Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
File: 74c7eb62-ad02-4aa2-9be5-024692c6239f.roa (raw, json)
Hash identifier: FkCaMs53i0BjjrSbeR9KZsGnyD8eI3Op5OSjV+FCPVM=
Subject key identifier: 1F:3F:82:17:57:27:5A:D6:0B:90:DB:D6:6F:3C:CD:07:78:F1:54:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0272ABE9BE79097FBD9372D87DF3BC6AA97EA761
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
Signing time: Sat 28 Feb 2026 05:30:11 +0000
ROA not before: Sat 28 Feb 2026 05:30:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:72:ab:e9:be:79:09:7f:bd:93:72:d8:7d:f3:bc:6a:a9:7e:a7:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=7cfcac927ab04b902c3b2bd9104af5b0ca5be6429dd71b393b93af17573b8eaf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:49:d2:11:51:1f:a5:dd:01:27:aa:fd:8c:e5:
12:0f:98:6f:c7:11:df:d7:3d:5d:98:0a:e3:c7:24:
c4:65:b1:45:88:ec:16:10:f7:d1:0e:15:ca:b9:e8:
ce:98:d3:c8:3a:85:cb:f4:1a:43:3b:53:9e:88:8f:
f0:13:a5:b4:da:07:97:7c:4f:39:27:c5:22:f3:93:
91:6c:87:2f:a1:6a:2c:6c:c7:c7:6b:25:4e:a5:73:
a2:72:db:ac:8e:38:d0:73:3f:ef:ec:65:07:51:e6:
f5:61:bb:ba:bb:d1:75:0d:f4:92:aa:94:9f:ce:5b:
18:79:ad:75:80:be:6a:d1:11:6f:82:bc:80:98:09:
d8:54:9e:0a:9d:b6:c9:67:87:f1:15:9f:2d:79:0f:
ce:74:b3:7c:40:a2:1a:83:0d:74:dc:fd:35:65:80:
4b:5c:d6:52:a0:3d:8d:ee:48:95:66:3f:9c:4f:fa:
6e:c0:8e:43:8b:93:ce:63:48:2b:3d:57:df:2d:9f:
70:50:e2:0a:bd:da:0c:cb:49:7f:ce:d7:a6:17:69:
65:14:60:05:63:4b:3f:e8:9a:3a:d7:f7:81:08:55:
0f:82:50:4b:3d:3f:e9:30:b8:6c:dd:f2:58:f8:56:
97:a7:25:8f:b9:6c:bb:c7:77:17:0c:85:57:a5:a9:
b3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3F:82:17:57:27:5A:D6:0B:90:DB:D6:6F:3C:CD:07:78:F1:54:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2000::/40
Signature Algorithm: sha256WithRSAEncryption
b4:22:23:cc:cf:9c:de:7f:61:82:f5:ed:f5:c6:72:93:08:3b:
ed:e5:a0:0f:81:2c:fb:38:e2:b1:0c:a0:57:17:94:46:d8:4d:
94:3d:5e:00:ef:39:5f:c8:b6:de:67:48:d9:84:e7:72:d6:f6:
62:19:9b:c9:f6:5f:d0:66:00:49:d6:56:ed:25:eb:9a:29:e5:
06:f9:8f:d1:d5:6c:93:aa:db:3f:cd:44:fa:9e:10:29:a4:89:
80:84:95:17:f4:52:f7:26:91:0e:f2:b1:9b:5d:f4:36:26:b9:
8a:f4:81:a1:10:62:35:57:9b:53:cc:71:20:f1:e6:e6:e1:34:
5c:5e:c2:61:f6:74:22:c4:b3:80:46:bc:00:a5:32:aa:5d:8a:
6f:14:be:5a:d7:28:ea:df:68:fb:6a:f3:19:80:b8:bc:bf:59:
7d:d3:ca:45:0c:2a:50:d5:cb:98:92:f4:1e:7f:74:28:f8:d7:
02:68:a7:b6:96:11:da:ed:ae:18:2f:f1:1f:da:83:f7:8a:d9:
ec:e1:ae:01:f9:e0:88:3f:da:2d:ee:0c:8e:51:8d:e3:45:52:
22:c6:1f:5f:8f:0d:b2:bd:13:ba:af:87:1d:6c:83:91:fe:57:
32:05:19:ad:a6:8e:5b:b7:31:a5:2c:92:a8:bd:94:cc:87:0d:
9e:20:b9:38
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAnKr6b55CX+9k3LYffO8aql+p2EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjZmNhYzkyN2FiMDRiOTAyYzNiMmJkOTEwNGFmNWIwY2E1YmU2NDI5ZGQ3
MWIzOTNiOTNhZjE3NTczYjhlYWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI9J0hFRH6XdASeq/YzlEg+Yb8cR39c9XZgK48ckxGWxRYjsFhD30Q4Vyrno
zpjTyDqFy/QaQztTnoiP8BOltNoHl3xPOSfFIvOTkWyHL6FqLGzHx2slTqVzonLb
rI440HM/7+xlB1Hm9WG7urvRdQ30kqqUn85bGHmtdYC+atERb4K8gJgJ2FSeCp22
yWeH8RWfLXkPznSzfECiGoMNdNz9NWWAS1zWUqA9je5IlWY/nE/6bsCOQ4uTzmNI
Kz1X3y2fcFDiCr3aDMtJf87XphdpZRRgBWNLP+iaOtf3gQhVD4JQSz0/6TC4bN3y
WPhWl6clj7lsu8d3FwyFV6Wps7sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQfP4IX
Vyda1guQ29ZvPM0HePFUGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzRjN2ViNjItYWQwMi00YWEyLTliZTUtMDI0NjkyYzYyMzlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAg
MA0GCSqGSIb3DQEBCwUAA4IBAQC0IiPMz5zef2GC9e31xnKTCDvt5aAPgSz7OOKx
DKBXF5RG2E2UPV4A7zlfyLbeZ0jZhOdy1vZiGZvJ9l/QZgBJ1lbtJeuaKeUG+Y/R
1WyTqts/zUT6nhAppImAhJUX9FL3JpEO8rGbXfQ2JrmK9IGhEGI1V5tTzHEg8ebm
4TRcXsJh9nQixLOARrwApTKqXYpvFL5a1yjq32j7avMZgLi8v1l908pFDCpQ1cuY
kvQef3Qo+NcCaKe2lhHa7a4YL/Ef2oP3itns4a4B+eCIP9ot7gyOUY3jRVIixh9f
jw2yvRO6r4cdbIOR/lcyBRmtpo5btzGlLJKovZTMhw2eILk4
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:00 2026 by rpki-client