Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
File: 86433272-8233-4231-82ff-92246d0a41a5.roa (raw, json)
Hash identifier: DDQ30vqTbOdbiePLf3OfVcNKRvrqcAhYlIqkQguh0jY=
Subject key identifier: 62:03:49:12:EF:3A:06:10:7A:42:4C:83:75:2F:CA:7B:BC:2C:E9:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D03F4C447E733045200E02A759774D939CBF744
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
Signing time: Sat 28 Feb 2026 06:01:10 +0000
ROA not before: Sat 28 Feb 2026 06:01:10 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:03:f4:c4:47:e7:33:04:52:00:e0:2a:75:97:74:d9:39:cb:f7:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:01:10 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=cc706ab29d30c2badec42bdfac9ed9927445d986ada2eb172d54358056a4b457, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:34:a5:10:3d:dc:ea:c8:3a:60:0c:25:80:92:
79:3a:6b:8f:9e:2d:e0:57:80:7c:4f:ed:26:ec:55:
58:ed:d1:90:65:4e:b2:f5:b5:87:ab:6f:ee:68:d0:
03:d0:a2:db:08:65:4b:3f:10:c0:d5:9f:97:a4:f6:
49:5f:70:67:53:63:98:81:f9:d2:c0:a0:f4:b7:fe:
ea:2e:1c:72:4d:68:25:da:f5:33:cb:be:16:de:64:
47:65:ac:69:f8:e6:a8:b3:2f:6a:84:68:61:70:8b:
bb:43:a6:7d:0f:76:ae:91:56:a5:11:d9:16:ae:d6:
b3:99:a3:82:92:71:5a:4b:05:63:ad:93:29:5a:3f:
93:84:29:d2:85:d3:8f:41:97:32:93:e2:6a:77:b8:
1e:60:2a:84:e7:01:14:94:02:4a:dd:ae:a5:8c:a5:
4e:23:d2:66:c1:3a:32:c7:70:2d:60:da:0a:cf:96:
f8:ec:44:79:2c:9d:fe:71:01:d5:c5:dc:ac:cf:6b:
23:ff:89:51:5b:95:94:89:47:99:af:7b:22:3d:5d:
08:28:14:c2:56:f3:c3:79:7f:2e:8f:16:88:df:be:
ab:f7:52:87:62:8c:b8:6f:93:44:f2:b3:2f:01:eb:
2b:9a:48:60:9d:e3:51:3c:11:44:53:58:61:23:24:
00:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:03:49:12:EF:3A:06:10:7A:42:4C:83:75:2F:CA:7B:BC:2C:E9:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
7d:54:5a:ff:60:49:79:bb:c3:0d:18:a1:eb:d5:ad:98:4a:74:
2b:d2:b6:bc:05:50:04:75:28:85:1e:9b:98:84:13:0a:63:0a:
1f:f3:59:93:4c:2a:17:ee:5a:b0:da:8b:71:8a:a1:09:d3:b7:
14:42:dc:a7:80:21:fc:44:0b:3f:ab:2b:c1:b9:d7:54:a3:04:
fc:fd:d9:0d:d6:b1:60:4e:70:d5:3d:3e:11:67:0d:f7:dd:81:
07:eb:39:3a:33:96:22:d9:03:17:81:6a:cc:a5:3f:7e:76:3a:
1f:ed:98:fb:41:49:4a:ee:8f:83:7f:d1:34:bb:c1:f5:4f:af:
cb:25:cd:94:4c:0d:61:9c:6b:d1:3a:a5:8d:45:f4:8b:06:a5:
c8:8f:0a:ee:da:c1:ba:e1:52:45:24:e3:36:3f:d9:d0:a0:92:
c2:3f:d2:49:62:df:75:93:62:bd:3a:77:95:f1:11:99:c9:8c:
ce:f3:71:ca:db:c1:47:16:9e:b2:96:95:f9:73:9c:c0:85:e6:
2f:ca:1d:75:af:09:1c:04:65:f9:c4:46:ee:50:0c:c9:63:c7:
2c:7e:82:f1:a7:5e:d8:33:4a:27:18:f6:ed:30:d1:13:2e:65:
dd:19:a5:d3:c1:7b:3e:90:10:0f:1a:e2:81:a6:e8:7d:33:c4:
e4:12:43:3d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbQP0xEfnMwRSAOAqdZd02TnL90QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAxMTBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjNzA2YWIyOWQzMGMyYmFkZWM0MmJkZmFjOWVkOTkyNzQ0NWQ5ODZhZGEy
ZWIxNzJkNTQzNTgwNTZhNGI0NTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMY0pRA93OrIOmAMJYCSeTprj54t4FeAfE/tJuxVWO3RkGVOsvW1h6tv7mjQ
A9Ci2whlSz8QwNWfl6T2SV9wZ1NjmIH50sCg9Lf+6i4cck1oJdr1M8u+Ft5kR2Ws
afjmqLMvaoRoYXCLu0OmfQ92rpFWpRHZFq7Ws5mjgpJxWksFY62TKVo/k4Qp0oXT
j0GXMpPiane4HmAqhOcBFJQCSt2upYylTiPSZsE6MsdwLWDaCs+W+OxEeSyd/nEB
1cXcrM9rI/+JUVuVlIlHma97Ij1dCCgUwlbzw3l/Lo8WiN++q/dSh2KMuG+TRPKz
LwHrK5pIYJ3jUTwRRFNYYSMkAB0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRiA0kS
7zoGEHpCTIN1L8p7vCzp0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY0MzMyNzItODIzMy00MjMxLTgyZmYtOTIyNDZkMGE0MWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
wDANBgkqhkiG9w0BAQsFAAOCAQEAfVRa/2BJebvDDRih69WtmEp0K9K2vAVQBHUo
hR6bmIQTCmMKH/NZk0wqF+5asNqLcYqhCdO3FELcp4Ah/EQLP6srwbnXVKME/P3Z
DdaxYE5w1T0+EWcN992BB+s5OjOWItkDF4FqzKU/fnY6H+2Y+0FJSu6Pg3/RNLvB
9U+vyyXNlEwNYZxr0TqljUX0iwalyI8K7trBuuFSRSTjNj/Z0KCSwj/SSWLfdZNi
vTp3lfERmcmMzvNxytvBRxaespaV+XOcwIXmL8odda8JHARl+cRG7lAMyWPHLH6C
8ade2DNKJxj27TDREy5l3Rml08F7PpAQDxrigabofTPE5BJDPQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:02:16 2026 by rpki-client