Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
File: 4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa (raw, json)
Hash identifier: zhMwot92ZdQ5+KrnJJaof8VpSzvclgsOSXAHCjPJ1EM=
Subject key identifier: 80:E4:9D:73:2E:AE:44:7B:E4:9B:EE:B6:8F:A1:C3:34:33:5B:3F:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4358CCE0044F98D5A467204227F53F908F55C1E8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
Signing time: Sat 28 Feb 2026 05:50:05 +0000
ROA not before: Sat 28 Feb 2026 05:50:05 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:58:cc:e0:04:4f:98:d5:a4:67:20:42:27:f5:3f:90:8f:55:c1:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:05 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=85b51d8c4b38b27590e912c9939badc9549423671fae4a79d5b58cd89a48b302, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c9:d1:56:4e:8f:fc:61:b5:1e:19:41:92:66:
f5:83:55:60:ee:74:ae:f0:e6:10:83:fa:83:fe:18:
1a:9e:09:3e:06:c9:86:b1:ec:f9:68:58:38:aa:94:
52:d6:aa:8b:ce:9b:3d:a8:13:84:a0:9f:e8:5e:eb:
e6:46:07:80:8b:d9:06:c2:59:2b:43:63:fb:c3:01:
4b:63:7e:c2:0c:f2:e3:3e:f9:8b:01:bb:fc:55:b8:
b2:52:83:dd:b0:6d:06:3b:f7:df:0b:32:2f:d6:e9:
8f:91:d0:62:a9:19:bf:51:93:73:94:0b:98:b4:81:
ea:16:7c:5c:2b:b7:04:bd:a7:7e:37:76:35:15:1b:
ec:17:05:d7:9e:13:6f:59:b4:fb:a3:9d:d6:6d:f9:
3e:39:b9:0b:d9:b8:f9:90:1e:78:c3:08:4e:b0:aa:
59:0f:5f:e2:69:04:be:e1:d0:c1:32:2d:fd:fc:a1:
46:05:9b:6d:26:71:1f:5e:55:1b:75:98:06:84:af:
95:ab:ab:29:ac:2c:cd:09:72:19:b8:5c:d7:ce:fc:
67:b1:d8:3e:b4:8f:d0:65:78:56:e4:f2:71:b1:c3:
fc:65:cc:b6:ad:48:b0:62:b3:3a:53:18:62:0f:dc:
da:f2:5f:5e:4d:d6:bb:80:2a:55:e0:85:c0:d2:38:
5a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:E4:9D:73:2E:AE:44:7B:E4:9B:EE:B6:8F:A1:C3:34:33:5B:3F:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:4000::/40
Signature Algorithm: sha256WithRSAEncryption
be:ab:8b:97:42:59:64:24:d1:8d:ee:09:dd:07:71:52:4b:7f:
d5:4c:01:ef:16:eb:47:f1:4a:16:7e:24:70:6e:6e:9c:75:39:
29:56:83:b1:cf:4a:39:25:9e:bd:f0:21:a5:f6:84:ec:28:5a:
0b:57:61:68:3f:6a:66:3f:3c:5f:c4:7a:68:b8:29:e7:1e:0f:
8e:70:97:79:a3:74:3f:78:4f:31:f5:3f:63:01:9b:1d:ce:64:
f9:40:f2:36:c9:80:45:f3:af:1b:36:9e:7e:25:a6:12:5f:74:
d9:8f:2a:d7:45:16:7e:16:c1:3d:e6:ae:7a:b2:18:76:48:b1:
65:21:db:51:49:35:2e:a7:3d:08:07:1a:52:65:65:ef:71:9f:
30:70:a8:b0:e8:15:9c:26:9e:23:7c:8d:56:b5:3e:fe:96:ca:
e6:37:fa:3d:4d:f6:f9:fc:85:56:01:cd:db:8c:2e:1d:41:1c:
95:d0:3e:71:14:d4:2f:d9:22:a3:11:00:a4:ad:ba:47:55:87:
6f:5e:85:e3:a2:7c:65:11:39:90:d5:90:dc:58:5f:5f:bc:38:
5f:68:ac:61:3e:67:be:84:ba:2a:00:96:32:08:0d:f1:03:f0:
d4:9b:e1:5f:03:f7:56:30:ff:28:87:e3:6a:94:a4:b9:3e:ed:
04:f4:93:66
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ1jM4ARPmNWkZyBCJ/U/kI9VwegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwMDVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1YjUxZDhjNGIzOGIyNzU5MGU5MTJjOTkzOWJhZGM5NTQ5NDIzNjcxZmFl
NGE3OWQ1YjU4Y2Q4OWE0OGIzMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvJ0VZOj/xhtR4ZQZJm9YNVYO50rvDmEIP6g/4YGp4JPgbJhrHs+WhYOKqU
Utaqi86bPagThKCf6F7r5kYHgIvZBsJZK0Nj+8MBS2N+wgzy4z75iwG7/FW4slKD
3bBtBjv33wsyL9bpj5HQYqkZv1GTc5QLmLSB6hZ8XCu3BL2nfjd2NRUb7BcF154T
b1m0+6Od1m35Pjm5C9m4+ZAeeMMITrCqWQ9f4mkEvuHQwTIt/fyhRgWbbSZxH15V
G3WYBoSvlaurKawszQlyGbhc1878Z7HYPrSP0GV4VuTycbHD/GXMtq1IsGKzOlMY
Yg/c2vJfXk3Wu4AqVeCFwNI4WnkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSA5J1z
Lq5Ee+Sb7raPocM0M1s/dDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI2ZGRjYTctMTcyZi00ZjBlLTlhODMtOWEzNTlmNjJjNDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVA
MA0GCSqGSIb3DQEBCwUAA4IBAQC+q4uXQllkJNGN7gndB3FSS3/VTAHvFutH8UoW
fiRwbm6cdTkpVoOxz0o5JZ698CGl9oTsKFoLV2FoP2pmPzxfxHpouCnnHg+OcJd5
o3Q/eE8x9T9jAZsdzmT5QPI2yYBF868bNp5+JaYSX3TZjyrXRRZ+FsE95q56shh2
SLFlIdtRSTUupz0IBxpSZWXvcZ8wcKiw6BWcJp4jfI1WtT7+lsrmN/o9Tfb5/IVW
Ac3bjC4dQRyV0D5xFNQv2SKjEQCkrbpHVYdvXoXjonxlETmQ1ZDcWF9fvDhfaKxh
Pme+hLoqAJYyCA3xA/DUm+FfA/dWMP8oh+NqlKS5Pu0E9JNm
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:26:19 2026 by rpki-client