Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f5beeeb-9d92-4f06-bd20-3e902727e44b.roa
File: 4f5beeeb-9d92-4f06-bd20-3e902727e44b.roa (raw, json)
Hash identifier: 6VNT51/UipKv7BFxmstoHo2MPDpV6/+pjFezv8yttZA=
Subject key identifier: 4D:D8:8E:CD:D6:82:9C:64:86:86:6A:7F:7B:8A:70:B0:F5:FD:18:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C9E63EAB25304A4F1CC5CF48039FC005E805218
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f5beeeb-9d92-4f06-bd20-3e902727e44b.roa
Signing time: Tue 24 Feb 2026 03:00:11 +0000
ROA not before: Tue 24 Feb 2026 03:00:11 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:9e:63:ea:b2:53:04:a4:f1:cc:5c:f4:80:39:fc:00:5e:80:52:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 03:00:11 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=67dc3a01acef609a0e0f17dc749a797f4c8fd656674f094c8cd4c88e796539d3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:de:f9:d1:4a:ec:d9:8e:2d:ee:fc:34:9d:c1:
fd:58:9f:52:fd:da:29:93:1c:fb:db:7a:e3:43:d8:
a0:a2:aa:cb:00:48:c6:b4:e3:b2:be:44:08:a3:e5:
88:8a:64:51:2d:77:de:ad:ae:09:01:06:50:f2:8f:
8f:cc:ec:a7:ca:25:3a:6a:cc:dd:ca:a2:06:cd:2f:
7a:cd:e7:6e:02:fe:a0:c6:26:8d:c9:4b:b0:14:2d:
8a:b3:f3:5a:da:69:15:3e:84:25:3f:73:45:4d:10:
a5:51:51:0e:0e:b4:34:9d:3c:fe:d7:1f:2d:2b:09:
d2:ca:27:43:8e:8d:55:69:f9:bc:5d:e0:20:63:ba:
72:ee:7f:3a:e1:94:a5:01:8a:ba:78:e3:42:ea:47:
2a:ac:ec:4d:97:29:ea:88:4b:f7:20:a0:e2:14:ef:
bb:de:1b:e8:72:f1:a7:e9:56:a6:b4:d9:dc:32:1f:
ab:2a:d0:4b:73:6a:32:1e:a6:a3:74:6d:be:f6:c0:
16:b5:75:9b:f2:01:67:9f:41:8b:cd:0f:cb:7c:14:
93:db:02:fc:55:24:2a:3f:45:47:90:aa:67:7b:4a:
db:09:c1:d5:21:fc:ff:00:19:2a:30:8c:f7:70:8f:
ea:e8:6d:9e:04:28:07:03:26:d0:03:d8:a8:8e:1b:
f1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:D8:8E:CD:D6:82:9C:64:86:86:6A:7F:7B:8A:70:B0:F5:FD:18:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f5beeeb-9d92-4f06-bd20-3e902727e44b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:800::/40
Signature Algorithm: sha256WithRSAEncryption
4d:92:fb:c9:6d:69:1c:bc:c8:39:0a:21:94:4d:ed:73:78:79:
72:6e:e1:17:15:66:db:e0:14:8f:8d:11:76:b8:77:30:b0:63:
d3:94:0c:6f:86:e2:5b:80:de:b3:3b:96:51:02:9e:c6:20:f1:
36:f8:8a:b1:7a:29:eb:15:bd:ef:f0:1e:81:96:ea:64:7a:34:
1c:34:15:32:b8:84:c8:e4:18:eb:6a:ae:33:2b:ee:c5:e9:a1:
5d:bb:45:8e:98:94:c2:89:4b:b5:5a:d6:74:d5:6c:34:b1:82:
14:a3:a6:9b:0a:23:dd:1f:4f:50:18:2a:5a:14:2c:57:ae:65:
49:97:e1:06:5a:19:bc:a1:d2:a8:6e:42:70:86:ac:ce:64:ae:
51:ba:e8:99:7c:a5:95:b3:95:1e:9e:3f:f8:9c:c8:0c:c1:46:
f5:cb:ce:60:04:74:9b:2f:45:92:0c:95:f4:f3:ca:21:9b:d1:
59:34:f9:f8:e6:f4:aa:e6:48:0e:d7:e9:23:ff:3a:6f:1a:02:
29:4d:31:13:43:c9:77:04:9f:4b:13:2d:60:d1:a7:33:12:45:
69:37:a8:2f:1c:c1:0d:2f:8c:42:5f:f5:cb:de:96:10:b8:f2:
8e:55:5b:ab:30:d0:14:aa:f0:21:a0:59:d5:09:a1:c5:df:4d:
11:5c:54:73
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHJ5j6rJTBKTxzFz0gDn8AF6AUhgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwMzAwMTFaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3ZGMzYTAxYWNlZjYwOWEwZTBmMTdkYzc0OWE3OTdmNGM4ZmQ2NTY2NzRm
MDk0YzhjZDRjODhlNzk2NTM5ZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7e+dFK7NmOLe78NJ3B/VifUv3aKZMc+9t640PYoKKqywBIxrTjsr5ECKPl
iIpkUS133q2uCQEGUPKPj8zsp8olOmrM3cqiBs0ves3nbgL+oMYmjclLsBQtirPz
WtppFT6EJT9zRU0QpVFRDg60NJ08/tcfLSsJ0sonQ46NVWn5vF3gIGO6cu5/OuGU
pQGKunjjQupHKqzsTZcp6ohL9yCg4hTvu94b6HLxp+lWprTZ3DIfqyrQS3NqMh6m
o3RtvvbAFrV1m/IBZ59Bi80Py3wUk9sC/FUkKj9FR5CqZ3tK2wnB1SH8/wAZKjCM
93CP6uhtngQoBwMm0APYqI4b8a8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRN2I7N
1oKcZIaGan97inCw9f0YhTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGY1YmVlZWItOWQ5Mi00ZjA2LWJkMjAtM2U5MDI3MjdlNDRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HsI
MA0GCSqGSIb3DQEBCwUAA4IBAQBNkvvJbWkcvMg5CiGUTe1zeHlybuEXFWbb4BSP
jRF2uHcwsGPTlAxvhuJbgN6zO5ZRAp7GIPE2+IqxeinrFb3v8B6BlupkejQcNBUy
uITI5Bjraq4zK+7F6aFdu0WOmJTCiUu1WtZ01Ww0sYIUo6abCiPdH09QGCpaFCxX
rmVJl+EGWhm8odKobkJwhqzOZK5RuuiZfKWVs5Uenj/4nMgMwUb1y85gBHSbL0WS
DJX088ohm9FZNPn45vSq5kgO1+kj/zpvGgIpTTETQ8l3BJ9LEy1g0aczEkVpN6gv
HMENL4xCX/XL3pYQuPKOVVurMNAUqvAhoFnVCaHF300RXFRz
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:02 2026 by rpki-client