Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
File: 4a7b2b27-8130-47da-97da-78c91087b05e.roa (raw, json)
Hash identifier: IvjPKkgonhaa8ZjlxQtRRgx8jbjMZv4EGTkMK4Dk+mQ=
Subject key identifier: 74:34:A4:AC:2B:39:66:6F:D9:07:5B:32:DE:37:66:3F:62:C3:9C:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F75B18B9322D998C6D791C45E4033FC239A44CD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
Signing time: Sat 28 Feb 2026 05:31:29 +0000
ROA not before: Sat 28 Feb 2026 05:31:29 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:75:b1:8b:93:22:d9:98:c6:d7:91:c4:5e:40:33:fc:23:9a:44:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:31:29 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=5d5e76590a8b2185aecee399ac3e7c5147e87c200c754a93e8dd1a4875faa298, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:68:05:ea:d1:30:f8:c6:13:a1:4b:3d:e8:37:
e5:0b:e8:2d:72:d3:4a:fd:eb:84:ca:6c:f8:de:38:
7b:72:90:d0:df:f9:51:d7:07:50:8e:9d:7d:a2:33:
a0:e0:9d:df:c7:77:05:26:bc:c0:aa:9e:31:db:c4:
89:6f:9b:7c:bc:39:62:8f:18:a7:b8:c6:39:2a:df:
85:74:43:d1:9e:69:ec:93:a1:b8:33:2d:d5:e2:7e:
c9:30:e1:d4:a2:7e:c5:f3:f3:35:ac:18:38:36:b4:
7a:0a:8c:c0:a0:fb:38:7a:8b:35:a7:e3:bc:d0:c4:
95:1e:54:52:f9:ca:b5:c3:fa:1f:eb:6d:0b:56:32:
18:07:97:67:d0:0e:d6:4f:7b:22:a8:aa:6a:bf:a4:
6d:48:44:2c:68:a3:9a:9a:f6:2d:61:82:dc:69:b0:
61:60:d4:2a:da:3a:b7:33:4c:7f:66:af:f5:59:06:
12:5f:c6:20:dd:77:91:87:4d:99:25:5a:4c:9e:01:
f1:df:7e:92:68:f3:05:66:ca:91:b2:5e:49:ac:47:
83:b5:f9:77:d8:33:2a:b0:ae:d2:ff:73:64:d9:09:
71:a2:71:19:a5:bd:6d:78:81:17:b9:36:ce:e8:ef:
f5:7c:02:9b:6d:ee:10:d0:fa:db:71:78:ce:a6:87:
65:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:34:A4:AC:2B:39:66:6F:D9:07:5B:32:DE:37:66:3F:62:C3:9C:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c040::/48
Signature Algorithm: sha256WithRSAEncryption
97:bd:3a:06:90:0e:27:a9:c7:53:af:9a:29:c9:59:81:a1:d5:
2f:b1:78:8e:a7:62:96:73:da:fd:eb:6f:d6:58:fa:05:aa:bd:
33:36:58:14:64:d1:41:4f:d9:a8:1e:3d:58:a9:f8:7a:83:a7:
e4:3f:f7:a2:f0:63:de:00:72:53:d3:34:8a:e1:e3:7c:aa:30:
f0:73:27:b3:d6:f4:48:9f:db:14:88:a8:42:56:d6:5b:03:f2:
60:3c:79:ef:df:69:4d:e7:0a:83:6d:c7:62:09:fb:04:11:93:
bb:0c:8d:8d:6f:d1:22:12:16:ab:0f:54:2d:c5:89:de:6d:d2:
9e:47:7d:29:f1:c0:5d:e4:b1:dd:3a:5a:8e:8a:9f:d6:97:68:
bf:fd:1c:c5:0b:ec:92:cd:38:bb:11:27:f9:b2:1e:f8:64:16:
fd:b9:f7:b9:c8:05:62:ea:71:b7:e9:03:47:3c:b2:e2:58:aa:
8d:40:13:98:c5:18:13:e6:b4:89:71:05:cd:f3:69:79:81:f5:
3c:a9:d5:5a:e0:f8:63:9c:38:cf:89:ab:f7:ae:f3:d6:db:b0:
ba:b9:d6:5b:80:2b:67:9a:6b:19:70:7a:76:db:c3:31:66:48:
36:78:f6:5e:42:6b:47:b5:ac:68:be:78:32:38:90:9a:3f:b3:
67:8d:94:b5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUD3Wxi5Mi2ZjG15HEXkAz/COaRM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMxMjlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkNWU3NjU5MGE4YjIxODVhZWNlZTM5OWFjM2U3YzUxNDdlODdjMjAwYzc1
NGE5M2U4ZGQxYTQ4NzVmYWEyOTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhoBerRMPjGE6FLPeg35QvoLXLTSv3rhMps+N44e3KQ0N/5UdcHUI6dfaIz
oOCd38d3BSa8wKqeMdvEiW+bfLw5Yo8Yp7jGOSrfhXRD0Z5p7JOhuDMt1eJ+yTDh
1KJ+xfPzNawYODa0egqMwKD7OHqLNafjvNDElR5UUvnKtcP6H+ttC1YyGAeXZ9AO
1k97Iqiqar+kbUhELGijmpr2LWGC3GmwYWDUKto6tzNMf2av9VkGEl/GIN13kYdN
mSVaTJ4B8d9+kmjzBWbKkbJeSaxHg7X5d9gzKrCu0v9zZNkJcaJxGaW9bXiBF7k2
zujv9XwCm23uEND623F4zqaHZQUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR0NKSs
Kzlmb9kHWzLeN2Y/YsOc6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGE3YjJiMjctODEzMC00N2RhLTk3ZGEtNzhjOTEwODdiMDVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
QDANBgkqhkiG9w0BAQsFAAOCAQEAl706BpAOJ6nHU6+aKclZgaHVL7F4jqdilnPa
/etv1lj6Baq9MzZYFGTRQU/ZqB49WKn4eoOn5D/3ovBj3gByU9M0iuHjfKow8HMn
s9b0SJ/bFIioQlbWWwPyYDx5799pTecKg23HYgn7BBGTuwyNjW/RIhIWqw9ULcWJ
3m3Snkd9KfHAXeSx3Tpajoqf1pdov/0cxQvsks04uxEn+bIe+GQW/bn3ucgFYupx
t+kDRzyy4liqjUATmMUYE+a0iXEFzfNpeYH1PKnVWuD4Y5w4z4mr967z1tuwurnW
W4ArZ5prGXB6dtvDMWZINnj2XkJrR7WsaL54MjiQmj+zZ42UtQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:36 2026 by rpki-client