Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
File: 84b89066-b432-45c3-befb-ffa2b4be3b71.roa (raw, json)
Hash identifier: PkKQIkdudE2SKp2SojDs7/H7iXcySgnTMwXgpXoZD8g=
Subject key identifier: 42:30:58:B7:A6:C6:30:6D:B9:3F:90:7A:15:EC:E2:D2:9F:96:E5:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3202B8DD23DF9241F3DE2370A6EF309080C75FC8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
Signing time: Sat 28 Feb 2026 06:10:30 +0000
ROA not before: Sat 28 Feb 2026 06:10:30 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:02:b8:dd:23:df:92:41:f3:de:23:70:a6:ef:30:90:80:c7:5f:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:30 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=b72f0714fdc6dfeaf3286ccab64232c245dcf65e6cbbf1017789e9e1c1aa70aa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0f:df:b9:85:24:93:29:a8:37:b8:79:ab:45:
7f:7c:40:86:c2:8d:84:f8:a0:68:f6:2e:1c:6e:8b:
32:90:9d:d9:48:8b:62:3f:8c:2e:61:58:0b:31:e8:
fd:23:5f:0b:30:ea:24:ae:5b:89:69:c7:d8:65:cc:
43:1a:05:f8:49:fd:1e:b9:f2:32:bc:08:f0:6f:53:
e0:d0:4b:99:ae:1a:0e:f8:c7:eb:d8:83:d2:79:58:
46:3d:47:34:6c:25:ac:58:22:3a:1b:a6:a4:a1:03:
f5:27:29:46:78:3e:04:ee:41:32:18:c2:95:e9:db:
d1:33:ba:a9:40:ae:b6:f7:0e:81:a6:d6:00:0a:33:
a3:77:5e:28:43:8f:c1:f1:2c:b3:3e:6d:23:18:0f:
d8:70:51:61:95:36:79:28:21:b9:c1:60:f9:7c:9b:
9a:59:55:ff:ae:89:07:f6:08:8e:49:2c:77:c4:cf:
9c:dd:5f:5b:b3:f0:c3:0a:96:55:97:e2:4d:4b:7f:
d0:81:fd:78:d9:29:1c:dc:29:e5:fb:a7:0e:2e:de:
29:41:d1:c6:3c:e4:4c:ff:ea:19:9c:7e:f5:c8:92:
5e:7b:b0:77:e9:62:bc:9f:30:34:6f:ff:dc:45:d2:
c0:6f:58:d8:06:8c:aa:38:d5:f9:b5:1c:34:32:99:
95:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:30:58:B7:A6:C6:30:6D:B9:3F:90:7A:15:EC:E2:D2:9F:96:E5:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:4000::/40
Signature Algorithm: sha256WithRSAEncryption
43:ab:c9:a3:12:fc:f7:d8:de:f2:5b:93:d0:f4:a0:42:82:eb:
05:25:19:44:60:e6:11:02:e5:86:ea:75:9a:c4:95:76:5c:ce:
d7:ea:ca:98:84:b0:51:25:e3:19:42:b7:bc:55:d7:2c:31:00:
dc:48:d1:cc:e1:1d:12:96:d4:06:e2:e3:b9:42:0b:5a:da:a2:
68:50:0a:24:36:4c:c3:d0:66:8b:bf:fa:04:07:8d:36:52:2e:
7d:1e:91:7b:fb:76:81:b2:de:08:c2:94:29:b0:67:ff:e8:e5:
92:c8:cf:7a:0a:11:7e:c4:e8:7b:9a:b5:4e:43:7c:1e:22:f6:
45:77:cd:67:ce:20:65:30:ac:a0:10:34:4f:91:eb:d5:40:b1:
31:09:9b:8e:df:e1:2f:61:01:c3:1c:8a:63:79:1c:3a:76:2f:
2d:cb:6b:c4:a7:74:70:f8:c5:7f:1c:53:3a:87:6a:91:00:73:
f6:22:de:18:60:4f:a6:16:16:a3:12:2a:52:4a:0f:7a:7c:2b:
18:bf:81:b8:41:c0:1f:89:77:0a:48:fd:98:49:b7:a5:1c:b5:
f0:64:b1:f5:ab:37:bb:8a:5b:7c:bc:a7:c0:bc:7e:c5:76:06:
b3:cd:79:93:c1:28:14:ec:a2:27:fa:3e:0f:65:99:01:c0:6a:
42:3c:dd:d5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMgK43SPfkkHz3iNwpu8wkIDHX8gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwMzBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3MmYwNzE0ZmRjNmRmZWFmMzI4NmNjYWI2NDIzMmMyNDVkY2Y2NWU2Y2Ji
ZjEwMTc3ODllOWUxYzFhYTcwYWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMP37mFJJMpqDe4eatFf3xAhsKNhPigaPYuHG6LMpCd2UiLYj+MLmFYCzHo
/SNfCzDqJK5biWnH2GXMQxoF+En9HrnyMrwI8G9T4NBLma4aDvjH69iD0nlYRj1H
NGwlrFgiOhumpKED9ScpRng+BO5BMhjClenb0TO6qUCutvcOgabWAAozo3deKEOP
wfEssz5tIxgP2HBRYZU2eSghucFg+XybmllV/66JB/YIjkksd8TPnN1fW7PwwwqW
VZfiTUt/0IH9eNkpHNwp5funDi7eKUHRxjzkTP/qGZx+9ciSXnuwd+livJ8wNG//
3EXSwG9Y2AaMqjjV+bUcNDKZlZ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRCMFi3
psYwbbk/kHoV7OLSn5blujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODRiODkwNjYtYjQzMi00NWMzLWJlZmItZmZhMmI0YmUzYjcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HhA
MA0GCSqGSIb3DQEBCwUAA4IBAQBDq8mjEvz32N7yW5PQ9KBCgusFJRlEYOYRAuWG
6nWaxJV2XM7X6sqYhLBRJeMZQre8VdcsMQDcSNHM4R0SltQG4uO5Qgta2qJoUAok
NkzD0GaLv/oEB402Ui59HpF7+3aBst4IwpQpsGf/6OWSyM96ChF+xOh7mrVOQ3we
IvZFd81nziBlMKygEDRPkevVQLExCZuO3+EvYQHDHIpjeRw6di8ty2vEp3Rw+MV/
HFM6h2qRAHP2It4YYE+mFhajEipSSg96fCsYv4G4QcAfiXcKSP2YSbelHLXwZLH1
qze7ilt8vKfAvH7FdgazzXmTwSgU7KIn+j4PZZkBwGpCPN3V
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:19:03 2026 by rpki-client