Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa
File: 4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa (raw, json)
Hash identifier: gigS8vo6QolFje6I0jJo66Haj1rkqa5KFFbjoYiUyFc=
Subject key identifier: C8:D0:D6:4F:AF:24:E3:F6:A8:EB:29:37:8C:FA:7A:B0:8F:D4:E1:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E64870F7C1F6D65802D74706C8438871801C69D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa
Signing time: Sat 28 Feb 2026 05:31:29 +0000
ROA not before: Sat 28 Feb 2026 05:31:29 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:64:87:0f:7c:1f:6d:65:80:2d:74:70:6c:84:38:87:18:01:c6:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:31:29 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=1c269d622ac47cc979777139b2dd17421cc2e38e85f4eed2e4bd67e36cf75ee8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5e:2e:4a:69:52:94:68:33:dc:ee:b8:09:4c:
f6:37:29:5f:a9:20:37:97:8f:cb:3c:e7:7c:8f:ee:
97:bb:d0:f2:52:71:48:39:d7:31:ef:05:39:f3:bb:
f6:30:38:e9:00:f5:db:b1:46:56:85:da:36:4c:da:
1e:1b:a9:c9:c2:47:28:d9:98:7b:00:57:7e:f5:a9:
ca:3b:a5:fa:b7:ec:0b:5b:59:7e:53:2f:84:5b:88:
7c:45:00:cf:d0:18:4d:0e:22:42:8d:13:1a:68:b9:
e8:48:97:34:38:c6:d6:4d:36:1f:0d:5e:11:a9:c4:
26:54:bc:30:11:0b:26:b9:5f:04:8c:5e:98:3c:e5:
3c:69:88:a3:a4:72:74:c4:94:aa:89:91:de:47:94:
17:39:31:e7:c0:b9:15:5c:d6:56:29:7c:1d:41:99:
03:d6:e3:24:d9:c5:0e:4f:1e:8e:e2:0d:fd:0f:75:
db:f4:71:fd:91:2c:f4:f6:a2:8a:c8:31:fd:1e:e2:
bc:ad:10:11:61:f3:70:5f:25:3e:95:fe:ae:34:16:
2b:5f:3c:2d:9a:9b:a1:a1:40:d2:a4:59:7c:f2:41:
6d:23:3c:eb:8a:67:0a:07:36:ed:05:b1:5c:b9:98:
51:10:2e:3b:85:2b:76:2b:96:7e:4d:4f:b1:0e:c3:
3d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D0:D6:4F:AF:24:E3:F6:A8:EB:29:37:8C:FA:7A:B0:8F:D4:E1:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
24:a9:c1:c4:cb:49:8d:a6:8c:b8:f5:40:54:15:00:74:3f:66:
1e:f2:a7:4a:5e:80:14:13:8f:ca:97:7e:12:98:ad:c8:46:aa:
51:99:29:72:0c:06:0a:c0:ca:8d:c7:0b:a6:a3:69:55:dc:af:
c9:6f:53:78:1b:d3:f6:61:f9:a0:0a:ba:64:5d:ff:20:9b:2f:
03:75:87:bc:85:10:f6:e4:80:43:75:2d:1e:43:29:52:fd:68:
1e:7e:10:d9:a8:30:cf:8c:c6:8a:44:5d:dd:f0:69:c7:d1:f8:
19:a8:06:9e:f3:fa:ea:82:ef:6c:ef:4b:bf:6c:54:4d:6b:7f:
85:80:5d:82:46:27:4c:b8:69:78:c2:05:d2:54:56:f5:82:c8:
57:b4:f6:24:36:2f:63:4e:6b:22:1d:f0:80:0e:69:e3:96:14:
ea:cc:5c:5d:ca:a2:3e:c1:a4:a3:59:8c:41:de:a2:52:e7:4a:
dc:3e:45:dd:cf:cf:be:6d:3e:f9:a2:37:d5:d3:bb:57:20:d2:
df:6a:f5:7e:8f:fa:46:31:27:a9:25:02:85:50:86:4f:05:3d:
f7:74:31:87:e2:ac:d0:f9:29:c2:3c:a2:28:90:a1:21:2c:47:
73:45:ac:1c:60:03:13:dc:54:d1:bf:9e:6f:b1:5f:f3:13:30:
c7:cb:98:66
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfmSHD3wfbWWALXRwbIQ4hxgBxp0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMxMjlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjMjY5ZDYyMmFjNDdjYzk3OTc3NzEzOWIyZGQxNzQyMWNjMmUzOGU4NWY0
ZWVkMmU0YmQ2N2UzNmNmNzVlZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMteLkppUpRoM9zuuAlM9jcpX6kgN5ePyzznfI/ul7vQ8lJxSDnXMe8FOfO7
9jA46QD127FGVoXaNkzaHhupycJHKNmYewBXfvWpyjul+rfsC1tZflMvhFuIfEUA
z9AYTQ4iQo0TGmi56EiXNDjG1k02Hw1eEanEJlS8MBELJrlfBIxemDzlPGmIo6Ry
dMSUqomR3keUFzkx58C5FVzWVil8HUGZA9bjJNnFDk8ejuIN/Q912/Rx/ZEs9Pai
isgx/R7ivK0QEWHzcF8lPpX+rjQWK188LZqboaFA0qRZfPJBbSM864pnCgc27QWx
XLmYURAuO4UrdiuWfk1PsQ7DPesCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTI0NZP
ryTj9qjrKTeM+nqwj9ThGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM1NzgzZWUtZGRlYS00Y2FlLWI2ZjQtM2QyNmQzMjhiMzZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGg
wDANBgkqhkiG9w0BAQsFAAOCAQEAJKnBxMtJjaaMuPVAVBUAdD9mHvKnSl6AFBOP
ypd+EpityEaqUZkpcgwGCsDKjccLpqNpVdyvyW9TeBvT9mH5oAq6ZF3/IJsvA3WH
vIUQ9uSAQ3UtHkMpUv1oHn4Q2agwz4zGikRd3fBpx9H4GagGnvP66oLvbO9Lv2xU
TWt/hYBdgkYnTLhpeMIF0lRW9YLIV7T2JDYvY05rIh3wgA5p45YU6sxcXcqiPsGk
o1mMQd6iUudK3D5F3c/Pvm0++aI31dO7VyDS32r1fo/6RjEnqSUChVCGTwU993Qx
h+Ks0PkpwjyiKJChISxHc0WsHGADE9xU0b+eb7Ff8xMwx8uYZg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:32 2026 by rpki-client