Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
File: 4e84f0a8-9d20-4219-b641-9a6905a033d9.roa (raw, json)
Hash identifier: E0Fg0jcq2sWXwt6aaTgjBQZt3Y7YxVpj6nN+SLO+ZX4=
Subject key identifier: DF:EA:B5:EF:12:1C:AC:33:A1:08:95:BF:24:51:DE:A1:3D:7A:97:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1882C6F8E850DD93114106C025FF3A5BF0331D8D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
Signing time: Sat 28 Feb 2026 05:30:56 +0000
ROA not before: Sat 28 Feb 2026 05:30:56 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:82:c6:f8:e8:50:dd:93:11:41:06:c0:25:ff:3a:5b:f0:33:1d:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:56 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f13907d80c29cb7f4972580a8f860b1dcd0727be2d866665e3b2ac947ae506ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:34:18:e5:fb:8b:17:a6:10:f7:f0:93:03:4f:
8d:ed:02:2a:88:e3:25:b5:2a:b9:d0:fb:22:b1:3f:
4e:2d:b5:95:70:d7:19:43:74:19:c1:e6:61:1e:c6:
5c:65:63:16:5a:ae:fe:ed:66:ee:aa:a3:d2:b1:05:
08:50:40:2b:a5:71:4f:c4:2b:19:14:18:4d:20:31:
38:e8:62:bc:5c:5f:8e:20:7b:7c:7d:39:f7:ba:b9:
78:15:b8:66:ef:33:29:04:6c:58:03:cc:5f:a4:e2:
ec:69:31:6d:45:2c:c0:6b:aa:1d:a8:13:e4:46:6b:
d0:37:47:23:a5:6e:88:02:e7:7d:4c:8c:42:ca:db:
0b:ff:62:d7:c2:63:e0:fe:d5:65:68:3b:f3:53:59:
19:30:e4:9f:a4:8c:05:6d:b0:7b:b4:f9:38:93:bd:
07:63:b8:34:66:58:fe:55:d5:d4:07:1d:1e:02:d4:
89:78:36:5d:c0:e2:ce:7b:20:ad:aa:93:3c:cc:e5:
5c:84:55:9b:20:7a:65:12:9a:e8:1a:c4:4c:99:bc:
39:ef:37:f2:16:cf:92:ab:58:91:d7:f0:13:9d:df:
f5:ec:f3:2d:7b:35:77:95:8a:27:e6:98:05:cc:5b:
6a:9a:7a:c4:74:b2:74:b4:b6:3d:b5:9b:44:20:bf:
17:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:EA:B5:EF:12:1C:AC:33:A1:08:95:BF:24:51:DE:A1:3D:7A:97:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a040::/48
Signature Algorithm: sha256WithRSAEncryption
46:ce:a0:8a:69:ad:73:49:21:4e:c3:bf:42:76:39:b7:33:c5:
ba:59:1f:76:a3:de:68:93:c2:fb:6d:37:14:39:27:6e:fe:01:
7b:24:18:9f:43:d0:56:0b:3c:da:96:9d:36:87:27:f1:13:9c:
84:44:ef:c8:f9:7d:ea:54:3f:9e:8d:d2:f1:3d:bb:b4:e2:71:
ca:50:30:2d:7c:49:f6:0b:00:8b:53:d1:5e:97:a0:64:34:60:
fd:83:b4:b7:91:c3:8b:ba:ed:3e:3f:08:95:34:c4:40:8d:aa:
22:38:af:31:13:99:2a:69:a5:90:d5:95:5c:bd:18:cd:3a:23:
31:48:f2:a1:cd:de:07:83:d9:73:4f:dd:e5:ed:98:55:1c:f5:
25:f8:8d:22:31:22:c8:c4:7d:13:43:33:9b:f9:9b:b8:56:2b:
4b:fb:1e:d2:81:20:72:86:57:c3:bc:d6:25:cb:f3:af:d4:88:
a8:86:dd:52:74:4d:8d:79:6b:59:7e:34:82:fa:6e:8c:95:eb:
c6:d6:40:d7:65:9b:c0:57:36:13:e5:b7:58:b3:7f:9e:b0:7f:
1e:98:71:c3:34:cf:16:32:59:6f:a1:9e:be:cd:86:86:93:5d:
d0:9e:7f:80:a2:41:7f:e5:d0:f9:84:16:41:4b:44:c3:1b:50:
f0:d0:60:8b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGILG+OhQ3ZMRQQbAJf86W/AzHY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwNTZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxMzkwN2Q4MGMyOWNiN2Y0OTcyNTgwYThmODYwYjFkY2QwNzI3YmUyZDg2
NjY2NWUzYjJhYzk0N2FlNTA2ZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQ0GOX7ixemEPfwkwNPje0CKojjJbUqudD7IrE/Ti21lXDXGUN0GcHmYR7G
XGVjFlqu/u1m7qqj0rEFCFBAK6VxT8QrGRQYTSAxOOhivFxfjiB7fH0597q5eBW4
Zu8zKQRsWAPMX6Ti7GkxbUUswGuqHagT5EZr0DdHI6VuiALnfUyMQsrbC/9i18Jj
4P7VZWg781NZGTDkn6SMBW2we7T5OJO9B2O4NGZY/lXV1AcdHgLUiXg2XcDiznsg
raqTPMzlXIRVmyB6ZRKa6BrETJm8Oe838hbPkqtYkdfwE53f9ezzLXs1d5WKJ+aY
Bcxbapp6xHSydLS2PbWbRCC/F+MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTf6rXv
EhysM6EIlb8kUd6hPXqXnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGU4NGYwYTgtOWQyMC00MjE5LWI2NDEtOWE2OTA1YTAzM2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
QDANBgkqhkiG9w0BAQsFAAOCAQEARs6gimmtc0khTsO/QnY5tzPFulkfdqPeaJPC
+203FDknbv4BeyQYn0PQVgs82padNocn8ROchETvyPl96lQ/no3S8T27tOJxylAw
LXxJ9gsAi1PRXpegZDRg/YO0t5HDi7rtPj8IlTTEQI2qIjivMROZKmmlkNWVXL0Y
zTojMUjyoc3eB4PZc0/d5e2YVRz1JfiNIjEiyMR9E0Mzm/mbuFYrS/se0oEgcoZX
w7zWJcvzr9SIqIbdUnRNjXlrWX40gvpujJXrxtZA12WbwFc2E+W3WLN/nrB/Hphx
wzTPFjJZb6Gevs2GhpNd0J5/gKJBf+XQ+YQWQUtEwxtQ8NBgiw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:57 2026 by rpki-client