Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/773f4606-0d98-4350-9ccd-3aba599136ef.roa
File: 773f4606-0d98-4350-9ccd-3aba599136ef.roa (raw, json)
Hash identifier: GBvi/VuCM2lam2FRIRmCMGrIhTE8F2RVv6pywzSUuG4=
Subject key identifier: FC:F7:37:8A:87:12:E3:79:58:51:7E:36:F6:06:B2:6B:C8:EB:19:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3EB0C2E4EB3A70DD45BA18BBF02A6CF581DBA242
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/773f4606-0d98-4350-9ccd-3aba599136ef.roa
Signing time: Thu 26 Feb 2026 02:10:09 +0000
ROA not before: Thu 26 Feb 2026 02:10:09 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:b0:c2:e4:eb:3a:70:dd:45:ba:18:bb:f0:2a:6c:f5:81:db:a2:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:10:09 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=2572fa793575dbae36786b63763de8b5f51c94e2afc628d9180d61eebe3bd0b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2c:27:23:2e:52:79:f2:25:62:e7:e5:a5:74:
7d:90:f7:24:73:d3:38:8a:62:db:aa:79:8b:f8:8a:
bc:0c:b6:e1:07:99:0a:85:1b:f8:8b:3a:8a:04:46:
74:38:46:ad:73:ee:23:c9:f6:7a:2c:e5:d7:a8:8b:
ec:13:22:ae:96:39:c2:d3:38:1f:ba:ac:a8:e7:8c:
da:18:a6:fd:93:e2:1b:61:9d:35:10:00:a9:29:44:
18:fa:24:e5:6b:19:e9:cd:66:32:d2:89:08:c0:08:
a6:ef:15:8f:39:b9:81:32:f4:d2:ff:3b:ca:10:5d:
e4:80:a2:86:41:dc:ad:53:e6:a7:61:1d:c3:6f:08:
c1:a8:d6:66:ea:b9:13:0c:69:88:6f:43:8b:f7:58:
c5:5b:26:48:84:4d:83:64:6e:b0:98:ba:26:34:a9:
f4:cd:21:67:23:5c:f0:70:0f:4c:9c:0a:1a:3a:e7:
9a:05:a5:6a:b8:6c:c9:2a:56:1a:97:fe:56:4a:48:
8a:c6:36:fc:f9:bb:6d:92:75:ff:95:73:9d:da:51:
89:5c:4c:ef:8b:70:00:42:b5:48:b3:ef:df:13:4d:
52:10:26:2e:12:0f:4d:b1:17:3d:6d:95:a1:70:0d:
83:f1:6f:17:57:39:d6:be:9e:b5:a7:35:3d:f1:58:
86:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F7:37:8A:87:12:E3:79:58:51:7E:36:F6:06:B2:6B:C8:EB:19:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/773f4606-0d98-4350-9ccd-3aba599136ef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:800::/40
Signature Algorithm: sha256WithRSAEncryption
6b:9d:e0:24:f9:dc:63:95:63:41:00:ef:8b:85:e0:1c:c2:c1:
5e:58:22:fd:fb:08:57:72:93:02:7c:8b:31:eb:05:ec:01:5d:
08:52:a1:95:f9:8e:1a:34:86:f7:c2:c3:98:ac:69:3e:03:a7:
d7:40:b7:e3:da:c7:3d:6d:c3:2e:cd:42:e3:2a:a4:ee:90:12:
65:c5:e6:57:1b:cc:10:b0:9f:10:1e:7b:44:27:08:d1:9a:8f:
16:29:23:c6:39:4f:7f:25:27:47:ef:8b:5a:b7:e3:43:cf:2e:
d3:10:77:d7:d3:6d:2d:68:b1:46:d0:98:07:8f:1d:ed:ca:93:
de:14:5b:0c:ee:fb:d8:3a:da:91:30:7e:b0:de:3b:78:96:b3:
bd:41:ce:c5:72:d7:fd:8f:f2:d6:a2:13:81:f3:5f:d4:91:cc:
e8:3c:90:4c:e0:3e:7b:2f:0b:02:5a:b5:4f:e6:7d:d3:a8:4f:
0a:f6:d3:ef:16:bb:a8:55:b2:5d:05:4d:28:f2:e7:25:c1:ee:
7c:46:6d:0e:13:0c:f3:a8:34:cd:ba:59:30:a6:a5:97:77:8c:
00:4b:bc:91:de:8c:26:1e:75:b4:00:3e:5a:ff:6f:38:8a:4a:
68:e2:4c:48:40:2b:09:5a:a6:4c:91:31:56:be:e6:c5:bd:e7:
c2:78:b3:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPrDC5Os6cN1Fuhi78Cps9YHbokIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjEwMDlaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1NzJmYTc5MzU3NWRiYWUzNjc4NmI2Mzc2M2RlOGI1ZjUxYzk0ZTJhZmM2
MjhkOTE4MGQ2MWVlYmUzYmQwYjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKksJyMuUnnyJWLn5aV0fZD3JHPTOIpi26p5i/iKvAy24QeZCoUb+Is6igRG
dDhGrXPuI8n2eizl16iL7BMirpY5wtM4H7qsqOeM2him/ZPiG2GdNRAAqSlEGPok
5WsZ6c1mMtKJCMAIpu8Vjzm5gTL00v87yhBd5ICihkHcrVPmp2Edw28IwajWZuq5
EwxpiG9Di/dYxVsmSIRNg2RusJi6JjSp9M0hZyNc8HAPTJwKGjrnmgWlarhsySpW
Gpf+VkpIisY2/Pm7bZJ1/5VzndpRiVxM74twAEK1SLPv3xNNUhAmLhIPTbEXPW2V
oXANg/FvF1c51r6etac1PfFYhnMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT89zeK
hxLjeVhRfjb2BrJryOsZ9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzczZjQ2MDYtMGQ5OC00MzUwLTljY2QtM2FiYTU5OTEzNmVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgI
MA0GCSqGSIb3DQEBCwUAA4IBAQBrneAk+dxjlWNBAO+LheAcwsFeWCL9+whXcpMC
fIsx6wXsAV0IUqGV+Y4aNIb3wsOYrGk+A6fXQLfj2sc9bcMuzULjKqTukBJlxeZX
G8wQsJ8QHntEJwjRmo8WKSPGOU9/JSdH74tat+NDzy7TEHfX020taLFG0JgHjx3t
ypPeFFsM7vvYOtqRMH6w3jt4lrO9Qc7Fctf9j/LWohOB81/UkczoPJBM4D57LwsC
WrVP5n3TqE8K9tPvFruoVbJdBU0o8uclwe58Rm0OEwzzqDTNulkwpqWXd4wAS7yR
3owmHnW0AD5a/284ikpo4kxIQCsJWqZMkTFWvubFvefCeLPA
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:28:11 2026 by rpki-client