Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
File: 74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa (raw, json)
Hash identifier: OMuxqnUf6A8L+oxcigDOfsIxwLkhGC8gdSEJId7ja/Y=
Subject key identifier: 7B:AB:DC:80:3E:84:16:00:01:5A:8E:AB:A1:4F:90:76:F6:28:53:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A709195492968F7DFE1939D4BB86BF2F23CFCDE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
Signing time: Thu 26 Feb 2026 02:10:06 +0000
ROA not before: Thu 26 Feb 2026 02:10:06 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:70:91:95:49:29:68:f7:df:e1:93:9d:4b:b8:6b:f2:f2:3c:fc:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:10:06 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=7b6a281ff0e159af0e825c2406eeb6dc0f85252383056c9b5dfbd64608819123, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:99:7e:1d:28:87:9b:43:e7:c5:ea:30:69:b6:
7b:79:e8:26:43:57:d7:d4:43:45:43:76:ea:ef:8e:
8c:cf:22:00:aa:64:d9:4a:8f:2f:b8:da:82:9d:d3:
ea:3d:67:ec:21:38:d4:f4:4e:c6:69:6d:84:ed:bf:
82:7f:d2:31:a9:10:f1:0c:d7:3f:26:cc:a2:ed:f3:
0b:55:9b:d2:db:7f:c7:43:3e:54:5f:8d:74:85:8e:
7c:b6:3b:49:b6:e2:9e:b3:a4:41:c0:16:e3:c5:c4:
bc:62:63:28:78:42:b7:5d:e5:75:b2:58:af:57:7f:
dc:4a:9b:ee:ca:2f:a5:16:87:36:71:61:30:ff:ec:
ad:29:84:d0:6b:aa:3d:5d:13:be:ec:c4:68:ec:9d:
ae:33:2c:6b:f0:fe:60:9f:ae:f0:88:3c:d3:ec:f0:
c3:b4:01:d6:f3:75:1a:44:23:d0:c2:e4:4a:57:8c:
fb:4d:04:1d:ff:8b:93:ba:1a:f4:3f:4e:4d:be:6d:
d9:d7:b1:32:bd:d7:f4:02:fb:1a:f9:7a:62:fc:66:
81:7a:a0:be:48:f9:24:e2:76:8f:f0:2e:23:a8:e0:
ef:64:38:cc:e2:a8:3c:5b:90:8d:d6:da:f9:b4:7c:
3f:9c:c9:d7:81:58:4f:55:db:c2:98:9b:47:98:a6:
44:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:AB:DC:80:3E:84:16:00:01:5A:8E:AB:A1:4F:90:76:F6:28:53:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74f41cc9-ba0e-46d9-a774-45f6a030a3f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:880::/48
Signature Algorithm: sha256WithRSAEncryption
05:49:0a:43:36:65:68:c6:1e:52:96:e2:d4:87:e5:ce:f7:1f:
8f:7e:11:16:0d:d0:cd:54:ec:8a:f5:c9:1b:8a:2c:3f:c4:ca:
c9:50:9e:5c:de:8f:8f:a7:30:40:96:95:4e:d6:fc:45:87:be:
b4:59:a0:73:d3:95:34:27:fe:42:74:1d:3b:ae:9d:d4:0d:07:
37:97:6d:6d:39:79:00:b0:43:66:30:15:23:05:1c:39:22:f2:
65:90:2c:68:97:1c:c7:0d:4a:69:49:ef:d2:08:03:da:18:e0:
47:3b:a7:23:cf:1e:6d:80:20:d0:a4:61:48:8a:f9:9c:5c:9b:
e8:0c:8a:68:c1:10:d5:e0:f6:2a:6c:e0:da:51:26:bd:04:a8:
e0:b9:1c:9f:78:81:5d:13:23:3c:63:99:82:b5:52:c5:f5:77:
82:63:70:82:e7:5b:a7:8c:ba:0e:13:43:17:83:30:80:c5:8a:
d4:52:bd:9c:4f:bf:e6:c8:8d:53:3d:a3:26:96:3e:b2:6c:56:
75:a8:36:92:b4:3e:b8:f6:4b:67:dc:2d:62:44:6f:10:af:a3:
84:7a:26:2f:fe:03:35:ca:5c:6a:2c:ba:be:ce:90:0a:a8:58:
39:9e:e8:b5:ea:3f:54:e6:22:aa:4e:0f:4c:d8:b9:85:fa:ee:
9c:7a:5b:fe
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGnCRlUkpaPff4ZOdS7hr8vI8/N4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjEwMDZaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiNmEyODFmZjBlMTU5YWYwZTgyNWMyNDA2ZWViNmRjMGY4NTI1MjM4MzA1
NmM5YjVkZmJkNjQ2MDg4MTkxMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO6Zfh0oh5tD58XqMGm2e3noJkNX19RDRUN26u+OjM8iAKpk2UqPL7jagp3T
6j1n7CE41PROxmlthO2/gn/SMakQ8QzXPybMou3zC1Wb0tt/x0M+VF+NdIWOfLY7
SbbinrOkQcAW48XEvGJjKHhCt13ldbJYr1d/3Eqb7sovpRaHNnFhMP/srSmE0Guq
PV0TvuzEaOydrjMsa/D+YJ+u8Ig80+zww7QB1vN1GkQj0MLkSleM+00EHf+Lk7oa
9D9OTb5t2dexMr3X9AL7Gvl6YvxmgXqgvkj5JOJ2j/AuI6jg72Q4zOKoPFuQjdba
+bR8P5zJ14FYT1XbwpibR5imRG8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR7q9yA
PoQWAAFajquhT5B29ihTNjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzRmNDFjYzktYmEwZS00NmQ5LWE3NzQtNDVmNmEwMzBhM2Y0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
gDANBgkqhkiG9w0BAQsFAAOCAQEABUkKQzZlaMYeUpbi1Iflzvcfj34RFg3QzVTs
ivXJG4osP8TKyVCeXN6Pj6cwQJaVTtb8RYe+tFmgc9OVNCf+QnQdO66d1A0HN5dt
bTl5ALBDZjAVIwUcOSLyZZAsaJccxw1KaUnv0ggD2hjgRzunI88ebYAg0KRhSIr5
nFyb6AyKaMEQ1eD2Kmzg2lEmvQSo4Lkcn3iBXRMjPGOZgrVSxfV3gmNwgudbp4y6
DhNDF4MwgMWK1FK9nE+/5siNUz2jJpY+smxWdag2krQ+uPZLZ9wtYkRvEK+jhHom
L/4DNcpcaiy6vs6QCqhYOZ7oteo/VOYiqk4PTNi5hfrunHpb/g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:54 2026 by rpki-client