Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82baa148-3f1e-4e5f-a19f-3be140c60d34.roa
File: 82baa148-3f1e-4e5f-a19f-3be140c60d34.roa (raw, json)
Hash identifier: Xjos0mpNgKq84qhTCseo1T/6KNzx9T1WnYCZ+xAY9nY=
Subject key identifier: 3C:76:06:B6:2C:7C:50:4F:3A:07:C0:A3:22:46:5E:ED:9B:55:A6:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E6BCDEC20C16DC1C1EFF71E52EB3D0F93FC1839
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82baa148-3f1e-4e5f-a19f-3be140c60d34.roa
Signing time: Fri 20 Feb 2026 01:50:07 +0000
ROA not before: Fri 20 Feb 2026 01:50:07 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:6b:cd:ec:20:c1:6d:c1:c1:ef:f7:1e:52:eb:3d:0f:93:fc:18:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:07 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=6ed28c7aebcf91a4a22e27ec21a41febb2d7e6795524b6de7dd237422bfacfef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e8:18:03:fd:63:87:c2:37:7d:45:c8:00:5e:
54:f4:8b:d1:61:03:c0:06:a3:68:ab:c2:2e:ad:7d:
28:24:7b:50:99:b6:a2:47:0d:e2:80:c2:9b:88:c7:
d5:18:f4:37:d3:9e:17:4e:6a:6f:40:9d:ab:43:ea:
35:26:25:ea:88:d8:9b:c8:aa:0b:cd:08:fa:4b:8d:
10:80:77:35:99:4e:c5:86:71:51:c9:50:5a:db:f4:
2e:ea:7f:17:62:e3:36:6b:39:aa:9b:56:cc:9b:d1:
a7:b4:d3:ea:b4:21:3a:75:bb:3a:3b:d7:40:5d:a6:
71:f4:16:25:87:3e:98:8f:a8:7a:bd:76:b9:a5:d2:
95:68:9a:da:13:d2:e6:1f:7e:e1:d0:ce:0d:95:07:
10:b7:e0:ea:77:b1:83:aa:e2:b6:69:a8:a8:4d:d5:
7d:13:59:75:b3:6c:1b:1a:6f:e1:29:7b:e9:69:fc:
c5:0a:15:a5:2d:e5:c6:9d:66:26:f8:b1:72:1f:a6:
ba:d1:8c:f0:6d:c7:df:b9:fd:55:ba:a0:e8:47:21:
38:1c:b5:30:c7:35:5d:00:9e:0d:fe:60:3d:e5:e9:
b8:3d:23:cc:88:a5:56:d0:4e:76:41:8a:75:6f:5d:
22:6b:94:83:e7:49:15:c9:7b:c7:7f:d4:e5:0f:b2:
ac:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:76:06:B6:2C:7C:50:4F:3A:07:C0:A3:22:46:5E:ED:9B:55:A6:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82baa148-3f1e-4e5f-a19f-3be140c60d34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:4000::/40
Signature Algorithm: sha256WithRSAEncryption
8a:2d:cc:63:ad:f9:fd:69:5e:73:9f:d1:9d:03:a5:2d:32:a0:
6f:07:24:42:78:05:ea:6f:9a:e3:17:c0:3a:77:15:22:c0:4c:
a3:df:83:21:dd:1b:d8:bb:a3:6a:44:29:ab:9e:7e:90:1c:c3:
3a:81:02:82:81:e8:21:97:9d:44:4e:f1:23:07:96:45:f2:52:
ab:87:c9:3b:d0:a4:3f:90:7c:58:e5:5a:71:0f:ce:c1:30:79:
3d:40:55:a2:48:02:30:bf:2d:19:be:90:91:51:27:59:92:0a:
61:82:e8:12:3c:a3:1d:ca:5b:88:28:e3:95:22:c3:4c:06:6e:
49:3b:60:1d:a9:7a:0f:8a:14:3e:c4:89:6c:b6:62:66:78:93:
6e:07:13:78:79:92:d4:88:df:72:29:68:d9:6e:fe:58:27:19:
09:0b:5d:2b:98:0e:4e:5b:37:4b:30:72:58:e9:33:86:ee:b9:
58:80:b0:37:8d:01:02:2a:5d:c5:15:b2:5c:68:37:23:7c:35:
b6:74:96:3e:21:bd:7e:2b:6d:10:8a:60:4d:93:3c:a5:c0:15:
34:82:10:3e:48:5e:68:52:3b:2f:75:a1:f5:46:c0:db:b1:be:
e0:42:7b:f0:f5:36:84:14:65:34:23:c3:ae:5c:85:79:77:6c:
eb:b7:37:d5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfmvN7CDBbcHB7/ceUus9D5P8GDkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMDdaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlZDI4YzdhZWJjZjkxYTRhMjJlMjdlYzIxYTQxZmViYjJkN2U2Nzk1NTI0
YjZkZTdkZDIzNzQyMmJmYWNmZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7oGAP9Y4fCN31FyABeVPSL0WEDwAajaKvCLq19KCR7UJm2okcN4oDCm4jH
1Rj0N9OeF05qb0Cdq0PqNSYl6ojYm8iqC80I+kuNEIB3NZlOxYZxUclQWtv0Lup/
F2LjNms5qptWzJvRp7TT6rQhOnW7OjvXQF2mcfQWJYc+mI+oer12uaXSlWia2hPS
5h9+4dDODZUHELfg6nexg6ritmmoqE3VfRNZdbNsGxpv4Sl76Wn8xQoVpS3lxp1m
Jvixch+mutGM8G3H37n9Vbqg6EchOBy1MMc1XQCeDf5gPeXpuD0jzIilVtBOdkGK
dW9dImuUg+dJFcl7x3/U5Q+yrNECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8dga2
LHxQTzoHwKMiRl7tm1WmEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODJiYWExNDgtM2YxZS00ZTVmLWExOWYtM2JlMTQwYzYwZDM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBA
MA0GCSqGSIb3DQEBCwUAA4IBAQCKLcxjrfn9aV5zn9GdA6UtMqBvByRCeAXqb5rj
F8A6dxUiwEyj34Mh3RvYu6NqRCmrnn6QHMM6gQKCgeghl51ETvEjB5ZF8lKrh8k7
0KQ/kHxY5VpxD87BMHk9QFWiSAIwvy0ZvpCRUSdZkgphgugSPKMdyluIKOOVIsNM
Bm5JO2AdqXoPihQ+xIlstmJmeJNuBxN4eZLUiN9yKWjZbv5YJxkJC10rmA5OWzdL
MHJY6TOG7rlYgLA3jQECKl3FFbJcaDcjfDW2dJY+Ib1+K20QimBNkzylwBU0ghA+
SF5oUjsvdaH1RsDbsb7gQnvw9TaEFGU0I8OuXIV5d2zrtzfV
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:07:49 2026 by rpki-client