Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75900e8f-9582-4f56-8b92-09a50d5110f8.roa
File: 75900e8f-9582-4f56-8b92-09a50d5110f8.roa (raw, json)
Hash identifier: S29AvMjcFsw5KlZ3K2E5mrt4dluU7+d3SCeNp3x6IK0=
Subject key identifier: 72:1C:12:9F:8C:24:05:D7:5A:E9:6D:DF:32:AA:63:C0:12:37:59:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FACBFF52119FB7E76940F97444CC145E72DBB80
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75900e8f-9582-4f56-8b92-09a50d5110f8.roa
Signing time: Fri 13 Feb 2026 15:20:09 +0000
ROA not before: Fri 13 Feb 2026 15:20:09 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:ac:bf:f5:21:19:fb:7e:76:94:0f:97:44:4c:c1:45:e7:2d:bb:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:09 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=f0d5d0797b6947398f6a87a984dcad1596f928502a8335a7c8c3fd01e5a39280, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1e:5f:24:c5:58:58:9a:4a:a0:8f:e7:ef:93:
cd:db:98:5f:af:b6:94:a0:45:56:11:95:37:06:eb:
ab:14:f3:13:04:69:d6:5c:76:18:a4:5e:81:22:be:
3a:e8:0d:12:be:21:6d:f4:2c:f1:a9:5f:60:4c:51:
62:c6:a1:22:4a:ab:69:bc:0f:9a:af:12:d8:51:d1:
ec:ca:a7:dd:cf:51:2f:cc:ae:49:a5:ef:80:27:29:
0a:25:62:59:f9:84:ec:62:e7:70:7b:68:83:de:cb:
78:1c:ab:61:78:b8:d4:3a:87:71:7a:e7:32:44:99:
46:a9:c8:02:cd:b1:99:de:2e:91:11:96:ed:59:98:
b0:dc:b6:22:39:9f:4c:87:de:6e:68:01:11:67:65:
76:2f:dd:14:9c:90:1f:03:d0:41:8f:0f:35:1c:3b:
41:15:21:fd:cb:b7:88:f8:9b:44:53:b3:83:75:0e:
49:e0:10:54:66:ad:3c:22:b4:50:25:d0:07:f2:5d:
2b:aa:f2:96:d1:75:62:09:73:50:b4:66:12:60:87:
b7:fa:4d:0a:95:86:f0:f7:7c:91:eb:6d:56:58:60:
11:b2:e3:1b:5d:28:c5:47:bd:1a:92:8a:dd:e7:9f:
8c:3b:f7:1e:26:62:c1:87:59:56:98:db:26:be:dd:
92:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:1C:12:9F:8C:24:05:D7:5A:E9:6D:DF:32:AA:63:C0:12:37:59:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/75900e8f-9582-4f56-8b92-09a50d5110f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:a000::/40
Signature Algorithm: sha256WithRSAEncryption
90:5b:68:7c:98:8b:54:32:cd:c9:2a:09:37:91:50:8c:83:93:
43:45:57:71:c3:5c:47:40:cc:3c:b1:4e:b8:71:52:21:e1:88:
28:b2:2e:9a:d0:59:25:0e:4b:13:84:d7:a0:a5:7d:c4:41:a2:
98:8a:6c:70:20:d4:68:74:42:ac:ee:cd:43:e9:cd:63:b2:74:
af:01:57:2a:44:03:85:53:60:94:53:d6:b3:65:e1:19:ff:31:
13:32:66:ac:eb:35:40:1a:13:ba:b2:6c:62:c5:ff:49:ed:ae:
ba:f0:97:69:b6:2f:da:a5:9f:06:ad:1d:8b:45:2a:cb:3a:53:
2b:93:7b:f1:b2:10:42:87:61:1f:99:be:a1:79:d3:03:7c:7f:
c7:e5:36:9a:3a:5c:b2:14:a3:2d:6f:79:f8:77:89:ce:07:d1:
90:86:db:77:5d:e5:17:81:be:d5:bf:05:96:03:37:e1:1f:97:
c5:86:e0:84:ec:0e:23:8f:bf:ba:8e:0b:24:3d:e3:b7:0b:9c:
ea:c4:93:d1:fb:5b:49:9f:31:23:d2:96:5c:64:cb:f4:a7:46:
1b:22:60:47:df:9d:11:ad:c6:99:24:0c:48:0a:36:64:85:1f:
ef:3b:4f:50:ac:33:a3:85:04:31:7e:6e:87:3a:ed:a4:80:37:
b7:87:45:16
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT6y/9SEZ+352lA+XREzBRectu4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwMDlaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwZDVkMDc5N2I2OTQ3Mzk4ZjZhODdhOTg0ZGNhZDE1OTZmOTI4NTAyYTgz
MzVhN2M4YzNmZDAxZTVhMzkyODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJgeXyTFWFiaSqCP5++TzduYX6+2lKBFVhGVNwbrqxTzEwRp1lx2GKRegSK+
OugNEr4hbfQs8alfYExRYsahIkqrabwPmq8S2FHR7Mqn3c9RL8yuSaXvgCcpCiVi
WfmE7GLncHtog97LeByrYXi41DqHcXrnMkSZRqnIAs2xmd4ukRGW7VmYsNy2Ijmf
TIfebmgBEWdldi/dFJyQHwPQQY8PNRw7QRUh/cu3iPibRFOzg3UOSeAQVGatPCK0
UCXQB/JdK6ryltF1YglzULRmEmCHt/pNCpWG8Pd8kettVlhgEbLjG10oxUe9GpKK
3eefjDv3HiZiwYdZVpjbJr7dkuECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyHBKf
jCQF11rpbd8yqmPAEjdZ1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU5MDBlOGYtOTU4Mi00ZjU2LThiOTItMDlhNTBkNTExMGY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOg
MA0GCSqGSIb3DQEBCwUAA4IBAQCQW2h8mItUMs3JKgk3kVCMg5NDRVdxw1xHQMw8
sU64cVIh4Ygosi6a0FklDksThNegpX3EQaKYimxwINRodEKs7s1D6c1jsnSvAVcq
RAOFU2CUU9azZeEZ/zETMmas6zVAGhO6smxixf9J7a668Jdpti/apZ8GrR2LRSrL
OlMrk3vxshBCh2Efmb6hedMDfH/H5TaaOlyyFKMtb3n4d4nOB9GQhtt3XeUXgb7V
vwWWAzfhH5fFhuCE7A4jj7+6jgskPeO3C5zqxJPR+1tJnzEj0pZcZMv0p0YbImBH
350RrcaZJAxICjZkhR/vO09QrDOjhQQxfm6HOu2kgDe3h0UW
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:01:49 2026 by rpki-client