Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
File: 4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa (raw, json)
Hash identifier: 7+rbJK+v77vOJlx9pQyVHojdzjVLIr6fGjGwQZhDa6Q=
Subject key identifier: AB:82:96:60:69:FA:0E:39:53:AD:95:D7:BA:05:93:EB:9C:EF:8D:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A64F69B5CAABFEF322FC161F6A441071CDD52CE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
Signing time: Fri 20 Feb 2026 01:51:11 +0000
ROA not before: Fri 20 Feb 2026 01:51:11 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:64:f6:9b:5c:aa:bf:ef:32:2f:c1:61:f6:a4:41:07:1c:dd:52:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:51:11 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=7c94612504c6b664f5d4711461fe2957209ba01065e8b44a0f06b51c19bb3a41, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:22:9c:d5:ad:21:7a:d2:40:7b:ec:ee:81:ce:
ce:06:e3:43:37:dd:70:ad:b3:d6:0f:4a:8b:d3:3d:
63:f8:e2:d0:a3:7c:d9:dc:ed:e7:ad:19:83:17:a4:
84:27:59:02:74:59:9d:09:07:eb:e3:98:09:bd:ea:
c1:af:28:36:77:d5:08:fc:fa:2b:9a:5e:0e:99:94:
cb:36:fa:e4:ae:74:31:2d:fc:3c:80:b7:13:08:3b:
43:5a:e8:b1:03:02:8f:90:bf:19:57:9d:3b:78:c9:
42:39:f1:ee:8d:6d:5d:79:3f:f0:c0:41:18:8f:c2:
82:d1:53:29:65:0f:1e:10:a1:50:3c:ce:12:b3:5d:
89:3d:24:91:8e:3c:1b:39:b5:bc:76:b2:f5:9a:de:
7a:18:76:b9:10:88:cb:ae:27:97:fd:64:a0:39:20:
3b:d4:1d:77:b8:21:dd:5c:72:22:5c:60:d7:8a:44:
cb:56:4b:32:8c:bf:ab:34:2b:3b:44:07:1d:b8:b9:
5c:08:ad:c9:02:66:28:fa:54:6b:ad:ed:d5:20:5b:
88:0e:5f:d4:bc:7f:57:9f:bf:fe:29:9d:29:07:e3:
90:fe:0d:b7:18:b7:8a:ce:a2:f4:d1:c8:71:5a:46:
5e:06:c0:04:c8:fe:8a:8f:e6:48:35:b3:35:7f:b3:
38:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:82:96:60:69:FA:0E:39:53:AD:95:D7:BA:05:93:EB:9C:EF:8D:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
0f:4f:b2:2c:83:39:a3:42:27:76:df:11:ce:1a:7a:da:f3:6d:
1f:2b:50:25:59:f5:2a:ed:8a:02:ec:0b:0b:71:bf:c9:cc:01:
47:c3:31:a8:41:a3:c5:26:be:f0:3b:c5:d3:e2:8d:5e:2e:56:
4f:cf:5e:f7:a5:6e:9b:57:a0:50:b7:7a:4c:bc:c5:31:5d:47:
2d:86:80:dd:3d:b3:c5:51:1d:7d:a1:61:39:ba:7e:69:1d:da:
f0:e5:3b:81:c1:4e:df:29:c4:21:7a:7c:c5:df:8d:95:59:34:
2e:cf:b3:f8:0f:1d:46:69:f3:49:7b:a6:96:43:a7:7c:00:84:
fb:d6:4e:9c:1b:40:f1:f3:92:90:62:53:2e:91:22:4f:0f:2f:
0e:85:b7:23:85:48:64:d1:9e:aa:da:c1:fd:f9:66:34:b1:29:
b3:23:0e:0a:7f:04:de:d3:83:56:36:96:d6:ed:09:82:63:83:
11:3e:ae:46:21:8d:b3:23:66:57:33:ec:34:a8:89:ac:33:72:
f8:0e:fd:48:42:9f:e8:44:d3:f7:cc:87:3c:9f:e1:13:c5:46:
ea:23:ee:db:6e:bf:a7:af:ae:79:5a:ea:85:05:a6:54:44:75:
d7:6e:5a:11:f4:b3:bc:ae:bc:fb:e1:60:b4:81:f2:bd:09:60:
9d:f3:ff:93
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKmT2m1yqv+8yL8Fh9qRBBxzdUs4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUxMTFaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjOTQ2MTI1MDRjNmI2NjRmNWQ0NzExNDYxZmUyOTU3MjA5YmEwMTA2NWU4
YjQ0YTBmMDZiNTFjMTliYjNhNDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoinNWtIXrSQHvs7oHOzgbjQzfdcK2z1g9Ki9M9Y/ji0KN82dzt560Zgxek
hCdZAnRZnQkH6+OYCb3qwa8oNnfVCPz6K5peDpmUyzb65K50MS38PIC3Ewg7Q1ro
sQMCj5C/GVedO3jJQjnx7o1tXXk/8MBBGI/CgtFTKWUPHhChUDzOErNdiT0kkY48
Gzm1vHay9Zreehh2uRCIy64nl/1koDkgO9Qdd7gh3VxyIlxg14pEy1ZLMoy/qzQr
O0QHHbi5XAityQJmKPpUa63t1SBbiA5f1Lx/V5+//imdKQfjkP4Ntxi3is6i9NHI
cVpGXgbABMj+io/mSDWzNX+zOPUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSrgpZg
afoOOVOtlde6BZPrnO+N5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGJhNTRlNGYtMDI5NC00ZTgzLTgwMzctN2QyNjZjMzdmMGM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQAPT7IsgzmjQid23xHOGnra820fK1AlWfUq7YoC
7AsLcb/JzAFHwzGoQaPFJr7wO8XT4o1eLlZPz173pW6bV6BQt3pMvMUxXUcthoDd
PbPFUR19oWE5un5pHdrw5TuBwU7fKcQhenzF342VWTQuz7P4Dx1GafNJe6aWQ6d8
AIT71k6cG0Dx85KQYlMukSJPDy8OhbcjhUhk0Z6q2sH9+WY0sSmzIw4KfwTe04NW
NpbW7QmCY4MRPq5GIY2zI2ZXM+w0qImsM3L4Dv1IQp/oRNP3zIc8n+ETxUbqI+7b
br+nr655WuqFBaZURHXXbloR9LO8rrz74WC0gfK9CWCd8/+T
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:48:58 2026 by rpki-client