Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
File: 84822380-4084-4c46-8745-4e82faaddd84.roa (raw, json)
Hash identifier: 3Hll2NQxGopsEer8l7Uj5/NKwjUaQuGfuEHkMhe2FA0=
Subject key identifier: C0:8C:11:2F:08:FB:B7:2A:0B:4E:69:FC:6D:F3:23:2E:45:3A:3D:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B8DE070E63C28E1FD96FCA1AA615E731B7EEC4B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
Signing time: Sat 28 Feb 2026 05:41:28 +0000
ROA not before: Sat 28 Feb 2026 05:41:28 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:8d:e0:70:e6:3c:28:e1:fd:96:fc:a1:aa:61:5e:73:1b:7e:ec:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:28 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f5ffb82fdfa7be73c753ea8d9bbc9714bc996d5139dbf4f334af0fbf95529c1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:00:e1:e5:1d:48:e9:31:96:3e:af:87:6d:bc:
dc:98:b0:33:2d:08:4e:cb:84:72:b3:db:40:7a:1d:
a1:32:ea:8e:c3:19:7d:71:cf:c9:9c:6e:ef:b6:71:
5f:a1:a0:2f:8a:15:a4:a8:d5:0f:f3:8c:3a:63:5f:
13:77:39:4c:48:0e:5e:22:cb:96:ec:d7:83:5e:85:
05:96:46:80:ad:ea:c4:a6:f4:4c:48:6a:e2:bf:a9:
3c:b2:0f:b2:4a:65:30:ec:c4:50:e6:e1:35:6e:b0:
5a:3a:24:4f:1f:ae:71:8b:d3:4c:c3:8e:0b:22:23:
b9:42:67:3d:4e:b0:b4:dc:1a:2e:39:fe:c3:14:2f:
b3:3c:b0:a7:34:55:ec:14:71:0f:26:1f:d0:19:67:
8c:5f:3b:fe:3a:af:a7:93:75:34:d6:a7:d3:39:07:
e4:89:04:be:a0:29:9c:90:c1:12:c0:f4:bf:78:61:
09:e4:f4:92:d9:bb:b3:a4:d9:d3:a3:07:f7:22:e2:
d3:37:b4:93:dc:f0:c5:e8:d1:9b:57:b7:aa:2c:da:
ab:32:83:09:2f:79:9d:1d:29:e2:16:07:64:15:13:
8c:94:58:3e:1f:26:8b:d3:87:15:1d:2d:27:63:ac:
a5:ad:b2:28:f7:ad:05:b1:5a:d9:31:ac:74:1c:ae:
5c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:8C:11:2F:08:FB:B7:2A:0B:4E:69:FC:6D:F3:23:2E:45:3A:3D:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:800::/38
Signature Algorithm: sha256WithRSAEncryption
8d:3b:4f:31:bb:19:12:8d:c0:14:c9:19:f3:15:c9:eb:b4:cc:
43:2f:ac:e7:b6:5e:35:03:cb:03:3a:4d:c5:db:bf:d5:5f:10:
41:d0:76:35:f9:72:9c:bc:25:9a:48:44:ae:ad:a9:28:ea:d5:
82:3c:98:94:cd:82:92:0d:0a:28:31:cb:d2:f0:65:ca:73:a9:
6e:9f:39:ef:cd:00:73:31:b6:c5:b6:f8:8a:83:b2:82:9b:a3:
5f:25:88:f0:ad:69:9d:8f:af:ea:e6:a6:d2:15:31:c7:60:ea:
29:4c:16:69:7f:86:7d:66:f1:b6:6c:62:06:c5:14:04:fc:23:
00:91:0b:45:b5:64:87:a3:9c:2d:88:1c:3e:24:35:1f:a3:21:
92:0a:72:5c:c5:80:e3:6e:5e:03:4f:a3:2e:a8:de:b8:eb:7a:
75:ff:5d:fb:8c:c5:b1:df:c7:b0:d6:5f:85:e6:63:a8:ee:5e:
90:4c:3d:51:b8:ff:25:f0:58:be:a6:b8:89:60:1e:a4:4b:27:
27:cc:10:32:fa:c6:c6:f9:4c:6d:53:73:f0:a6:f8:d2:fe:66:
dc:d3:90:4e:24:d7:c3:2f:b8:6b:4f:b8:ef:d2:e9:b4:60:cf:
a4:71:64:8f:a5:af:91:dd:fa:33:c8:5f:5c:6f:a1:e4:d0:b6:
ed:f2:12:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe43gcOY8KOH9lvyhqmFecxt+7EswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMjhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1ZmZiODJmZGZhN2JlNzNjNzUzZWE4ZDliYmM5NzE0YmM5OTZkNTEzOWRi
ZjRmMzM0YWYwZmJmOTU1MjljMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4A4eUdSOkxlj6vh2283JiwMy0ITsuEcrPbQHodoTLqjsMZfXHPyZxu77Zx
X6GgL4oVpKjVD/OMOmNfE3c5TEgOXiLLluzXg16FBZZGgK3qxKb0TEhq4r+pPLIP
skplMOzEUObhNW6wWjokTx+ucYvTTMOOCyIjuUJnPU6wtNwaLjn+wxQvszywpzRV
7BRxDyYf0BlnjF87/jqvp5N1NNan0zkH5IkEvqApnJDBEsD0v3hhCeT0ktm7s6TZ
06MH9yLi0ze0k9zwxejRm1e3qizaqzKDCS95nR0p4hYHZBUTjJRYPh8mi9OHFR0t
J2Ospa2yKPetBbFa2TGsdByuXLUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTAjBEv
CPu3KgtOafxt8yMuRTo9PDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQ4MjIzODAtNDA4NC00YzQ2LTg3NDUtNGU4MmZhYWRkZDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQI
MA0GCSqGSIb3DQEBCwUAA4IBAQCNO08xuxkSjcAUyRnzFcnrtMxDL6zntl41A8sD
Ok3F27/VXxBB0HY1+XKcvCWaSESurako6tWCPJiUzYKSDQooMcvS8GXKc6lunznv
zQBzMbbFtviKg7KCm6NfJYjwrWmdj6/q5qbSFTHHYOopTBZpf4Z9ZvG2bGIGxRQE
/CMAkQtFtWSHo5wtiBw+JDUfoyGSCnJcxYDjbl4DT6MuqN6463p1/137jMWx38ew
1l+F5mOo7l6QTD1RuP8l8Fi+priJYB6kSycnzBAy+sbG+UxtU3PwpvjS/mbc05BO
JNfDL7hrT7jv0um0YM+kcWSPpa+R3fozyF9cb6Hk0Lbt8hJ0
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:53 2026 by rpki-client