Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f37316f-6860-4fa1-a7a8-65525e5bc6a6.roa
File: 4f37316f-6860-4fa1-a7a8-65525e5bc6a6.roa (raw, json)
Hash identifier: Yf1pk+vAZXnrzXsQK9FMt+mY4WbU6YwBpS1tmXUEWFw=
Subject key identifier: D9:5C:D4:F2:57:8C:52:1D:C7:92:AA:4F:8C:EE:D2:56:56:94:91:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6072A39CF634E51E22B020C477CC7852B1CF616E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f37316f-6860-4fa1-a7a8-65525e5bc6a6.roa
Signing time: Wed 11 Feb 2026 01:20:08 +0000
ROA not before: Wed 11 Feb 2026 01:20:08 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:72:a3:9c:f6:34:e5:1e:22:b0:20:c4:77:cc:78:52:b1:cf:61:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:20:08 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=348465569a822048a17e984143a2f7051c02a1908d73b7f08a595e60aef488e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4b:97:8b:8a:44:47:c6:21:6b:c0:85:89:da:
40:48:ad:d5:8d:d3:ea:ef:ae:5e:42:19:1e:9b:f1:
39:c6:dc:16:a7:ec:ed:c3:89:bf:49:6e:d9:75:02:
9a:26:ad:9d:99:eb:66:3c:24:d3:86:9e:45:79:80:
8a:fd:ea:29:bc:eb:8c:65:0f:05:2a:ac:0d:84:30:
c7:b0:ff:a9:7f:4e:cf:83:c7:d4:1a:89:40:39:19:
9e:85:fe:36:af:33:bf:f4:63:b8:0b:64:af:3b:39:
78:7b:38:5c:5b:6b:39:f6:b3:48:93:ce:eb:47:f2:
67:44:9b:5a:34:6c:42:8f:22:8a:c6:89:38:f8:08:
2e:e2:cb:36:b0:95:94:9d:ed:23:68:23:2e:90:9a:
03:df:b2:99:37:d1:41:04:4e:84:c2:98:ac:fa:c9:
95:f4:22:e6:9c:99:a0:34:cf:9a:f9:ee:32:55:6b:
d3:59:b7:7a:e7:8e:c0:ba:74:3b:f9:7a:d7:fb:0a:
b8:28:4e:e5:07:5c:d4:95:42:de:0b:6b:de:9d:fe:
6e:74:a0:be:f8:7f:f7:70:a3:02:9d:ad:72:62:19:
5e:14:98:5b:7a:a0:de:24:99:4e:fc:ca:d0:b2:0e:
d0:45:fd:ad:70:db:d1:80:e5:41:89:d1:5e:e0:bc:
6b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:5C:D4:F2:57:8C:52:1D:C7:92:AA:4F:8C:EE:D2:56:56:94:91:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f37316f-6860-4fa1-a7a8-65525e5bc6a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:a040::/48
Signature Algorithm: sha256WithRSAEncryption
64:95:7d:be:57:58:90:b1:f7:7c:ab:2a:dc:6e:71:d2:ea:d9:
aa:b1:2e:58:b5:7f:4f:5b:11:de:5d:8f:a1:4a:85:46:f4:15:
c8:c1:9d:31:53:dc:f7:63:6f:07:e3:a8:07:64:8e:82:46:18:
68:fc:94:ee:8a:32:f9:7e:84:58:67:0a:33:c3:99:6f:7f:a5:
18:96:a1:a8:8b:ae:32:e8:c5:6b:e5:31:9d:a8:05:7d:bb:08:
5f:7f:b0:b7:0c:bf:62:29:de:4f:37:4c:09:ac:bb:02:9f:df:
46:40:29:ac:bc:d1:e6:b3:51:ad:b0:03:3d:c0:2b:18:ae:28:
6d:d6:93:2f:d4:6c:5f:18:7c:46:16:90:74:04:5c:71:7d:04:
bc:67:7b:b9:cc:09:7f:cb:cd:12:d9:ac:89:03:36:13:96:c9:
5f:11:10:1a:15:39:10:75:ca:29:14:45:c8:8d:6a:9e:44:ac:
2f:91:0c:f0:6e:32:22:1b:d2:cb:db:04:5e:96:1c:e4:08:6e:
12:30:b9:ea:f3:6a:e0:ed:1f:29:ba:c7:ba:c4:b7:20:da:d2:
18:be:2e:33:63:aa:7c:3b:31:8a:30:0d:78:36:32:95:40:d2:
35:eb:ab:53:4e:69:d3:e0:19:70:03:42:d7:9b:3a:39:07:6a:
f5:60:d9:86
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYHKjnPY05R4isCDEd8x4UrHPYW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTIwMDhaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0ODQ2NTU2OWE4MjIwNDhhMTdlOTg0MTQzYTJmNzA1MWMwMmExOTA4ZDcz
YjdmMDhhNTk1ZTYwYWVmNDg4ZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVLl4uKREfGIWvAhYnaQEit1Y3T6u+uXkIZHpvxOcbcFqfs7cOJv0lu2XUC
miatnZnrZjwk04aeRXmAiv3qKbzrjGUPBSqsDYQwx7D/qX9Oz4PH1BqJQDkZnoX+
Nq8zv/RjuAtkrzs5eHs4XFtrOfazSJPO60fyZ0SbWjRsQo8iisaJOPgILuLLNrCV
lJ3tI2gjLpCaA9+ymTfRQQROhMKYrPrJlfQi5pyZoDTPmvnuMlVr01m3eueOwLp0
O/l61/sKuChO5Qdc1JVC3gtr3p3+bnSgvvh/93CjAp2tcmIZXhSYW3qg3iSZTvzK
0LIO0EX9rXDb0YDlQYnRXuC8a5UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTZXNTy
V4xSHceSqk+M7tJWVpSRgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGYzNzMxNmYtNjg2MC00ZmExLWE3YTgtNjU1MjVlNWJjNmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gqg
QDANBgkqhkiG9w0BAQsFAAOCAQEAZJV9vldYkLH3fKsq3G5x0urZqrEuWLV/T1sR
3l2PoUqFRvQVyMGdMVPc92NvB+OoB2SOgkYYaPyU7ooy+X6EWGcKM8OZb3+lGJah
qIuuMujFa+UxnagFfbsIX3+wtwy/YineTzdMCay7Ap/fRkAprLzR5rNRrbADPcAr
GK4obdaTL9RsXxh8RhaQdARccX0EvGd7ucwJf8vNEtmsiQM2E5bJXxEQGhU5EHXK
KRRFyI1qnkSsL5EM8G4yIhvSy9sEXpYc5AhuEjC56vNq4O0fKbrHusS3INrSGL4u
M2OqfDsxijANeDYylUDSNeurU05p0+AZcANC15s6OQdq9WDZhg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:48:52 2026 by rpki-client