Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4208aec2-e501-4b80-8e94-0fe622727fba.roa
File: 4208aec2-e501-4b80-8e94-0fe622727fba.roa (raw, json)
Hash identifier: fUSpnwXcmzZFX7lN2Qai3z783pffd1Ykdnp7RCY89uM=
Subject key identifier: C1:3C:7E:CF:67:59:22:0B:11:91:A9:1B:6E:B9:19:CA:45:41:33:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04445D1AEDE2D83FB3583A96D5C435A6D27E4389
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4208aec2-e501-4b80-8e94-0fe622727fba.roa
Signing time: Fri 06 Feb 2026 00:30:15 +0000
ROA not before: Fri 06 Feb 2026 00:30:15 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06d:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:44:5d:1a:ed:e2:d8:3f:b3:58:3a:96:d5:c4:35:a6:d2:7e:43:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 6 00:30:15 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=e9b9dcbbf547c97940a21cf787c94642d69179664d7cbb6b20e0adf0615006fa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:56:3d:eb:54:5b:fb:f8:e2:57:d1:fe:2e:54:
24:4f:fc:a1:d6:99:8a:5e:df:4f:e4:ce:f9:1e:e2:
bb:0b:bb:2f:74:7d:a2:d0:71:23:2e:3c:ef:ca:9e:
5f:08:c4:86:8b:b3:0b:3e:46:b5:5c:eb:90:60:83:
8a:45:32:0c:e8:9d:5e:05:ee:17:35:c5:3b:b3:28:
69:f2:93:6d:45:77:1e:b5:5a:08:c2:33:da:68:cc:
3a:85:e5:36:bd:a6:a8:5e:ba:e4:32:37:e1:6a:69:
15:b1:a2:2b:e1:eb:1b:1d:04:35:dc:67:d6:a8:dc:
17:67:13:ea:d6:ee:bb:e0:16:30:f9:3b:a4:9f:41:
8e:10:ee:40:13:52:4a:09:55:a2:dc:c6:f5:fa:10:
0c:9d:e7:be:b4:3d:a4:48:c3:59:b5:d9:37:26:bc:
71:e5:8d:93:ec:d7:c5:8b:fb:a6:f8:71:09:fa:ff:
cb:cd:16:5a:14:ea:24:57:24:56:98:23:13:a7:ef:
85:33:ba:43:e0:5e:7c:ec:0d:33:4a:41:ea:6d:aa:
07:95:67:d5:87:15:25:81:45:cf:c4:ec:1e:db:60:
c1:6a:bc:99:3b:66:50:c3:60:b0:2d:23:4c:b4:9a:
ab:64:64:36:2f:08:41:dc:98:c0:83:e4:ce:d4:b9:
5d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:3C:7E:CF:67:59:22:0B:11:91:A9:1B:6E:B9:19:CA:45:41:33:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4208aec2-e501-4b80-8e94-0fe622727fba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6080::/48
Signature Algorithm: sha256WithRSAEncryption
5e:bc:58:5e:d5:99:5c:5d:d3:97:2b:64:fe:4f:4e:05:5e:44:
4a:e3:e7:89:78:71:8c:4a:bd:9d:cc:ab:cf:4e:9c:01:0c:31:
08:9a:b9:45:c3:46:3c:54:4f:47:7a:9a:5e:16:cc:16:d4:65:
e6:10:78:b3:b5:bd:9c:8c:86:01:da:a3:ad:bd:64:77:9d:9a:
0f:a9:76:5d:a1:3c:21:ba:ea:d3:2f:e6:5d:16:10:f6:7d:d5:
67:24:d1:27:d2:33:2a:c3:b2:20:a5:70:b0:9f:38:6d:cf:5a:
6f:a0:15:43:1a:e7:23:83:5f:6d:cc:c5:27:ff:7d:de:69:b3:
a2:3f:7c:62:17:cf:04:69:39:77:47:7f:29:42:56:0f:35:9e:
e9:b7:57:c4:dd:a9:ca:6a:31:55:5e:6f:d3:5f:1f:76:6a:33:
e3:98:8e:15:16:eb:8b:9a:a4:ae:6c:ac:24:2c:74:b5:63:7a:
25:67:bd:2b:36:7b:8f:e1:60:ca:db:59:06:45:b8:32:0f:5e:
25:0c:7c:a1:18:bd:3a:12:d6:a7:b8:09:af:49:66:0a:ca:9b:
0f:50:0a:2e:e9:42:72:a4:6d:03:ec:4f:9d:1a:6f:16:9a:9d:
08:c5:cf:51:7f:6d:ab:f1:0b:03:d4:83:da:2a:4a:64:c2:2b:
80:60:c5:b8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBERdGu3i2D+zWDqW1cQ1ptJ+Q4kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMDYwMDMwMTVaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5YjlkY2JiZjU0N2M5Nzk0MGEyMWNmNzg3Yzk0NjQyZDY5MTc5NjY0ZDdj
YmI2YjIwZTBhZGYwNjE1MDA2ZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1WPetUW/v44lfR/i5UJE/8odaZil7fT+TO+R7iuwu7L3R9otBxIy4878qe
XwjEhouzCz5GtVzrkGCDikUyDOidXgXuFzXFO7MoafKTbUV3HrVaCMIz2mjMOoXl
Nr2mqF665DI34WppFbGiK+HrGx0ENdxn1qjcF2cT6tbuu+AWMPk7pJ9BjhDuQBNS
SglVotzG9foQDJ3nvrQ9pEjDWbXZNya8ceWNk+zXxYv7pvhxCfr/y80WWhTqJFck
VpgjE6fvhTO6Q+BefOwNM0pB6m2qB5Vn1YcVJYFFz8TsHttgwWq8mTtmUMNgsC0j
TLSaq2RkNi8IQdyYwIPkztS5Xb8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTBPH7P
Z1kiCxGRqRtuuRnKRUEzjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDIwOGFlYzItZTUwMS00YjgwLThlOTQtMGZlNjIyNzI3ZmJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
gDANBgkqhkiG9w0BAQsFAAOCAQEAXrxYXtWZXF3Tlytk/k9OBV5ESuPniXhxjEq9
ncyrz06cAQwxCJq5RcNGPFRPR3qaXhbMFtRl5hB4s7W9nIyGAdqjrb1kd52aD6l2
XaE8Ibrq0y/mXRYQ9n3VZyTRJ9IzKsOyIKVwsJ84bc9ab6AVQxrnI4NfbczFJ/99
3mmzoj98YhfPBGk5d0d/KUJWDzWe6bdXxN2pymoxVV5v018fdmoz45iOFRbri5qk
rmysJCx0tWN6JWe9KzZ7j+FgyttZBkW4Mg9eJQx8oRi9OhLWp7gJr0lmCsqbD1AK
LulCcqRtA+xPnRpvFpqdCMXPUX9tq/ELA9SD2ipKZMIrgGDFuA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:35 2026 by rpki-client