Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
File: 89b0de0f-6d7a-449d-a144-e777ce29ce82.roa (raw, json)
Hash identifier: s8V94MqSYZLXTb2H2xwEs6c66KZsbZh5iI7KEa3O8ww=
Subject key identifier: AC:69:02:C9:1D:CD:0B:99:8B:AE:65:87:6A:22:30:B3:74:57:CE:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55224BC87A1E62D706A6EB583D673CEA275F4E44
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
Signing time: Sat 28 Feb 2026 06:11:00 +0000
ROA not before: Sat 28 Feb 2026 06:11:00 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:22:4b:c8:7a:1e:62:d7:06:a6:eb:58:3d:67:3c:ea:27:5f:4e:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:11:00 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=ee1b588d54e2ac3ecc5e7f7852ffb94bb544a45485323bd17f065f68d33df51b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:82:c9:d1:b7:21:8e:c7:73:19:51:41:b2:5b:
0e:ce:9a:3b:93:d1:56:d0:43:85:29:96:63:c5:c2:
4f:e2:4e:7d:13:ba:a3:3e:7d:1b:e0:6f:ce:bd:c2:
d3:f9:56:6d:ab:23:f1:86:a2:81:70:dd:1f:ae:9f:
7a:28:ae:d3:27:4b:a6:91:9a:5d:2f:88:f5:bd:10:
b5:b0:bc:25:68:70:5d:41:ba:86:77:b0:ff:0c:d8:
54:5b:4f:f6:4c:16:61:13:22:e4:09:d0:97:06:e0:
00:cd:9d:a0:c8:a7:2c:4d:33:a2:d8:41:46:77:0a:
cd:46:b8:30:b7:cf:f1:c9:6c:6f:1f:22:02:f2:88:
b9:f6:a7:0f:50:69:bb:16:1a:f7:91:f0:83:77:c8:
38:a8:e0:cd:08:3c:0d:ea:c8:bc:8a:8c:6b:e3:92:
5c:2e:e2:7f:77:20:55:0b:47:4b:06:77:c9:2c:2c:
7f:b7:ad:5f:8a:d7:b9:ac:ca:5b:d5:ef:f8:86:00:
4b:61:01:39:62:09:01:f1:22:c3:b4:36:a4:ac:3d:
c4:2c:43:2e:4f:bf:fc:be:ff:90:b3:cc:39:24:75:
a5:6e:89:18:a5:f7:a7:aa:72:04:a0:c5:53:a0:09:
82:06:49:b7:d0:29:3f:90:d8:15:e5:82:50:7e:da:
f4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:69:02:C9:1D:CD:0B:99:8B:AE:65:87:6A:22:30:B3:74:57:CE:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89b0de0f-6d7a-449d-a144-e777ce29ce82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c000::/40
Signature Algorithm: sha256WithRSAEncryption
8e:e3:6f:fe:f3:41:ff:93:f0:07:fc:b7:88:c5:f9:24:00:4f:
e3:7a:7c:da:d7:3d:0e:70:57:17:bd:1b:99:9a:f5:5c:21:23:
77:e4:47:e2:35:3d:ad:53:58:6d:1b:b9:25:79:a1:43:6e:58:
6b:3a:e0:72:df:5e:f2:b8:19:8d:de:50:ea:8e:8a:fd:62:d9:
11:55:80:22:31:61:d0:27:6b:08:f3:d5:6b:9d:dd:51:59:aa:
b1:7d:57:96:a3:fb:72:8e:14:e6:01:9f:88:05:b9:44:68:b1:
bb:8f:43:0e:84:4c:e8:9d:1d:fe:9f:62:37:5e:ca:fb:04:6f:
d4:b4:7d:20:ed:f3:c4:65:33:a6:03:b2:2a:05:7d:1a:8d:ee:
f7:0a:df:2c:5d:a2:15:29:8a:2d:43:67:ba:1d:bf:c1:60:82:
1a:33:48:c6:3d:09:18:a6:83:4a:28:1a:6b:a3:70:b3:30:d7:
30:fb:56:0e:14:6e:c0:fe:f7:98:d8:ae:2b:92:ac:e8:19:2a:
76:3d:bd:a2:1c:3e:4b:27:ff:42:c5:91:d1:d7:17:19:b3:fc:
1e:db:5b:ab:cf:44:90:3b:cd:a7:59:86:42:f0:5f:d8:f0:46:
10:93:02:91:0c:cd:ab:e0:06:51:7a:5c:a1:25:41:39:8f:c6:
ec:da:87:2c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVSJLyHoeYtcGputYPWc86idfTkQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjExMDBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlMWI1ODhkNTRlMmFjM2VjYzVlN2Y3ODUyZmZiOTRiYjU0NGE0NTQ4NTMy
M2JkMTdmMDY1ZjY4ZDMzZGY1MWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJiCydG3IY7HcxlRQbJbDs6aO5PRVtBDhSmWY8XCT+JOfRO6oz59G+Bvzr3C
0/lWbasj8YaigXDdH66feiiu0ydLppGaXS+I9b0QtbC8JWhwXUG6hnew/wzYVFtP
9kwWYRMi5AnQlwbgAM2doMinLE0zothBRncKzUa4MLfP8clsbx8iAvKIufanD1Bp
uxYa95Hwg3fIOKjgzQg8DerIvIqMa+OSXC7if3cgVQtHSwZ3ySwsf7etX4rXuazK
W9Xv+IYAS2EBOWIJAfEiw7Q2pKw9xCxDLk+//L7/kLPMOSR1pW6JGKX3p6pyBKDF
U6AJggZJt9ApP5DYFeWCUH7a9F8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSsaQLJ
Hc0LmYuuZYdqIjCzdFfOWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODliMGRlMGYtNmQ3YS00NDlkLWExNDQtZTc3N2NlMjljZTgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADA
MA0GCSqGSIb3DQEBCwUAA4IBAQCO42/+80H/k/AH/LeIxfkkAE/jenza1z0OcFcX
vRuZmvVcISN35EfiNT2tU1htG7kleaFDblhrOuBy317yuBmN3lDqjor9YtkRVYAi
MWHQJ2sI89Vrnd1RWaqxfVeWo/tyjhTmAZ+IBblEaLG7j0MOhEzonR3+n2I3Xsr7
BG/UtH0g7fPEZTOmA7IqBX0aje73Ct8sXaIVKYotQ2e6Hb/BYIIaM0jGPQkYpoNK
KBpro3CzMNcw+1YOFG7A/veY2K4rkqzoGSp2Pb2iHD5LJ/9CxZHR1xcZs/we21ur
z0SQO82nWYZC8F/Y8EYQkwKRDM2r4AZRelyhJUE5j8bs2ocs
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:24:22 2026 by rpki-client