Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
File: 8e492412-994d-4c48-a29e-9082ebce3349.roa (raw, json)
Hash identifier: 0T0n2/fdIyqIqvCCNQovmVlU1dOUKpgBEwRzKdde8S8=
Subject key identifier: A0:17:C8:C6:EE:7F:88:80:FF:97:FB:FB:FC:C8:22:80:42:BD:2F:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C585AFAC4A1B13BD20A559B960ABF5BE72E79F4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
Signing time: Sat 28 Feb 2026 05:20:09 +0000
ROA not before: Sat 28 Feb 2026 05:20:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:58:5a:fa:c4:a1:b1:3b:d2:0a:55:9b:96:0a:bf:5b:e7:2e:79:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=8b48c5145d8acc11d5e6b27b3e768e5b4dcbae390619dd490608f2215373bc51, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:80:b2:7c:08:2f:fe:54:9a:4f:a8:aa:f0:94:
88:36:b8:4a:18:24:2d:6c:b6:5d:82:2e:ba:1f:f8:
72:54:a5:2a:b2:b2:93:dd:97:c2:de:ef:e5:71:e6:
61:d4:08:b7:dc:f2:b5:94:43:eb:d5:22:6b:b9:28:
39:ed:03:f4:58:4e:d0:b9:0b:f9:f8:00:9a:27:31:
fe:b0:f4:f8:73:46:8c:f1:7c:ba:0c:95:91:98:79:
44:e9:4b:3d:2e:88:da:a4:98:56:2e:a6:7c:a1:e4:
45:6c:1e:4a:38:aa:0b:0d:3a:98:07:77:f8:c8:77:
eb:b1:2b:83:04:d2:2c:e8:67:b5:0b:ac:4a:21:c7:
1b:86:86:a3:4e:1d:f1:5b:13:ae:be:1b:9b:a9:5a:
78:ad:0d:60:3d:52:40:4b:a1:99:7d:ed:fd:7e:bd:
83:b8:00:78:c7:2f:76:59:f6:bd:2a:5b:41:21:57:
47:d5:bb:16:77:67:20:30:ce:ce:28:d3:df:9f:07:
22:48:93:c4:ca:53:7a:98:c9:ee:90:bc:0f:29:b7:
aa:6c:ab:01:35:b1:82:b8:28:2a:e9:70:18:ee:0e:
18:21:d4:f9:38:ed:3e:bb:ec:f7:69:77:92:d8:94:
91:3a:6c:53:7d:ab:04:2b:18:03:16:95:d9:ea:20:
4d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:17:C8:C6:EE:7F:88:80:FF:97:FB:FB:FC:C8:22:80:42:BD:2F:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
37:f0:f0:09:78:84:ea:67:50:70:fe:b2:79:97:cf:57:27:40:
7c:46:75:3d:06:57:66:81:f8:f5:b8:38:a1:71:30:1e:53:a0:
fe:d5:f1:f5:fc:16:0c:22:ce:78:3c:30:cd:a7:f8:ba:76:29:
4c:a9:d3:c0:df:eb:10:8f:95:29:d6:c9:e0:79:8b:34:67:a9:
1b:de:54:57:e5:f9:11:05:fe:81:0f:17:3b:0d:6c:d4:04:1e:
5a:d4:fc:cc:38:96:29:ad:f7:c7:2a:2c:ac:b7:16:60:da:67:
64:2e:d4:63:3a:0d:08:9a:72:e1:bf:c2:87:e4:e1:67:1b:bd:
90:50:e9:c6:40:1c:9b:b8:e2:b6:bf:14:eb:65:65:d8:1f:3b:
e4:d5:95:5e:8d:92:9e:9d:1d:91:42:dc:ab:35:71:19:ab:1e:
89:24:d2:ea:ed:ef:c3:5b:4b:49:8d:12:89:0d:de:d2:d8:d8:
a3:79:49:91:17:cb:6e:bc:df:2c:42:63:88:86:c0:ef:f9:3b:
bd:8e:ff:75:32:56:f8:1d:84:8b:13:4a:f2:39:7e:b5:8b:d5:
5b:bb:d4:6c:f0:5d:85:c1:09:18:8c:7b:2c:a1:72:4a:87:dc:
85:3d:54:0d:0c:f4:d0:f4:a9:b7:72:22:0e:21:ed:79:58:67:
37:ff:ba:17
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHFha+sShsTvSClWblgq/W+cuefQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiNDhjNTE0NWQ4YWNjMTFkNWU2YjI3YjNlNzY4ZTViNGRjYmFlMzkwNjE5
ZGQ0OTA2MDhmMjIxNTM3M2JjNTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIWAsnwIL/5Umk+oqvCUiDa4ShgkLWy2XYIuuh/4clSlKrKyk92Xwt7v5XHm
YdQIt9zytZRD69Uia7koOe0D9FhO0LkL+fgAmicx/rD0+HNGjPF8ugyVkZh5ROlL
PS6I2qSYVi6mfKHkRWweSjiqCw06mAd3+Mh367ErgwTSLOhntQusSiHHG4aGo04d
8VsTrr4bm6laeK0NYD1SQEuhmX3t/X69g7gAeMcvdln2vSpbQSFXR9W7FndnIDDO
zijT358HIkiTxMpTepjJ7pC8Dym3qmyrATWxgrgoKulwGO4OGCHU+TjtPrvs92l3
ktiUkTpsU32rBCsYAxaV2eogTWECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgF8jG
7n+IgP+X+/v8yCKAQr0v2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU0OTI0MTItOTk0ZC00YzQ4LWEyOWUtOTA4MmViY2UzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HqA
MA0GCSqGSIb3DQEBCwUAA4IBAQA38PAJeITqZ1Bw/rJ5l89XJ0B8RnU9Bldmgfj1
uDihcTAeU6D+1fH1/BYMIs54PDDNp/i6dilMqdPA3+sQj5Up1sngeYs0Z6kb3lRX
5fkRBf6BDxc7DWzUBB5a1PzMOJYprffHKiystxZg2mdkLtRjOg0ImnLhv8KH5OFn
G72QUOnGQBybuOK2vxTrZWXYHzvk1ZVejZKenR2RQtyrNXEZqx6JJNLq7e/DW0tJ
jRKJDd7S2NijeUmRF8tuvN8sQmOIhsDv+Tu9jv91Mlb4HYSLE0ryOX61i9Vbu9Rs
8F2FwQkYjHssoXJKh9yFPVQNDPTQ9Km3ciIOIe15WGc3/7oX
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:48:34 2026 by rpki-client