Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74742853-5675-46ac-b956-8fe64ff098f9.roa
File: 74742853-5675-46ac-b956-8fe64ff098f9.roa (raw, json)
Hash identifier: O7Zr6q63qAddXeAxw3WkEQC4z5fCGsGYih4U6yU/Zv4=
Subject key identifier: CA:83:C2:0F:D7:1A:86:24:F5:EF:7F:CB:E0:53:4C:0C:03:42:4C:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7DD3AFBA380C2D0A1C4C6FC4036A3D6275A2905D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74742853-5675-46ac-b956-8fe64ff098f9.roa
Signing time: Fri 20 Feb 2026 01:50:32 +0000
ROA not before: Fri 20 Feb 2026 01:50:32 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:d3:af:ba:38:0c:2d:0a:1c:4c:6f:c4:03:6a:3d:62:75:a2:90:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:32 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=eb5ca4aa71dbec9db367f3245fb9b87d0d904d60280e03369b904770036b151d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:99:e1:f9:6c:48:d3:c7:0a:fb:42:5f:d2:cf:
0c:d4:19:72:bb:7e:0c:0a:b4:ee:bd:24:9e:1a:ee:
0f:50:10:2b:ea:ce:60:81:08:2e:10:d3:de:45:25:
ca:00:ff:b7:a6:b2:2e:27:47:04:52:57:25:01:1a:
5c:da:df:6f:4a:34:37:7a:11:75:b2:26:e1:82:02:
2f:6e:36:03:2c:6d:03:f9:b2:51:54:3f:b0:40:5b:
d3:64:60:15:7f:07:49:b0:c9:99:73:17:f3:22:d5:
bd:ae:46:42:93:33:2b:3e:a6:ec:3c:63:13:66:3f:
87:9f:3c:0b:1d:ed:a2:74:41:d3:06:e5:49:99:53:
69:75:0f:56:03:42:0a:7c:2e:89:85:82:b4:be:7b:
1a:a6:fd:31:e5:c4:4b:71:70:7a:84:84:45:d8:3c:
f6:21:d5:18:f1:aa:7f:87:02:5f:a6:af:09:f2:a2:
a5:fe:23:7e:da:d4:73:8b:68:db:d1:ad:cb:8e:06:
24:73:ee:52:0b:0a:d1:6f:a5:68:79:e2:67:b2:0d:
07:81:2a:c1:4c:ac:22:a5:4c:df:5a:d9:0b:70:2d:
0f:1d:61:f7:c3:5b:d3:78:9b:3a:3d:e4:b8:d8:cd:
73:72:f3:f9:b9:6c:ab:fd:d6:7f:80:d4:a4:56:0c:
a5:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:83:C2:0F:D7:1A:86:24:F5:EF:7F:CB:E0:53:4C:0C:03:42:4C:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74742853-5675-46ac-b956-8fe64ff098f9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:8000::/36
Signature Algorithm: sha256WithRSAEncryption
ae:e0:68:81:34:77:01:82:d7:6a:99:de:1d:2e:35:88:79:8b:
c1:0a:0f:6c:99:0a:e8:06:6d:c8:64:63:c7:3f:99:e9:4b:ab:
bf:14:48:44:cd:d4:80:69:c4:08:01:08:0d:48:6b:fa:15:0a:
60:79:b5:84:aa:57:13:63:b8:a2:c9:3d:8f:2a:0a:77:8d:2c:
86:44:0e:69:8a:a3:84:8a:c1:1c:76:29:a1:20:60:d9:9b:d2:
dc:7a:f0:e6:0d:04:fe:89:aa:fa:60:93:60:0d:98:fe:fe:44:
4c:9a:37:fb:ef:1d:2d:5d:f6:31:42:15:ea:b7:ea:05:c6:c3:
87:14:2d:13:f5:81:e2:58:d2:d1:2e:eb:c0:cc:b1:78:8d:38:
ee:c2:03:b9:f1:bc:e7:d6:53:a1:c0:bd:1c:44:ef:e7:7a:82:
b8:4c:57:04:6e:a6:4e:d5:d0:e8:d6:4e:9d:7a:1b:19:13:a5:
92:c0:10:65:19:88:a9:27:c2:4d:da:0e:fa:92:2e:c4:27:1b:
ff:f8:db:51:7a:bc:7f:fa:5c:7c:41:b5:31:e3:66:ef:f6:96:
f6:de:f7:8c:e5:ea:8c:f9:3d:4b:07:b5:7f:f2:2c:4d:36:f2:
87:d7:6e:4e:ea:e1:16:7a:13:e6:b2:fe:9b:40:d2:cc:03:80:
61:fb:a9:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfdOvujgMLQocTG/EA2o9YnWikF0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMzJaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGViNWNhNGFhNzFkYmVjOWRiMzY3ZjMyNDVmYjliODdkMGQ5MDRkNjAyODBl
MDMzNjliOTA0NzcwMDM2YjE1MWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKeZ4flsSNPHCvtCX9LPDNQZcrt+DAq07r0knhruD1AQK+rOYIEILhDT3kUl
ygD/t6ayLidHBFJXJQEaXNrfb0o0N3oRdbIm4YICL242AyxtA/myUVQ/sEBb02Rg
FX8HSbDJmXMX8yLVva5GQpMzKz6m7DxjE2Y/h588Cx3tonRB0wblSZlTaXUPVgNC
CnwuiYWCtL57Gqb9MeXES3FweoSERdg89iHVGPGqf4cCX6avCfKipf4jftrUc4to
29Gty44GJHPuUgsK0W+laHniZ7INB4EqwUysIqVM31rZC3AtDx1h98Nb03ibOj3k
uNjNc3Lz+blsq/3Wf4DUpFYMpXUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKg8IP
1xqGJPXvf8vgU0wMA0JM5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzQ3NDI4NTMtNTY3NS00NmFjLWI5NTYtOGZlNjRmZjA5OGY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BiA
MA0GCSqGSIb3DQEBCwUAA4IBAQCu4GiBNHcBgtdqmd4dLjWIeYvBCg9smQroBm3I
ZGPHP5npS6u/FEhEzdSAacQIAQgNSGv6FQpgebWEqlcTY7iiyT2PKgp3jSyGRA5p
iqOEisEcdimhIGDZm9LcevDmDQT+iar6YJNgDZj+/kRMmjf77x0tXfYxQhXqt+oF
xsOHFC0T9YHiWNLRLuvAzLF4jTjuwgO58bzn1lOhwL0cRO/neoK4TFcEbqZO1dDo
1k6dehsZE6WSwBBlGYipJ8JN2g76ki7EJxv/+NtRerx/+lx8QbUx42bv9pb23veM
5eqM+T1LB7V/8ixNNvKH125O6uEWehPmsv6bQNLMA4Bh+6mM
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:35:32 2026 by rpki-client