Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
File: 4498c2d2-5806-4a94-bd91-8de10249561d.roa (raw, json)
Hash identifier: t7mixUWamZcG7UdTHIniQVoZndX+6KZ1xYGeJg3EHN8=
Subject key identifier: 13:D8:E5:F2:D8:EA:F5:91:32:6A:7D:5C:28:20:D6:6B:43:39:36:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 346EFD39D0482325B566BDB221E5B54F7D652D9C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
Signing time: Sat 28 Feb 2026 05:10:09 +0000
ROA not before: Sat 28 Feb 2026 05:10:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:6e:fd:39:d0:48:23:25:b5:66:bd:b2:21:e5:b5:4f:7d:65:2d:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=b3fc0ff5ba1beaf9867de6067b0c2a01fc8ae69d7c7a84f39f8f8c70aa14884a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2f:c3:43:a8:81:eb:45:f2:3d:42:7d:16:49:
82:2a:89:87:77:02:d2:59:c7:92:95:de:28:e6:19:
df:12:dc:ce:38:08:c8:f1:c0:4a:65:66:81:46:e4:
7a:de:8b:46:58:fc:69:17:f7:a0:01:e3:01:c7:f2:
e3:5b:30:a9:e1:1a:c0:58:4b:ce:8c:b7:24:e3:46:
20:92:3b:77:9d:2c:f5:bb:f2:e0:07:8b:bb:cc:a6:
2e:bc:6e:4e:a9:e5:13:77:54:70:fb:93:8d:f5:2f:
80:36:c0:d8:d0:8a:66:6b:c6:04:63:a8:c8:4e:fd:
40:dc:95:8c:92:13:76:dc:7f:6a:ad:02:d5:cd:1e:
7b:12:11:99:80:db:ef:80:94:63:ad:3b:0b:79:84:
ab:c5:51:6d:d4:23:72:d6:2e:e7:2f:6e:e5:98:15:
25:a6:e0:67:02:ee:2e:e6:e4:63:1c:d6:06:fd:72:
a1:ed:56:56:77:03:8a:6f:40:f4:4f:eb:46:63:8b:
91:b9:cd:8e:ed:20:38:37:86:27:38:d4:76:1f:c3:
7e:85:a2:c1:ae:04:f1:34:47:ba:82:dd:b0:ed:f7:
24:9f:36:f0:96:7e:b5:2d:81:a7:67:2d:af:e0:0d:
3a:80:57:d1:8a:11:5b:7f:9f:5c:7f:b6:02:00:85:
02:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:D8:E5:F2:D8:EA:F5:91:32:6A:7D:5C:28:20:D6:6B:43:39:36:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:e000::/40
Signature Algorithm: sha256WithRSAEncryption
1f:3b:c4:f8:11:2d:f6:8d:c7:d6:02:14:e2:75:a9:29:79:c9:
2b:42:bc:47:b2:2a:89:b2:1e:a9:a2:cb:64:e9:99:ff:b1:8e:
2d:a3:d1:71:99:a3:db:54:cb:6f:47:9e:2b:b0:69:29:05:cf:
a7:6b:23:7e:68:94:af:a8:87:95:5b:d0:95:4f:22:09:ce:17:
06:79:80:56:a8:bd:89:64:c3:b8:0c:4e:64:ef:4c:b8:f1:e1:
81:a5:19:1a:67:da:75:ad:ff:d8:4f:36:b4:84:34:24:2d:71:
ef:a8:6c:b7:16:ed:be:42:38:72:3b:c7:c9:c9:d2:f7:5c:69:
0b:06:a4:f9:be:65:b0:f1:2f:34:1c:3a:68:ca:63:2f:49:9d:
0a:c1:eb:70:85:ae:83:a3:76:97:f6:bc:3e:7d:21:74:87:f0:
cb:0b:75:7a:12:eb:1e:6b:56:10:32:7e:e0:65:6d:3d:19:26:
b5:8e:37:6e:64:9c:fc:5a:34:57:43:8d:c0:50:73:b2:28:af:
e8:af:fc:7e:a4:82:15:16:dc:bc:74:68:d3:50:c7:6f:44:d0:
d5:30:01:a1:7d:2c:76:de:06:34:43:34:9d:59:40:1d:0d:24:
18:e1:bc:68:64:ef:dd:d9:a4:34:da:51:54:67:f0:56:3a:d4:
07:c1:bf:a9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNG79OdBIIyW1Zr2yIeW1T31lLZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzZmMwZmY1YmExYmVhZjk4NjdkZTYwNjdiMGMyYTAxZmM4YWU2OWQ3Yzdh
ODRmMzlmOGY4YzcwYWExNDg4NGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOAvw0OogetF8j1CfRZJgiqJh3cC0lnHkpXeKOYZ3xLczjgIyPHASmVmgUbk
et6LRlj8aRf3oAHjAcfy41swqeEawFhLzoy3JONGIJI7d50s9bvy4AeLu8ymLrxu
TqnlE3dUcPuTjfUvgDbA2NCKZmvGBGOoyE79QNyVjJITdtx/aq0C1c0eexIRmYDb
74CUY607C3mEq8VRbdQjctYu5y9u5ZgVJabgZwLuLubkYxzWBv1yoe1WVncDim9A
9E/rRmOLkbnNju0gODeGJzjUdh/DfoWiwa4E8TRHuoLdsO33JJ828JZ+tS2Bp2ct
r+ANOoBX0YoRW3+fXH+2AgCFAqcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQT2OXy
2Or1kTJqfVwoINZrQzk2NzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQ5OGMyZDItNTgwNi00YTk0LWJkOTEtOGRlMTAyNDk1NjFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hjg
MA0GCSqGSIb3DQEBCwUAA4IBAQAfO8T4ES32jcfWAhTidakpeckrQrxHsiqJsh6p
ostk6Zn/sY4to9FxmaPbVMtvR54rsGkpBc+nayN+aJSvqIeVW9CVTyIJzhcGeYBW
qL2JZMO4DE5k70y48eGBpRkaZ9p1rf/YTza0hDQkLXHvqGy3Fu2+QjhyO8fJydL3
XGkLBqT5vmWw8S80HDpoymMvSZ0Kwetwha6Do3aX9rw+fSF0h/DLC3V6Eusea1YQ
Mn7gZW09GSa1jjduZJz8WjRXQ43AUHOyKK/or/x+pIIVFty8dGjTUMdvRNDVMAGh
fSx23gY0QzSdWUAdDSQY4bxoZO/d2aQ02lFUZ/BWOtQHwb+p
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:20 2026 by rpki-client