Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a74aaa95-252d-4e97-92fa-1c779bc72adc.roa
File: a74aaa95-252d-4e97-92fa-1c779bc72adc.roa (raw, json)
Hash identifier: vxbWNxeSEVglu3fTa3zJW099ClSmswfXGpXTfpA3T7M=
Subject key identifier: FB:45:95:34:22:6C:08:4A:0D:3D:A6:42:3C:AC:01:CF:18:9A:1D:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4A45134918F5029D3E09E055B0FD8F091C51A986
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a74aaa95-252d-4e97-92fa-1c779bc72adc.roa
Signing time: Fri 13 Feb 2026 15:20:13 +0000
ROA not before: Fri 13 Feb 2026 15:20:13 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:45:13:49:18:f5:02:9d:3e:09:e0:55:b0:fd:8f:09:1c:51:a9:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 13 15:20:13 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=b925e19c5377bffc7bceb430111ceb76e218d26882176a9818efc951cc3a1303, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:82:86:23:51:9f:d0:da:c0:c2:a8:26:e3:fa:
4f:71:df:5b:85:95:31:71:1d:b0:3f:57:24:a0:2a:
44:b9:44:f4:fe:45:04:38:05:bc:b0:72:06:41:58:
4c:bb:a3:d5:fb:95:98:dd:f4:6b:e7:3b:29:a0:69:
b6:38:f7:38:42:82:22:de:ac:24:1c:ae:40:b8:f5:
60:b9:52:27:4f:ab:69:2c:56:a1:4d:86:44:ec:03:
1e:91:0e:b9:0a:6a:39:b3:90:33:44:31:65:7d:0b:
ed:53:3e:9a:62:1b:d7:9d:a7:62:c9:28:14:c8:8d:
29:80:14:08:77:cc:7f:90:fa:aa:1f:4d:ce:4a:59:
a1:91:db:f1:99:96:65:eb:29:0e:36:91:9b:92:91:
81:f8:f2:9c:1b:44:a5:1a:5c:21:d4:90:05:68:e8:
52:d3:0d:73:d3:58:dd:73:bd:e0:a6:0b:41:22:f1:
cb:8a:21:57:70:7f:92:49:0c:d2:00:0e:21:82:68:
16:de:4a:32:df:51:50:cf:8c:df:24:3a:47:46:cf:
23:33:2a:2e:23:87:e3:46:83:f7:52:22:16:20:15:
da:fe:06:28:c2:d7:1e:71:97:b9:6d:8e:c8:bb:20:
76:f1:4d:26:bd:1e:fa:34:e0:41:0f:cf:53:be:44:
49:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:45:95:34:22:6C:08:4A:0D:3D:A6:42:3C:AC:01:CF:18:9A:1D:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a74aaa95-252d-4e97-92fa-1c779bc72adc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8080::/46
Signature Algorithm: sha256WithRSAEncryption
c4:7c:77:6b:cc:ea:d2:7c:5f:02:4d:99:dd:2d:4d:91:b3:15:
98:0e:6a:b4:fb:5b:ff:b7:bf:17:d7:bb:f7:67:08:24:01:be:
2e:cd:28:1b:59:e3:67:dc:98:de:c7:2f:48:a1:8a:43:5e:7f:
6d:8e:84:ac:b7:79:98:71:98:f0:c0:42:ae:fa:9b:f7:5d:49:
60:20:b7:86:81:a9:5d:18:f4:d6:96:f0:77:2c:90:4f:dd:c2:
27:45:fc:1e:5e:cf:d5:7c:a2:98:4b:51:b8:c2:c1:4d:85:06:
8e:aa:27:0b:e8:8f:3a:66:b1:7a:52:29:f5:a1:28:4a:14:35:
2b:19:44:71:8a:7e:54:5a:d4:69:6e:93:4b:85:03:cd:32:81:
35:97:79:c7:4e:0d:db:70:ca:4c:f0:d9:e0:cc:a7:b7:3b:ed:
be:2a:ff:11:a6:32:f8:ef:12:03:e1:70:10:2d:14:52:cb:1d:
58:8e:34:58:aa:f8:48:ef:79:f9:b1:1b:79:73:32:41:f7:0f:
5a:33:df:f0:6d:53:d4:3a:47:78:b2:20:6e:87:40:9a:47:cf:
72:1f:14:0f:4c:5d:91:dd:b5:be:c2:6d:af:a4:a5:c6:3e:15:
9c:bf:04:6f:b3:5f:f6:5a:15:34:96:03:ad:04:c9:d6:93:5a:
e2:7b:5a:2b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSkUTSRj1Ap0+CeBVsP2PCRxRqYYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTMxNTIwMTNaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5MjVlMTljNTM3N2JmZmM3YmNlYjQzMDExMWNlYjc2ZTIxOGQyNjg4MjE3
NmE5ODE4ZWZjOTUxY2MzYTEzMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6ChiNRn9DawMKoJuP6T3HfW4WVMXEdsD9XJKAqRLlE9P5FBDgFvLByBkFY
TLuj1fuVmN30a+c7KaBptjj3OEKCIt6sJByuQLj1YLlSJ0+raSxWoU2GROwDHpEO
uQpqObOQM0QxZX0L7VM+mmIb152nYskoFMiNKYAUCHfMf5D6qh9NzkpZoZHb8ZmW
ZespDjaRm5KRgfjynBtEpRpcIdSQBWjoUtMNc9NY3XO94KYLQSLxy4ohV3B/kkkM
0gAOIYJoFt5KMt9RUM+M3yQ6R0bPIzMqLiOH40aD91IiFiAV2v4GKMLXHnGXuW2O
yLsgdvFNJr0e+jTgQQ/PU75ESakCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT7RZU0
ImwISg09pkI8rAHPGJod3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc0YWFhOTUtMjUyZC00ZTk3LTkyZmEtMWM3NzliYzcyYWRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA
gDANBgkqhkiG9w0BAQsFAAOCAQEAxHx3a8zq0nxfAk2Z3S1NkbMVmA5qtPtb/7e/
F9e792cIJAG+Ls0oG1njZ9yY3scvSKGKQ15/bY6ErLd5mHGY8MBCrvqb911JYCC3
hoGpXRj01pbwdyyQT93CJ0X8Hl7P1XyimEtRuMLBTYUGjqonC+iPOmaxelIp9aEo
ShQ1KxlEcYp+VFrUaW6TS4UDzTKBNZd5x04N23DKTPDZ4Myntzvtvir/EaYy+O8S
A+FwEC0UUssdWI40WKr4SO95+bEbeXMyQfcPWjPf8G1T1DpHeLIgbodAmkfPch8U
D0xdkd21vsJtr6Slxj4VnL8Eb7Nf9loVNJYDrQTJ1pNa4ntaKw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:41:31 2026 by rpki-client