Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
File: 4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa (raw, json)
Hash identifier: AuLMuyDOy4qJB9srrd1NgVww4uXKlkxMu6WbsLfLeoI=
Subject key identifier: 2E:CF:D6:AF:69:5C:8E:91:C7:F5:A9:06:6E:39:4D:7D:7D:D6:00:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34CF6CE78E53918BC107D0705D6E8E41622BDC2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
Signing time: Sat 28 Feb 2026 05:30:11 +0000
ROA not before: Sat 28 Feb 2026 05:30:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:cf:6c:e7:8e:53:91:8b:c1:07:d0:70:5d:6e:8e:41:62:2b:dc:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c414583e5a047c5bb947fa1808c304723967a86d2f151bb6c5cfd56c4c6efbcd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8f:ee:99:d6:7a:53:9d:ee:ae:9a:de:e7:24:
b0:35:1e:fa:11:1e:bd:47:8c:0f:e5:71:0d:61:16:
75:f1:33:a2:0d:30:14:ee:4b:3b:37:bd:e2:0f:4c:
3f:5b:52:e9:53:56:b7:85:6d:80:4e:ed:86:fe:28:
0e:d0:20:2b:ca:f0:e3:80:f5:d5:2a:cd:b9:ff:5e:
52:e3:7a:ad:75:19:72:dd:c7:47:e5:14:e1:ba:e1:
f3:c8:3c:13:19:b4:78:a6:28:4d:bf:27:cb:4b:52:
62:f0:8c:bb:35:a5:d0:1a:cc:bd:66:d3:6f:3b:05:
ea:35:62:7e:8b:cf:d2:d4:ce:2d:7e:8c:83:f7:29:
24:94:55:8e:0f:a2:d5:41:4b:95:40:a6:b1:f6:76:
3e:02:f8:e6:f1:10:4b:76:a8:2b:b4:ec:42:6e:3b:
20:ef:4c:97:64:c0:12:a5:c5:30:ec:8d:22:0e:e7:
4e:d3:ba:f1:7b:90:61:ab:8c:57:e0:c1:a2:94:b5:
23:30:ff:c8:7f:25:15:5f:66:be:43:c4:6c:f2:2f:
54:cf:24:00:d0:b4:21:3a:0f:a0:55:e7:68:5d:2b:
39:d4:2d:e0:37:eb:ba:3a:d6:9f:6d:07:25:06:90:
d8:5d:99:f1:22:91:f0:55:ee:45:36:83:22:c3:c4:
e5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:CF:D6:AF:69:5C:8E:91:C7:F5:A9:06:6E:39:4D:7D:7D:D6:00:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:e000::/40
Signature Algorithm: sha256WithRSAEncryption
7c:57:fc:d1:81:34:35:e8:be:67:04:97:74:e2:c0:d8:a0:4b:
81:43:ff:ce:9f:12:2d:ae:5d:70:b8:d9:06:04:a9:db:c9:98:
e3:06:1c:8a:81:d0:6f:2e:ed:7b:48:55:41:a8:f8:12:44:1a:
f7:89:81:53:a3:e5:72:a1:be:cb:7a:50:e8:2d:22:ba:ac:30:
cf:46:dc:56:56:cf:55:cf:79:3b:cb:dd:37:97:68:c1:36:5c:
7f:46:9a:18:75:61:b7:f2:0b:e9:30:a8:37:f5:b5:97:28:37:
be:e7:b4:bd:7d:37:78:dc:b0:32:d9:28:3c:ae:ab:95:bd:34:
07:5f:08:0b:84:d6:94:96:7f:17:6b:39:f9:f9:7a:82:9e:3a:
7e:bb:f2:91:50:3e:53:fc:cd:86:1f:2c:8d:3a:c8:bc:ee:55:
87:9b:4e:42:b7:1f:cc:95:4b:fc:70:b3:11:76:0e:11:c2:0f:
0e:4a:30:2f:9d:99:d2:24:ab:f1:45:d6:3b:a3:97:0f:82:64:
2c:85:15:43:06:92:7a:1d:79:5c:10:86:fe:eb:5f:42:27:8c:
db:42:a4:34:14:ce:ea:57:49:35:53:c2:81:ad:49:b2:a6:98:
3a:22:80:be:5c:2d:71:4a:55:a0:2f:f5:32:49:03:a6:bf:ba:
95:e9:5a:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNM9s545TkYvBB9BwXW6OQWIr3C4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0MTQ1ODNlNWEwNDdjNWJiOTQ3ZmExODA4YzMwNDcyMzk2N2E4NmQyZjE1
MWJiNmM1Y2ZkNTZjNGM2ZWZiY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+P7pnWelOd7q6a3ucksDUe+hEevUeMD+VxDWEWdfEzog0wFO5LOze94g9M
P1tS6VNWt4VtgE7thv4oDtAgK8rw44D11SrNuf9eUuN6rXUZct3HR+UU4brh88g8
Exm0eKYoTb8ny0tSYvCMuzWl0BrMvWbTbzsF6jVifovP0tTOLX6Mg/cpJJRVjg+i
1UFLlUCmsfZ2PgL45vEQS3aoK7TsQm47IO9Ml2TAEqXFMOyNIg7nTtO68XuQYauM
V+DBopS1IzD/yH8lFV9mvkPEbPIvVM8kANC0IToPoFXnaF0rOdQt4DfrujrWn20H
JQaQ2F2Z8SKR8FXuRTaDIsPE5ZsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQuz9av
aVyOkcf1qQZuOU19fdYAvDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI1MjBmMmYtN2ZjMC00MWFmLThjNTMtZWMwNjc1YWE4M2QwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G3g
MA0GCSqGSIb3DQEBCwUAA4IBAQB8V/zRgTQ16L5nBJd04sDYoEuBQ//OnxItrl1w
uNkGBKnbyZjjBhyKgdBvLu17SFVBqPgSRBr3iYFTo+Vyob7LelDoLSK6rDDPRtxW
Vs9Vz3k7y903l2jBNlx/RpoYdWG38gvpMKg39bWXKDe+57S9fTd43LAy2Sg8rquV
vTQHXwgLhNaUln8Xazn5+XqCnjp+u/KRUD5T/M2GHyyNOsi87lWHm05Ctx/MlUv8
cLMRdg4Rwg8OSjAvnZnSJKvxRdY7o5cPgmQshRVDBpJ6HXlcEIb+619CJ4zbQqQ0
FM7qV0k1U8KBrUmyppg6IoC+XC1xSlWgL/UySQOmv7qV6VoT
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:49:18 2026 by rpki-client