Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
File: b7d242ad-482b-4700-888a-b677a178a4bf.roa (raw, json)
Hash identifier: 00HLWMf4jXLY5pkoFQIR+uNKTE77RrlCSYx7VEMo8G0=
Subject key identifier: 2C:21:92:4D:E0:41:AF:2A:05:D4:4A:61:9E:4D:EA:FE:6B:5D:54:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DB74B786A6E07ADA3B7ECFD87B04C6697887656
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
Signing time: Sat 28 Feb 2026 06:10:30 +0000
ROA not before: Sat 28 Feb 2026 06:10:30 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:b7:4b:78:6a:6e:07:ad:a3:b7:ec:fd:87:b0:4c:66:97:88:76:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:30 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=5753444dc91f7b8e31330df604d9742fb0f32f12a45c5bcd48f005a27ff74760, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:cd:c4:d4:6e:f3:16:32:94:80:18:be:49:f2:
78:dd:13:36:4a:d9:50:bd:87:52:72:72:a0:5d:2f:
a7:dc:2d:6d:89:ef:e8:b9:14:f7:28:ed:a7:c2:71:
13:0b:82:a1:30:3e:4e:ec:ce:80:e2:a9:26:74:95:
9c:82:94:cc:7c:c5:e6:39:0e:f6:f2:f4:43:18:74:
da:3a:8b:87:bb:85:22:a3:69:a8:b2:d8:a8:1f:ce:
87:cb:6a:79:cd:60:77:3f:c1:ef:15:33:e0:19:92:
d3:21:71:92:0f:5e:b1:01:01:be:a2:1f:56:75:32:
11:b8:5f:a9:aa:f1:dd:d5:14:5c:c9:06:e5:c8:23:
2e:88:82:a5:37:59:02:96:d8:b4:a8:ce:83:41:90:
92:27:21:fc:5e:d9:e7:5f:b7:1c:1b:37:65:b5:c0:
10:ab:84:3b:a2:23:58:82:f3:d8:e4:bb:52:c2:73:
a3:76:d9:e1:6a:48:ae:4f:75:09:c8:d1:b6:88:2f:
74:85:80:6a:78:76:96:32:e8:b9:90:84:25:df:18:
b3:65:2c:4c:3d:06:de:62:f2:e1:e7:61:04:28:90:
41:66:76:b5:3b:da:c5:32:d7:e4:18:6c:62:fb:c0:
4c:b6:72:72:49:ca:b5:99:f0:7e:65:dd:74:61:9a:
6d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:21:92:4D:E0:41:AF:2A:05:D4:4A:61:9E:4D:EA:FE:6B:5D:54:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6080::/48
Signature Algorithm: sha256WithRSAEncryption
a8:04:d0:33:77:78:00:07:90:03:6a:25:82:f8:9f:88:35:ba:
df:69:00:50:29:0c:5b:4a:ff:73:27:12:9f:5c:48:7c:25:a7:
37:57:70:4e:b9:45:f6:36:2f:4e:be:b6:b4:94:19:fc:fd:d0:
5c:c4:b5:cd:c9:ac:72:10:e5:d1:a5:68:fe:79:dc:0b:61:8c:
1c:19:9e:ce:a8:6b:64:de:7c:f5:c7:12:2c:fd:0a:70:3e:39:
d8:64:9b:1e:98:60:59:73:e9:99:de:4f:83:5b:54:e9:f3:d7:
52:94:bf:4b:bd:6f:9a:0d:d0:d3:ef:29:cc:67:0b:fa:b8:9b:
5a:26:dd:70:bb:85:fd:bb:28:b8:ab:af:b7:01:86:1a:00:b3:
36:e2:73:62:b9:56:f8:b4:95:1b:59:05:d4:06:5d:0d:26:14:
d7:d6:0a:13:6e:e0:1c:b2:c3:a3:ca:97:ba:5a:73:35:76:d9:
a8:bb:68:90:de:6a:54:be:05:ab:87:7f:ea:29:9d:03:78:07:
32:80:1f:0d:39:39:a4:0b:68:03:a6:db:bc:36:3b:d9:13:c0:
4c:b9:07:6b:7a:c6:36:2d:ed:90:9d:4d:ca:9a:bb:e4:ea:6d:
18:40:4f:5e:48:2e:ea:89:00:85:e3:f7:6e:a8:19:bf:f0:41:
a8:41:12:a1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTbdLeGpuB62jt+z9h7BMZpeIdlYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwMzBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3NTM0NDRkYzkxZjdiOGUzMTMzMGRmNjA0ZDk3NDJmYjBmMzJmMTJhNDVj
NWJjZDQ4ZjAwNWEyN2ZmNzQ3NjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzNxNRu8xYylIAYvknyeN0TNkrZUL2HUnJyoF0vp9wtbYnv6LkU9yjtp8Jx
EwuCoTA+TuzOgOKpJnSVnIKUzHzF5jkO9vL0Qxh02jqLh7uFIqNpqLLYqB/Oh8tq
ec1gdz/B7xUz4BmS0yFxkg9esQEBvqIfVnUyEbhfqarx3dUUXMkG5cgjLoiCpTdZ
ApbYtKjOg0GQkich/F7Z51+3HBs3ZbXAEKuEO6IjWILz2OS7UsJzo3bZ4WpIrk91
CcjRtogvdIWAanh2ljLouZCEJd8Ys2UsTD0G3mLy4edhBCiQQWZ2tTvaxTLX5Bhs
YvvATLZycknKtZnwfmXddGGabaMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQsIZJN
4EGvKgXUSmGeTer+a11UJzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdkMjQyYWQtNDgyYi00NzAwLTg4OGEtYjY3N2ExNzhhNGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
gDANBgkqhkiG9w0BAQsFAAOCAQEAqATQM3d4AAeQA2olgvifiDW632kAUCkMW0r/
cycSn1xIfCWnN1dwTrlF9jYvTr62tJQZ/P3QXMS1zcmschDl0aVo/nncC2GMHBme
zqhrZN589ccSLP0KcD452GSbHphgWXPpmd5Pg1tU6fPXUpS/S71vmg3Q0+8pzGcL
+ribWibdcLuF/bsouKuvtwGGGgCzNuJzYrlW+LSVG1kF1AZdDSYU19YKE27gHLLD
o8qXulpzNXbZqLtokN5qVL4Fq4d/6imdA3gHMoAfDTk5pAtoA6bbvDY72RPATLkH
a3rGNi3tkJ1Nypq75OptGEBPXkgu6okAheP3bqgZv/BBqEESoQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:24 2026 by rpki-client