Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
File: 37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa (raw, json)
Hash identifier: re/76G8eGz0QUCLz0tTJ9GiRxDa517KRv/9yfhMqQls=
Subject key identifier: 0F:1D:2E:32:B2:52:57:F9:E7:5F:96:5B:DB:6C:EE:13:BC:02:86:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23FC8447960A517D71A9D95D55394228EF5C1872
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
Signing time: Sat 28 Feb 2026 05:41:25 +0000
ROA not before: Sat 28 Feb 2026 05:41:25 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 185.48.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:fc:84:47:96:0a:51:7d:71:a9:d9:5d:55:39:42:28:ef:5c:18:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:25 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=a52676e796905ee1fc98de9710129d059a02c1ca64cbff70d111e800671b0c03, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:df:60:8c:61:9b:28:27:bc:2d:03:ab:10:95:
81:0d:ae:87:ba:58:72:b9:72:2e:1d:60:9e:14:a4:
e7:69:4a:90:4a:17:be:7c:d3:54:4a:c0:d7:ab:b4:
2b:2a:5f:8a:e2:f2:f7:b9:f5:c8:68:8a:9a:a3:21:
91:60:30:ed:58:82:d2:38:ad:9a:7d:10:41:eb:dd:
d8:2a:25:04:1c:d1:2f:d2:96:14:cd:bb:0b:85:53:
83:47:76:f6:d1:27:1c:d6:93:e2:92:14:77:b5:24:
02:72:fb:47:b2:ff:28:22:2d:50:4b:68:d9:60:e9:
3e:94:26:7d:d0:90:0e:21:68:4f:a5:c4:f9:d0:20:
4b:cc:9b:bf:74:39:32:a5:9f:a3:d0:75:b9:11:b5:
0a:e7:53:62:79:6f:5d:bc:94:85:9d:eb:f4:b4:b5:
ac:e4:76:64:7a:ac:da:e1:06:b8:5c:52:31:e1:69:
90:b9:00:8b:68:f9:95:4f:ed:3c:fc:81:18:06:6e:
32:eb:45:98:53:9d:08:0c:16:9f:42:fb:4a:0c:df:
ed:c2:25:2a:d0:8d:8a:2c:1e:6c:13:6b:36:78:2f:
24:dd:e1:bf:93:0c:fc:43:34:67:6c:3e:ed:44:92:
3e:59:c0:5a:84:8c:a9:0b:ac:5a:d8:d8:20:62:52:
fc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:1D:2E:32:B2:52:57:F9:E7:5F:96:5B:DB:6C:EE:13:BC:02:86:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.120.0/22
Signature Algorithm: sha256WithRSAEncryption
91:ff:07:c5:e7:84:22:e0:09:a1:3c:bd:1a:48:ab:67:ce:84:
3a:fb:17:46:c6:20:1b:e5:4e:e7:a6:82:f8:98:bb:5d:87:b6:
3f:1e:15:15:43:a3:94:f4:3b:5c:b3:1d:02:31:29:a9:63:c9:
d4:be:72:1e:37:eb:6c:1d:ba:80:4b:1a:af:b8:50:41:db:31:
aa:98:43:6d:f5:56:8d:3a:6f:23:d3:0d:6d:12:1f:64:de:39:
ed:34:6b:e2:b1:ff:77:4f:96:ca:aa:24:34:33:b9:d9:ec:6e:
49:13:b2:19:bd:88:f2:2d:cb:85:e5:10:4b:dd:8a:a4:f1:04:
f0:b5:9e:8b:12:eb:4e:a4:16:6c:81:70:61:2f:c4:02:72:38:
7b:f9:3b:2c:00:38:e7:f4:ae:ea:10:49:2e:75:7e:75:60:1e:
39:60:c0:c6:af:70:ed:7a:31:6e:36:3a:35:a2:a8:80:1d:19:
fd:76:7f:12:88:e0:59:63:82:e4:c6:28:d0:60:01:82:13:7b:
d1:e9:59:97:7a:f2:5f:2f:d5:d5:c6:a2:dd:43:ac:e0:c2:99:
ff:43:a7:28:95:5d:cf:04:24:1a:d5:9e:2e:f4:b7:31:cc:42:
c9:a6:68:d2:9d:da:a8:e1:da:35:94:b6:b7:50:c5:5a:1b:99:
43:ee:f2:c0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUI/yER5YKUX1xqdldVTlCKO9cGHIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMjVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1MjY3NmU3OTY5MDVlZTFmYzk4ZGU5NzEwMTI5ZDA1OWEwMmMxY2E2NGNi
ZmY3MGQxMTFlODAwNjcxYjBjMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJbfYIxhmygnvC0DqxCVgQ2uh7pYcrlyLh1gnhSk52lKkEoXvnzTVErA16u0
KypfiuLy97n1yGiKmqMhkWAw7ViC0jitmn0QQevd2ColBBzRL9KWFM27C4VTg0d2
9tEnHNaT4pIUd7UkAnL7R7L/KCItUEto2WDpPpQmfdCQDiFoT6XE+dAgS8ybv3Q5
MqWfo9B1uRG1CudTYnlvXbyUhZ3r9LS1rOR2ZHqs2uEGuFxSMeFpkLkAi2j5lU/t
PPyBGAZuMutFmFOdCAwWn0L7Sgzf7cIlKtCNiiwebBNrNngvJN3hv5MM/EM0Z2w+
7USSPlnAWoSMqQusWtjYIGJS/D0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQPHS4y
slJX+edfllvbbO4TvAKGszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdiNTg0ZmEtZjY0OC00YTA3LTljYmQtNDBiZmVmNGEwYjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkweDAN
BgkqhkiG9w0BAQsFAAOCAQEAkf8HxeeEIuAJoTy9GkirZ86EOvsXRsYgG+VO56aC
+Ji7XYe2Px4VFUOjlPQ7XLMdAjEpqWPJ1L5yHjfrbB26gEsar7hQQdsxqphDbfVW
jTpvI9MNbRIfZN457TRr4rH/d0+WyqokNDO52exuSROyGb2I8i3LheUQS92KpPEE
8LWeixLrTqQWbIFwYS/EAnI4e/k7LAA45/Su6hBJLnV+dWAeOWDAxq9w7XoxbjY6
NaKogB0Z/XZ/EojgWWOC5MYo0GABghN70elZl3ryXy/V1cai3UOs4MKZ/0OnKJVd
zwQkGtWeLvS3McxCyaZo0p3aqOHaNZS2t1DFWhuZQ+7ywA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:10 2026 by rpki-client