Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
File: f9753974-947c-42c4-885b-aa94c43c56a0.roa (raw, json)
Hash identifier: VOAVh0rgIMQVRzUuKx9ghh++Xre8fgSmNWPW6tJXhkg=
Subject key identifier: 4C:2C:B5:75:CD:44:D0:A9:4D:07:1B:34:31:B9:82:43:EC:C4:86:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E78D60984468948189BF277898EC656E5D30FE7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
Signing time: Sat 28 Feb 2026 05:10:09 +0000
ROA not before: Sat 28 Feb 2026 05:10:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:78:d6:09:84:46:89:48:18:9b:f2:77:89:8e:c6:56:e5:d3:0f:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=ff97845a1953b7a9a83639dc5c6ebabdb015d539829ea6f002d58910304d18f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:78:16:d0:ec:f5:00:72:e5:9b:f4:5d:c4:82:
df:9d:f7:93:ca:c4:6a:03:9c:7c:ad:cd:13:33:bd:
d0:f7:6c:a0:35:21:e8:fb:5f:ba:e5:e0:4d:00:37:
b0:30:6f:8f:15:53:75:61:cb:ba:d4:a6:a1:4d:31:
78:eb:50:ab:2e:88:4f:ac:3d:6a:7f:51:31:33:1d:
c7:06:03:c0:30:2c:79:93:64:9f:b8:3d:40:86:67:
ea:8b:65:3a:bf:0a:ce:41:9c:cd:16:0a:73:a6:e2:
bd:d9:a3:44:d4:45:da:e1:d9:aa:d1:51:29:a3:e8:
f0:02:9b:ab:17:1e:79:f7:f3:81:6e:a8:7b:b9:dc:
19:12:21:b4:4b:e0:bf:1d:50:a2:be:80:4a:cb:d8:
3c:eb:28:c0:0a:b0:e3:fa:ef:6f:c6:f7:25:8c:43:
36:05:63:45:e1:51:60:a4:2a:68:f2:2b:aa:a0:5b:
6c:e0:c8:0e:0a:9d:2b:ac:55:dc:17:38:46:9e:46:
5c:ec:bf:89:1e:ff:1d:65:0e:f0:92:54:48:9a:0f:
d7:74:07:5b:24:19:0c:19:89:9a:37:84:cc:d3:81:
eb:f4:23:46:47:47:d2:85:5f:7a:1a:2c:29:90:c8:
a6:a5:15:87:fe:53:d5:7d:4b:61:22:3f:e9:cd:eb:
7b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:2C:B5:75:CD:44:D0:A9:4D:07:1B:34:31:B9:82:43:EC:C4:86:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
26:55:35:43:d1:18:80:c5:65:c6:5e:40:f5:c8:7e:a6:04:10:
9c:a6:1b:5a:51:58:05:50:48:55:53:ed:21:a1:62:2e:da:9b:
ab:b1:82:28:9b:fc:4f:ff:4e:ee:bd:cd:46:ef:06:fd:80:e4:
a0:79:ac:4e:2c:22:9b:5c:8f:24:58:75:1e:83:13:a1:16:e6:
9f:63:82:23:bd:ab:92:0a:d4:fd:16:68:82:35:6c:16:37:68:
ae:2b:5e:4b:6d:52:b0:5c:e9:d0:b5:a7:d8:9f:e7:a0:56:a5:
48:fc:fd:1d:ac:6f:a3:bc:54:b6:43:6f:1b:db:c0:24:e9:1e:
09:49:89:3b:2e:b9:7d:5c:ad:76:9a:65:9b:23:92:28:ef:79:
e0:8e:dd:0d:d5:a0:bd:5b:c8:39:2b:8e:37:73:1b:d5:9f:81:
11:82:25:58:b7:4f:8e:38:3c:ef:bb:1e:1a:2b:36:49:32:37:
8c:dc:67:ea:c5:ed:6f:5d:3b:d1:8e:05:12:0d:86:37:ad:e4:
81:88:a4:36:70:96:08:0b:7d:4e:75:cf:fb:28:48:27:9b:d5:
9a:a7:99:09:45:b4:98:c0:90:49:f8:fa:03:b4:15:31:70:57:
10:b3:86:9b:28:a8:9c:c1:ac:14:af:91:55:05:af:55:03:99:
cb:c6:1d:1e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHnjWCYRGiUgYm/J3iY7GVuXTD+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmOTc4NDVhMTk1M2I3YTlhODM2MzlkYzVjNmViYWJkYjAxNWQ1Mzk4Mjll
YTZmMDAyZDU4OTEwMzA0ZDE4ZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI54FtDs9QBy5Zv0XcSC3533k8rEagOcfK3NEzO90PdsoDUh6PtfuuXgTQA3
sDBvjxVTdWHLutSmoU0xeOtQqy6IT6w9an9RMTMdxwYDwDAseZNkn7g9QIZn6otl
Or8KzkGczRYKc6bivdmjRNRF2uHZqtFRKaPo8AKbqxceeffzgW6oe7ncGRIhtEvg
vx1Qor6ASsvYPOsowAqw4/rvb8b3JYxDNgVjReFRYKQqaPIrqqBbbODIDgqdK6xV
3Bc4Rp5GXOy/iR7/HWUO8JJUSJoP13QHWyQZDBmJmjeEzNOB6/QjRkdH0oVfehos
KZDIpqUVh/5T1X1LYSI/6c3re0UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRMLLV1
zUTQqU0HGzQxuYJD7MSGzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjk3NTM5NzQtOTQ3Yy00MmM0LTg4NWItYWE5NGM0M2M1NmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
wDANBgkqhkiG9w0BAQsFAAOCAQEAJlU1Q9EYgMVlxl5A9ch+pgQQnKYbWlFYBVBI
VVPtIaFiLtqbq7GCKJv8T/9O7r3NRu8G/YDkoHmsTiwim1yPJFh1HoMToRbmn2OC
I72rkgrU/RZogjVsFjdoriteS21SsFzp0LWn2J/noFalSPz9Haxvo7xUtkNvG9vA
JOkeCUmJOy65fVytdpplmyOSKO954I7dDdWgvVvIOSuON3Mb1Z+BEYIlWLdPjjg8
77seGis2STI3jNxn6sXtb1070Y4FEg2GN63kgYikNnCWCAt9TnXP+yhIJ5vVmqeZ
CUW0mMCQSfj6A7QVMXBXELOGmyionMGsFK+RVQWvVQOZy8YdHg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:57:34 2026 by rpki-client