Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
File: 4304a130-e9d1-47a4-8ecf-5d755740a478.roa (raw, json)
Hash identifier: 8iD1YjSFscRsis3pGMdT2JGE8aNlzfROUZZ9MM90IGQ=
Subject key identifier: 4D:64:79:06:67:9C:84:DF:56:BF:96:55:25:0E:A2:3A:95:99:C1:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76FC3B79245CC14F400496E0C87A7FF75B60305C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
Signing time: Sat 28 Feb 2026 06:10:57 +0000
ROA not before: Sat 28 Feb 2026 06:10:57 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:fc:3b:79:24:5c:c1:4f:40:04:96:e0:c8:7a:7f:f7:5b:60:30:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:57 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=aa46249839e7aa33f1167b0ab1c79c0c40d813ab59768a62412e38be1edd9dcc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:39:c5:af:c1:a4:50:03:a1:2f:fa:2a:cc:81:
31:06:02:c8:ce:84:00:b6:03:a6:36:12:fa:2a:72:
1e:36:fd:a8:37:aa:cd:74:ac:93:bd:b3:96:95:93:
f6:b9:e9:2a:bc:99:02:e4:99:01:54:39:43:c7:8b:
52:67:f4:d4:c4:63:6f:f7:7a:ff:89:ed:b1:13:6d:
98:5a:83:be:9d:ff:c9:6c:a4:60:06:0a:b7:f7:fd:
e7:94:97:87:9b:9d:95:e8:7c:70:0f:ae:c4:89:dd:
11:7e:40:53:6a:1f:3d:a5:cc:6c:0c:9a:36:6e:59:
b3:ca:24:89:b2:63:6b:9b:9d:e2:6e:7d:fa:b8:84:
54:dd:4d:e8:76:67:42:5d:64:d5:44:05:26:d3:2d:
b0:53:d3:44:28:ee:05:ad:8e:19:48:9d:91:6b:10:
27:7d:a1:ec:00:46:ba:87:51:1d:47:29:0b:af:5b:
b7:9c:82:36:ca:bb:e2:0b:ae:89:96:77:a7:6c:19:
13:ef:34:33:7a:05:bf:c5:38:69:9c:09:b6:31:e7:
01:9e:7b:d9:a4:54:13:1d:75:c9:65:1e:6c:54:c7:
ab:19:0a:af:22:7e:ea:6a:b7:3d:91:45:6a:82:07:
e2:da:ab:ba:1f:59:e8:65:61:20:d2:03:31:fb:19:
1b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:64:79:06:67:9C:84:DF:56:BF:96:55:25:0E:A2:3A:95:99:C1:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
c6:79:bc:5b:1c:77:e3:ab:0a:eb:c5:a2:dd:0d:fa:4a:ab:8d:
00:f3:e2:f8:1b:f6:8b:67:e2:14:9d:8b:8b:6c:2a:12:a7:af:
ce:94:9f:67:e2:24:54:f3:c6:54:ac:c6:3c:09:ba:8e:b8:00:
54:77:b0:24:13:07:b6:d0:34:30:f3:c1:f2:f2:2e:1e:36:bf:
15:57:05:32:f0:ef:32:c3:d6:72:7e:41:1a:76:55:da:43:89:
4f:1a:c8:2c:60:20:61:5b:c4:8c:ea:6b:b2:e8:a2:28:ff:25:
ba:99:69:94:f0:28:f9:c8:ac:00:29:18:e5:4f:2b:9c:b1:04:
62:70:00:a7:80:19:18:05:f2:0e:1e:02:ad:1f:79:24:6f:fa:
03:9e:e3:66:49:7c:e8:17:4b:86:f2:4c:7c:13:12:f1:e7:37:
d1:4d:18:bd:e0:38:c6:7d:01:24:df:88:10:f9:2d:2d:52:53:
e6:52:d2:bb:01:ad:a4:d8:6d:0d:61:b8:c6:b5:75:62:3e:3b:
70:05:67:a4:49:fc:b2:4b:dc:1b:8e:de:fc:ef:38:47:50:5c:
b2:4e:05:31:35:ff:ed:da:03:01:b9:d8:be:46:70:0f:ef:0c:
55:0f:c0:8e:9a:3b:4b:cb:fd:6d:10:0b:f3:5e:0c:14:74:58:
5b:97:57:5b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdvw7eSRcwU9ABJbgyHp/91tgMFwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwNTdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhNDYyNDk4MzllN2FhMzNmMTE2N2IwYWIxYzc5YzBjNDBkODEzYWI1OTc2
OGE2MjQxMmUzOGJlMWVkZDlkY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI45xa/BpFADoS/6KsyBMQYCyM6EALYDpjYS+ipyHjb9qDeqzXSsk72zlpWT
9rnpKryZAuSZAVQ5Q8eLUmf01MRjb/d6/4ntsRNtmFqDvp3/yWykYAYKt/f955SX
h5udleh8cA+uxIndEX5AU2ofPaXMbAyaNm5Zs8okibJja5ud4m59+riEVN1N6HZn
Ql1k1UQFJtMtsFPTRCjuBa2OGUidkWsQJ32h7ABGuodRHUcpC69bt5yCNsq74guu
iZZ3p2wZE+80M3oFv8U4aZwJtjHnAZ572aRUEx11yWUebFTHqxkKryJ+6mq3PZFF
aoIH4tqruh9Z6GVhINIDMfsZGyMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRNZHkG
Z5yE31a/llUlDqI6lZnBXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMwNGExMzAtZTlkMS00N2E0LThlY2YtNWQ3NTU3NDBhNDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
4DANBgkqhkiG9w0BAQsFAAOCAQEAxnm8Wxx346sK68Wi3Q36SquNAPPi+Bv2i2fi
FJ2Li2wqEqevzpSfZ+IkVPPGVKzGPAm6jrgAVHewJBMHttA0MPPB8vIuHja/FVcF
MvDvMsPWcn5BGnZV2kOJTxrILGAgYVvEjOprsuiiKP8luplplPAo+cisACkY5U8r
nLEEYnAAp4AZGAXyDh4CrR95JG/6A57jZkl86BdLhvJMfBMS8ec30U0YveA4xn0B
JN+IEPktLVJT5lLSuwGtpNhtDWG4xrV1Yj47cAVnpEn8skvcG47e/O84R1Bcsk4F
MTX/7doDAbnYvkZwD+8MVQ/Ajpo7S8v9bRAL814MFHRYW5dXWw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:34:39 2026 by rpki-client