Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c40d116-3b5d-4e79-a735-a17b37f8ded2.roa
File: 4c40d116-3b5d-4e79-a735-a17b37f8ded2.roa (raw, json)
Hash identifier: uL261xu+QDyPPGDQhtFxFiJJC8QiJI+vJEEtelKiKQE=
Subject key identifier: AD:4F:EC:13:4E:A3:A0:AA:80:34:25:E3:28:76:4C:6D:49:3C:AE:2D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24CB7E3FA171446B9913517A6F229702873522AE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c40d116-3b5d-4e79-a735-a17b37f8ded2.roa
Signing time: Tue 24 Feb 2026 03:00:13 +0000
ROA not before: Tue 24 Feb 2026 03:00:13 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:cb:7e:3f:a1:71:44:6b:99:13:51:7a:6f:22:97:02:87:35:22:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 03:00:13 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=0a08b5502d3097b1ed834ea7042143901a1b1dd9a20b46c3f66c5262e675b42f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c8:29:76:08:0a:98:be:41:cf:cb:07:92:43:
91:02:1b:27:d8:a6:1e:86:b9:3f:ce:b2:44:50:08:
70:3c:df:49:ea:91:bb:e4:48:7e:ec:22:8c:40:2a:
36:3c:d0:b7:6f:2d:cc:d3:e0:f5:8d:73:01:f7:aa:
26:54:3c:99:de:cf:0f:19:f7:31:4e:ab:7f:d9:ec:
39:97:14:a6:bc:18:48:b0:de:7f:a9:f6:b7:6c:4e:
55:df:c1:f0:d9:7c:d7:43:18:44:bb:04:5d:31:46:
32:aa:36:1b:ac:d7:49:3a:61:ac:c2:9a:4b:f6:10:
63:f6:c0:78:88:dc:5d:a2:2e:22:46:7e:de:ec:60:
9c:f4:ce:b9:84:8d:a4:d5:8b:30:bf:45:17:1c:87:
3d:65:bb:ea:7d:39:02:5c:a6:4c:29:dc:9c:c2:03:
71:79:8a:6d:ef:5f:3e:78:de:16:6f:de:ce:a8:01:
8c:02:71:4a:8f:df:2d:b9:3e:85:07:a0:14:34:56:
c7:39:d5:de:8b:46:7e:dd:65:6c:1d:fe:cd:98:99:
8f:e5:e2:99:46:3a:97:7b:07:65:a6:67:34:ec:75:
7e:28:36:75:5b:80:92:07:3e:35:14:f1:e1:11:cd:
9b:ee:5e:2b:39:a0:fb:0b:62:00:c3:84:2e:0e:46:
91:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:4F:EC:13:4E:A3:A0:AA:80:34:25:E3:28:76:4C:6D:49:3C:AE:2D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c40d116-3b5d-4e79-a735-a17b37f8ded2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:9000::/48
Signature Algorithm: sha256WithRSAEncryption
36:1e:29:d8:90:49:d3:1a:20:15:5c:a1:37:18:d3:8a:14:04:
e0:57:cf:01:cf:e3:7a:d6:5a:02:9c:15:f3:44:d3:19:0d:73:
31:aa:61:35:46:99:76:ee:07:7f:b0:1b:f6:a0:a8:b5:9f:ef:
a3:68:aa:e9:34:b6:00:ec:7d:52:de:35:80:d1:53:20:4e:fb:
b2:54:63:9f:d9:56:a4:1c:a4:0b:c1:97:eb:39:6b:d6:cd:7b:
a0:d3:77:62:77:3c:0d:90:7d:7a:06:df:68:de:36:5b:d6:d8:
de:d9:65:22:4d:07:51:70:be:04:7f:5c:52:68:33:94:e1:9a:
fa:4c:9f:a3:5d:81:a2:e8:a0:a6:69:57:55:96:36:92:8b:15:
66:d1:12:48:d3:af:4b:b7:2f:59:71:2e:7d:a8:68:05:61:e9:
dc:cb:3a:83:e4:ce:c7:88:33:97:14:37:57:93:52:ac:cf:e4:
e5:60:c9:65:b7:26:c2:98:64:c6:18:a4:50:10:5d:1b:d1:16:
be:97:74:f1:a0:3c:78:1b:93:be:b0:f7:26:51:84:8b:b3:c9:
49:a5:e4:3d:c8:0c:4d:fa:f6:32:54:03:cb:9b:e3:50:fb:4f:
30:08:84:fb:d2:92:00:f6:88:09:3e:6f:e1:e8:b6:23:33:7a:
63:71:08:ad
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJMt+P6FxRGuZE1F6byKXAoc1Iq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwMzAwMTNaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhMDhiNTUwMmQzMDk3YjFlZDgzNGVhNzA0MjE0MzkwMWExYjFkZDlhMjBi
NDZjM2Y2NmM1MjYyZTY3NWI0MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvIKXYICpi+Qc/LB5JDkQIbJ9imHoa5P86yRFAIcDzfSeqRu+RIfuwijEAq
NjzQt28tzNPg9Y1zAfeqJlQ8md7PDxn3MU6rf9nsOZcUprwYSLDef6n2t2xOVd/B
8Nl810MYRLsEXTFGMqo2G6zXSTphrMKaS/YQY/bAeIjcXaIuIkZ+3uxgnPTOuYSN
pNWLML9FFxyHPWW76n05AlymTCncnMIDcXmKbe9fPnjeFm/ezqgBjAJxSo/fLbk+
hQegFDRWxznV3otGft1lbB3+zZiZj+XimUY6l3sHZaZnNOx1fig2dVuAkgc+NRTx
4RHNm+5eKzmg+wtiAMOELg5GkWECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBStT+wT
TqOgqoA0JeModkxtSTyuLTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM0MGQxMTYtM2I1ZC00ZTc5LWE3MzUtYTE3YjM3ZjhkZWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GyQ
ADANBgkqhkiG9w0BAQsFAAOCAQEANh4p2JBJ0xogFVyhNxjTihQE4FfPAc/jetZa
ApwV80TTGQ1zMaphNUaZdu4Hf7Ab9qCotZ/vo2iq6TS2AOx9Ut41gNFTIE77slRj
n9lWpBykC8GX6zlr1s17oNN3Ync8DZB9egbfaN42W9bY3tllIk0HUXC+BH9cUmgz
lOGa+kyfo12BouigpmlXVZY2kosVZtESSNOvS7cvWXEufahoBWHp3Ms6g+TOx4gz
lxQ3V5NSrM/k5WDJZbcmwphkxhikUBBdG9EWvpd08aA8eBuTvrD3JlGEi7PJSaXk
PcgMTfr2MlQDy5vjUPtPMAiE+9KSAPaICT5v4ei2IzN6Y3EIrQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:43:35 2026 by rpki-client