Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa
File: 8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa (raw, json)
Hash identifier: 0pLXRkBDgTyLOhCOnbcFnb9T2Irdyd5mP/6J1FNPmRg=
Subject key identifier: 1E:D8:6A:CE:26:C3:89:BD:06:35:F5:03:A0:7C:80:70:14:2E:23:12
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 298B81ED4DC3F87DFA2DA4E9495104022756076F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa
Signing time: Sat 28 Feb 2026 06:01:13 +0000
ROA not before: Sat 28 Feb 2026 06:01:13 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:8b:81:ed:4d:c3:f8:7d:fa:2d:a4:e9:49:51:04:02:27:56:07:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:01:13 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=e1c81ecd6a2aa7296501d13eb10a407af871f3a3bacfa6d1f872c8295d0592d9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ac:e7:3c:8b:a1:22:87:e8:b2:d9:ad:50:f4:
6d:5b:32:b3:7e:3a:56:4c:3c:11:62:23:fe:6e:97:
ac:da:fe:0b:48:4a:23:57:90:d2:57:67:17:1d:02:
41:61:f1:02:2a:a0:c4:84:68:1e:cf:66:42:1b:88:
25:84:2e:d1:96:e5:3b:89:b8:45:4e:aa:64:29:c2:
1b:b6:8d:a3:f3:47:ea:4c:71:52:19:6d:d6:34:67:
30:cd:e8:88:c8:b1:0e:e1:1b:5b:a2:89:56:d5:88:
f9:1c:f1:97:ab:0a:b2:61:f0:87:b2:d9:d1:50:98:
46:95:ef:62:55:dd:d6:87:47:ae:c8:78:36:17:89:
c2:17:2a:1b:e1:ed:ed:6d:50:ba:81:7e:fa:fa:4e:
90:b6:56:72:95:8b:4e:73:f2:e6:1f:68:b8:ec:66:
a1:b6:6c:3b:d7:25:bf:2e:e3:2e:4a:e1:43:fb:50:
16:c5:3a:7e:59:c7:a8:ce:d8:ca:53:b8:47:03:c3:
c4:30:ea:43:d8:e3:ea:0f:a6:7d:5b:8b:0c:c2:68:
8f:11:f4:b7:81:6f:a2:7a:f3:68:7e:e4:05:42:8c:
81:5e:9f:66:0a:9f:97:f7:7e:fa:9b:e4:22:d0:a8:
79:ed:e4:bf:70:76:a4:30:92:4e:08:b6:4b:23:f4:
90:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D8:6A:CE:26:C3:89:BD:06:35:F5:03:A0:7C:80:70:14:2E:23:12
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b0ccbc1-3638-4f7f-8a24-3f5e181c8b8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
4f:b8:94:dd:a5:fc:33:69:3f:5b:6d:18:5a:66:4a:e7:6b:39:
93:15:e8:a9:cc:5d:52:c5:22:cc:9c:e8:9e:bc:12:75:9f:5f:
63:5d:0f:eb:76:d8:10:94:c8:f5:f6:48:2e:90:8d:0b:86:09:
0b:ef:28:fb:a0:a9:6e:d0:95:fd:0c:64:5f:24:a9:7c:0a:81:
87:a5:1d:a9:09:22:3c:5c:73:72:67:a9:e9:66:47:ea:bc:50:
bb:8d:9e:03:4b:b4:b4:1a:d7:86:73:8e:54:c3:43:55:67:4e:
15:8e:60:ef:10:14:b4:14:bc:16:0d:15:a7:2a:b6:b6:86:e1:
fc:c9:9b:ff:2a:86:90:fe:c5:5e:ff:8d:d2:ef:11:3b:0d:58:
3e:6b:e6:03:b2:b1:2e:82:c0:0c:b3:26:e4:15:b2:d5:00:ad:
a3:8f:39:e6:f8:20:83:f6:62:13:c1:1c:64:b1:df:bf:bf:16:
de:af:7a:27:da:70:b7:d3:c2:ca:0b:48:37:34:b9:4b:19:d7:
ea:4c:f5:f6:f6:9a:59:04:bd:d6:2b:30:a0:b7:59:ae:df:55:
f4:66:41:2a:e7:22:4c:5b:00:f5:e9:83:1e:ea:05:08:92:34:
b7:70:43:56:d4:b2:13:05:df:e6:8d:f4:13:29:ed:8b:5a:04:
9c:bf:87:9a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKYuB7U3D+H36LaTpSVEEAidWB28wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAxMTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxYzgxZWNkNmEyYWE3Mjk2NTAxZDEzZWIxMGE0MDdhZjg3MWYzYTNiYWNm
YTZkMWY4NzJjODI5NWQwNTkyZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOSs5zyLoSKH6LLZrVD0bVsys346Vkw8EWIj/m6XrNr+C0hKI1eQ0ldnFx0C
QWHxAiqgxIRoHs9mQhuIJYQu0ZblO4m4RU6qZCnCG7aNo/NH6kxxUhlt1jRnMM3o
iMixDuEbW6KJVtWI+Rzxl6sKsmHwh7LZ0VCYRpXvYlXd1odHrsh4NheJwhcqG+Ht
7W1QuoF++vpOkLZWcpWLTnPy5h9ouOxmobZsO9clvy7jLkrhQ/tQFsU6flnHqM7Y
ylO4RwPDxDDqQ9jj6g+mfVuLDMJojxH0t4FvonrzaH7kBUKMgV6fZgqfl/d++pvk
ItCoee3kv3B2pDCSTgi2SyP0kJsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQe2GrO
JsOJvQY19QOgfIBwFC4jEjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGIwY2NiYzEtMzYzOC00ZjdmLThhMjQtM2Y1ZTE4MWM4YjhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
wDANBgkqhkiG9w0BAQsFAAOCAQEAT7iU3aX8M2k/W20YWmZK52s5kxXoqcxdUsUi
zJzonrwSdZ9fY10P63bYEJTI9fZILpCNC4YJC+8o+6CpbtCV/QxkXySpfAqBh6Ud
qQkiPFxzcmep6WZH6rxQu42eA0u0tBrXhnOOVMNDVWdOFY5g7xAUtBS8Fg0Vpyq2
tobh/Mmb/yqGkP7FXv+N0u8ROw1YPmvmA7KxLoLADLMm5BWy1QCto4855vggg/Zi
E8EcZLHfv78W3q96J9pwt9PCygtINzS5SxnX6kz19vaaWQS91iswoLdZrt9V9GZB
KuciTFsA9emDHuoFCJI0t3BDVtSyEwXf5o30Eynti1oEnL+Hmg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:07:18 2026 by rpki-client