Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
File: 4dc2c958-c749-4f2f-a83c-b419f7f45487.roa (raw, json)
Hash identifier: 2c5zpDY9A9v6cuw5wlWCX5mVmpJf8pvRvh8jipHeABo=
Subject key identifier: 7D:91:2A:F7:EB:23:7B:4E:E5:ED:9C:AA:7B:2F:84:AA:24:A2:77:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 025887B72C254C9F1EAE4C06DC429509A9D164CA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
Signing time: Sat 28 Feb 2026 06:01:12 +0000
ROA not before: Sat 28 Feb 2026 06:01:12 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:58:87:b7:2c:25:4c:9f:1e:ae:4c:06:dc:42:95:09:a9:d1:64:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:01:12 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=9cd693b20c7c5876398e3eec7602cf9b8227ca89285f9bf34cb7de000ea5bc48, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5d:bd:bc:74:a1:4d:f6:d2:16:fb:79:f1:3f:
a4:b9:7f:f8:ad:cd:44:47:89:69:ba:dc:7a:8c:7e:
29:09:6b:a2:21:fa:32:3a:3c:82:1b:5a:60:93:99:
d1:aa:38:72:c4:96:2b:72:bb:c4:d2:ce:6a:0f:24:
f0:7c:2c:59:99:47:84:3a:c5:ca:d9:eb:b4:44:10:
7a:ef:38:96:48:54:c6:08:0e:e7:d3:cb:d4:17:0f:
d7:72:c5:7f:9d:a7:2d:ac:da:86:61:50:64:9c:f3:
3f:78:c1:ca:09:6d:e3:3f:35:15:c9:ed:c5:62:02:
e7:7e:25:33:b0:a0:34:d8:42:a0:05:b0:51:4c:fb:
8f:cb:5d:74:95:52:a6:e9:dd:45:47:10:d1:a8:c1:
58:40:19:90:a4:78:17:bb:c7:bf:6c:97:cb:ad:7f:
2b:5a:bd:00:5e:eb:a6:e3:c5:ed:d4:aa:cc:f5:0e:
48:43:c5:c8:dc:7d:73:89:be:f7:87:24:58:a7:15:
e4:9b:3f:e5:41:34:11:30:63:a0:a3:ab:8b:4a:d0:
47:9d:cb:bb:28:7a:4b:55:96:52:49:04:7a:4d:10:
f0:5a:fa:6a:e9:4b:bf:b5:40:e7:a2:04:39:0b:60:
e9:c4:10:4d:9a:3f:b0:89:eb:4a:86:b2:f0:52:75:
27:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:91:2A:F7:EB:23:7B:4E:E5:ED:9C:AA:7B:2F:84:AA:24:A2:77:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
87:19:df:d5:7a:95:e4:be:bc:a2:f9:5b:84:ed:92:2d:d5:a0:
cb:1b:a9:0a:45:21:0a:d0:d1:d3:04:aa:0e:5c:18:2c:be:60:
e2:e1:b9:bd:01:52:61:85:6d:a4:5f:4f:36:ff:d7:34:d9:c9:
d3:5e:d1:d4:fc:d5:3b:3c:d2:26:db:6c:7e:ea:53:58:c1:b3:
4f:32:17:3d:29:b1:4a:45:66:aa:f9:7b:63:34:ac:0a:6c:bd:
86:7f:68:a0:ff:44:93:03:99:02:c8:74:fe:94:d9:06:fa:4f:
e3:6c:b8:a6:c4:5d:19:f7:af:02:60:30:b2:a8:66:85:b2:b6:
e7:11:e1:0b:f0:97:eb:d1:fa:25:79:4a:e7:f6:a1:1e:51:8c:
9a:24:5f:36:66:35:96:9b:cd:d7:94:03:11:31:2b:9c:14:13:
64:32:5c:18:06:5c:49:ec:36:52:0f:79:55:fc:8b:b1:cb:6a:
bd:cc:bf:c1:b5:0d:96:72:a8:95:96:50:79:97:d0:16:49:60:
cc:f8:81:d4:f1:bf:e1:b6:2c:94:60:af:7e:27:6d:0d:59:70:
9d:79:a2:22:1a:94:9e:a0:ba:4e:20:5d:13:3a:25:25:dd:a8:
42:e2:fa:c8:11:47:9c:ea:7c:25:e9:6c:9c:50:f9:5d:7d:dc:
d5:66:24:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAliHtywlTJ8erkwG3EKVCanRZMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAxMTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDljZDY5M2IyMGM3YzU4NzYzOThlM2VlYzc2MDJjZjliODIyN2NhODkyODVm
OWJmMzRjYjdkZTAwMGVhNWJjNDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpdvbx0oU320hb7efE/pLl/+K3NREeJabrceox+KQlroiH6Mjo8ghtaYJOZ
0ao4csSWK3K7xNLOag8k8HwsWZlHhDrFytnrtEQQeu84lkhUxggO59PL1BcP13LF
f52nLazahmFQZJzzP3jByglt4z81FcntxWIC534lM7CgNNhCoAWwUUz7j8tddJVS
pundRUcQ0ajBWEAZkKR4F7vHv2yXy61/K1q9AF7rpuPF7dSqzPUOSEPFyNx9c4m+
94ckWKcV5Js/5UE0ETBjoKOri0rQR53Luyh6S1WWUkkEek0Q8Fr6aulLv7VA56IE
OQtg6cQQTZo/sInrSoay8FJ1J38CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR9kSr3
6yN7TuXtnKp7L4SqJKJ3WTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRjMmM5NTgtYzc0OS00ZjJmLWE4M2MtYjQxOWY3ZjQ1NDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hrg
MA0GCSqGSIb3DQEBCwUAA4IBAQCHGd/VepXkvryi+VuE7ZIt1aDLG6kKRSEK0NHT
BKoOXBgsvmDi4bm9AVJhhW2kX082/9c02cnTXtHU/NU7PNIm22x+6lNYwbNPMhc9
KbFKRWaq+XtjNKwKbL2Gf2ig/0STA5kCyHT+lNkG+k/jbLimxF0Z968CYDCyqGaF
srbnEeEL8Jfr0foleUrn9qEeUYyaJF82ZjWWm83XlAMRMSucFBNkMlwYBlxJ7DZS
D3lV/Iuxy2q9zL/BtQ2WcqiVllB5l9AWSWDM+IHU8b/htiyUYK9+J20NWXCdeaIi
GpSeoLpOIF0TOiUl3ahC4vrIEUec6nwl6WycUPldfdzVZiQ+
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:36 2026 by rpki-client