4yFZFuMWn3EHnmTojbCLZl/MD/xgLZfyLO1A
4hDXd9KD2JhJlqciBO9eTfImzV5IvQA6SF8k5cfp676zTVJ9ZrNKQboXtiFFLim8
UDoTiR6h0/oaNbuKP9w5CPuDU1Jh4YysoaaiPLHLNR8Oay+iBLmJXYkEljJEmfVw
F8ccZ8SOnvw58qlx6xix/b4HSm74EuNlTDFMGVF5oHhLQcx27TVIBS4GXKVuLi98
KCsaniNTDXPh8n9mJy0WmSXkcvXfbpVYxqsjqRCYSDuSB1fshMglaWOuaAftFZZ3
dY+DwlWuzUXnk3ifU2QntjraP70CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQ1mQR
W/K0r+kSO5HRI7ToLvMwRTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTkwZTE2NDUtODE0Ni00ZDMyLWJlMGEtZmVlZDMyNGY4ZWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSg
MA0GCSqGSIb3DQEBCwUAA4IBAQB9dsHNuaeUhanOUeBFyDs7VVfOGN2fjqYSLqwV
yRhti0qkLoSNrk4qrqZWejjHQzMZBV8HRjgqeeT8pgxVr9nO9tnqWD9+95OGduEm
nuJc2Xk1pc6dW8aUD6CV4vM+TjlWVNaiW3hBV2vdECNyizM9dv+UzKaFi5NP0NOV
Qg70X/U6wjwxvo8LVhDua6cS5b6xAVy1L0PyBZZ9KLpbUYLlFBdUpCFAM0yU2vXn
nmwYR6nMwtsVjCgDkRgYS1o0Ig26DRRHB71L2AISa80t7p2k1zHt/q6k8WBNPAnw
jAZ92v+w2p09fa8j4G4RDLLDwXAj5E4ruFgo4IM9eiKJ7cr/
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:28:16 2026 by rpki-client