Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
File: 7af2d4a0-df22-4933-b605-1ecbbd66f982.roa (raw, json)
Hash identifier: l2TW+m7fFK/ghhc0zRpUCjiWSiCBz4F6N7ySj91dwq0=
Subject key identifier: 84:18:FE:8A:58:A1:1D:30:DC:14:E7:26:91:E7:A5:6F:4C:4E:E9:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B823720A364302F934F37A808F05E14C4E70F49
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
Signing time: Sat 28 Feb 2026 05:40:53 +0000
ROA not before: Sat 28 Feb 2026 05:40:53 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:82:37:20:a3:64:30:2f:93:4f:37:a8:08:f0:5e:14:c4:e7:0f:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:53 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=d460f741526930c1d6baf6a10470c3a1886a8a4fd61a531b91acef8856816a17, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0b:99:b5:a7:a9:fe:61:34:a3:5b:07:b6:24:
c5:97:6c:69:aa:42:d3:56:f2:7d:8c:7b:bd:34:d3:
94:a9:0f:6c:4c:1b:f4:17:1b:a6:a7:49:0c:f3:94:
20:a6:1e:94:38:d1:4b:10:e1:29:88:5d:b1:fd:dd:
58:68:a3:e6:07:85:2f:9d:30:30:c4:c5:5a:d3:6d:
f7:f3:25:3e:ab:77:fa:3a:e4:5b:12:82:d6:bc:3d:
a8:b0:85:c8:76:ec:85:23:53:52:71:96:7e:f0:6e:
8a:fe:46:bd:76:22:a4:36:b0:f6:1d:46:42:2d:f1:
44:67:13:7b:12:b2:4e:ea:04:e1:98:1b:ea:71:19:
71:cc:52:e2:da:bb:12:3c:85:d0:3d:a3:e2:b3:10:
9a:10:0a:f3:6b:29:c8:f6:67:78:6f:f9:8b:3f:7c:
b3:19:be:cc:37:24:ce:c3:0a:18:8a:26:f1:1b:d5:
90:a5:c9:e7:9f:d6:fe:03:d7:0a:91:7e:02:4c:b5:
b2:27:88:26:04:d5:3f:47:40:c0:b5:bb:7f:87:50:
78:0d:0c:2e:a7:30:54:06:2b:35:a7:93:d4:0d:52:
2f:66:8f:ab:de:21:bc:ca:16:bc:48:9b:84:93:11:
45:28:46:cd:1a:d9:02:8c:c3:a8:68:a5:34:d3:58:
0c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:18:FE:8A:58:A1:1D:30:DC:14:E7:26:91:E7:A5:6F:4C:4E:E9:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7af2d4a0-df22-4933-b605-1ecbbd66f982.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:c00::/38
Signature Algorithm: sha256WithRSAEncryption
18:2d:10:2f:4e:f5:ee:39:cf:61:e4:55:18:c5:8a:bd:85:02:
b4:de:5a:0c:2e:84:ff:26:b8:7a:19:7f:a5:68:41:74:17:81:
5f:4f:00:5e:db:9c:25:2a:2b:76:d8:8e:85:dd:b7:29:cd:1d:
cd:e3:0b:db:7e:b0:16:92:0b:7b:23:9c:69:f9:91:69:22:fc:
b4:1a:89:f2:59:47:c9:58:d7:f8:31:35:0c:f3:fb:7e:95:e2:
a1:b7:73:c8:ac:6b:e9:39:a9:4a:61:55:c9:1a:6a:df:b2:24:
77:d6:8b:b7:70:f3:a5:5d:a2:1a:66:fd:21:12:d9:1b:bb:86:
6e:72:99:58:7e:f4:5c:62:dd:e3:2b:69:5a:9b:bf:a9:ba:b7:
69:98:f5:ac:1f:5d:3f:97:bd:2c:a1:08:e6:18:8d:63:ac:e8:
eb:5b:3d:ce:41:f6:20:11:ee:4a:b5:d4:0c:6a:78:3f:93:2c:
39:46:b5:79:1c:ff:a9:75:7f:62:36:e9:3a:b5:1d:0f:9e:6f:
80:6d:89:df:53:86:25:7b:f9:62:9f:a8:1a:a6:50:7c:5e:e4:
4e:2d:9f:30:f2:16:e7:ac:a2:e1:a7:93:f1:0e:14:ff:ee:2f:
f7:97:fd:4a:f7:f7:b7:70:5b:69:43:3b:a8:14:df:c3:e9:37:
e0:0c:95:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe4I3IKNkMC+TTzeoCPBeFMTnD0kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwNTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0NjBmNzQxNTI2OTMwYzFkNmJhZjZhMTA0NzBjM2ExODg2YThhNGZkNjFh
NTMxYjkxYWNlZjg4NTY4MTZhMTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKILmbWnqf5hNKNbB7YkxZdsaapC01byfYx7vTTTlKkPbEwb9BcbpqdJDPOU
IKYelDjRSxDhKYhdsf3dWGij5geFL50wMMTFWtNt9/MlPqt3+jrkWxKC1rw9qLCF
yHbshSNTUnGWfvBuiv5GvXYipDaw9h1GQi3xRGcTexKyTuoE4Zgb6nEZccxS4tq7
EjyF0D2j4rMQmhAK82spyPZneG/5iz98sxm+zDckzsMKGIom8RvVkKXJ55/W/gPX
CpF+Aky1sieIJgTVP0dAwLW7f4dQeA0MLqcwVAYrNaeT1A1SL2aPq94hvMoWvEib
hJMRRShGzRrZAozDqGilNNNYDKECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSEGP6K
WKEdMNwU5yaR56VvTE7pSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2FmMmQ0YTAtZGYyMi00OTMzLWI2MDUtMWVjYmJkNjZmOTgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUM
MA0GCSqGSIb3DQEBCwUAA4IBAQAYLRAvTvXuOc9h5FUYxYq9hQK03loMLoT/Jrh6
GX+laEF0F4FfTwBe25wlKit22I6F3bcpzR3N4wvbfrAWkgt7I5xp+ZFpIvy0Gony
WUfJWNf4MTUM8/t+leKht3PIrGvpOalKYVXJGmrfsiR31ou3cPOlXaIaZv0hEtkb
u4ZucplYfvRcYt3jK2lam7+purdpmPWsH10/l70soQjmGI1jrOjrWz3OQfYgEe5K
tdQMang/kyw5RrV5HP+pdX9iNuk6tR0Pnm+AbYnfU4Yle/lin6gaplB8XuROLZ8w
8hbnrKLhp5PxDhT/7i/3l/1K9/e3cFtpQzuoFN/D6TfgDJWc
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:25:25 2026 by rpki-client