Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
File: 77bc679b-5199-43c2-8199-be5c04a6c0d9.roa (raw, json)
Hash identifier: F7KeDj6Rk3mUsVC3Mw5C+VXmxTVZEgrMSoEnhoPRAvI=
Subject key identifier: 0C:43:FA:90:EF:62:0E:44:4B:9B:64:99:77:3A:14:53:7E:09:17:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 548C2CA662D49D64ECFDEC4964F1E25CEBB23248
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
Signing time: Sat 28 Feb 2026 06:21:03 +0000
ROA not before: Sat 28 Feb 2026 06:21:03 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:8c:2c:a6:62:d4:9d:64:ec:fd:ec:49:64:f1:e2:5c:eb:b2:32:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:03 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f5deeea479ce54edf35dd381d8e45fea7ac67ecd15c3cb83ca28e45cc0c3096d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:60:f8:12:9f:87:0f:3f:db:2c:29:85:ee:a6:
58:a8:7d:4c:36:fe:0b:71:76:02:0a:59:ca:37:16:
af:41:f9:a7:18:c3:c3:11:93:48:b9:a1:53:f2:36:
bd:08:dc:ad:5b:59:f2:d6:11:ab:2c:ad:ab:f3:b6:
52:2a:f4:3f:c6:29:97:ea:9d:fa:13:f2:4c:80:e1:
72:0a:e0:db:03:c8:c1:c0:9c:b6:7a:30:2f:15:75:
90:8c:99:6d:73:a8:c9:a5:21:b2:b1:6f:bf:c5:32:
74:f9:bb:1e:8d:bb:79:a1:3a:6c:29:9c:87:4c:e8:
2f:97:12:db:91:27:f2:06:12:4b:1d:68:5f:4f:98:
45:5e:56:20:6d:17:e2:8b:ce:42:9c:37:bc:07:e8:
4f:b2:9d:6d:e0:41:75:72:a0:2e:e8:f6:8e:90:ec:
bc:ac:e1:6f:5d:b7:95:40:8c:aa:79:79:45:fd:c8:
86:3f:97:55:1b:25:2f:60:89:5c:f4:83:6c:5e:ef:
c7:af:88:b1:1c:8c:a5:11:16:03:fb:62:b4:3c:93:
1b:db:25:0f:91:64:34:61:2c:d8:ea:6a:1d:36:7a:
bb:b7:2e:4c:b0:1f:c8:e8:cd:5e:68:45:9a:3c:34:
9d:f1:64:f1:32:3b:fb:05:39:39:b9:fb:78:24:5c:
6d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:43:FA:90:EF:62:0E:44:4B:9B:64:99:77:3A:14:53:7E:09:17:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c040::/48
Signature Algorithm: sha256WithRSAEncryption
49:bd:f0:e0:04:63:56:51:26:8c:ad:c4:a2:2a:71:1f:43:50:
ae:5d:73:de:bf:b0:6b:7f:68:26:ca:7a:12:1e:2e:42:18:a7:
e7:56:78:c0:c4:ad:63:8b:00:7b:36:b0:71:bc:24:0c:ca:65:
6e:ed:b8:56:df:cb:e7:a8:d2:af:bb:54:6a:b4:54:cd:98:0b:
6d:fa:94:25:c2:54:1d:26:45:e7:71:c0:59:e9:61:24:2b:5f:
39:3b:98:cc:73:a0:39:65:97:ee:33:78:14:5c:e0:f8:97:fe:
08:31:bf:1e:96:15:b6:7a:0c:ed:29:4d:d5:9b:a8:18:02:82:
e9:8e:60:a5:d4:3e:73:08:6d:c5:14:65:02:dd:73:56:85:4f:
b8:28:51:84:ff:98:6a:08:b9:c1:8e:93:62:45:48:a5:b5:3d:
ac:eb:4a:40:ee:5b:d8:92:a9:0d:2c:43:e1:dd:2d:91:15:83:
88:c7:8b:a1:bb:0d:01:c6:56:26:b4:b4:2a:2b:cb:b4:99:c4:
3e:2a:80:66:e6:01:bf:d8:f4:c6:26:ff:66:af:2e:09:f6:3e:
34:a8:22:2b:06:7f:fb:a0:5a:04:2a:71:51:09:fa:bb:86:d7:
e1:7f:0c:bc:dd:cf:85:8f:63:e5:7f:24:8d:b3:c9:2e:4f:cd:
04:63:a9:8a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVIwspmLUnWTs/exJZPHiXOuyMkgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMDNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1ZGVlZWE0NzljZTU0ZWRmMzVkZDM4MWQ4ZTQ1ZmVhN2FjNjdlY2QxNWMz
Y2I4M2NhMjhlNDVjYzBjMzA5NmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAItg+BKfhw8/2ywphe6mWKh9TDb+C3F2AgpZyjcWr0H5pxjDwxGTSLmhU/I2
vQjcrVtZ8tYRqyytq/O2Uir0P8Ypl+qd+hPyTIDhcgrg2wPIwcCctnowLxV1kIyZ
bXOoyaUhsrFvv8UydPm7Ho27eaE6bCmch0zoL5cS25En8gYSSx1oX0+YRV5WIG0X
4ovOQpw3vAfoT7KdbeBBdXKgLuj2jpDsvKzhb123lUCMqnl5Rf3Ihj+XVRslL2CJ
XPSDbF7vx6+IsRyMpREWA/titDyTG9slD5FkNGEs2OpqHTZ6u7cuTLAfyOjNXmhF
mjw0nfFk8TI7+wU5Obn7eCRcbTUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQMQ/qQ
72IOREubZJl3OhRTfgkXjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzdiYzY3OWItNTE5OS00M2MyLTgxOTktYmU1YzA0YTZjMGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
QDANBgkqhkiG9w0BAQsFAAOCAQEASb3w4ARjVlEmjK3EoipxH0NQrl1z3r+wa39o
Jsp6Eh4uQhin51Z4wMStY4sAezawcbwkDMplbu24Vt/L56jSr7tUarRUzZgLbfqU
JcJUHSZF53HAWelhJCtfOTuYzHOgOWWX7jN4FFzg+Jf+CDG/HpYVtnoM7SlN1Zuo
GAKC6Y5gpdQ+cwhtxRRlAt1zVoVPuChRhP+Yagi5wY6TYkVIpbU9rOtKQO5b2JKp
DSxD4d0tkRWDiMeLobsNAcZWJrS0KivLtJnEPiqAZuYBv9j0xib/Zq8uCfY+NKgi
KwZ/+6BaBCpxUQn6u4bX4X8MvN3PhY9j5X8kjbPJLk/NBGOpig==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:27:25 2026 by rpki-client