Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
File: 8eb63ceb-3350-490c-9a1a-85b2563a8947.roa (raw, json)
Hash identifier: loZ8aM8p+Iqhz6WJhFMdezqYnG4Amv2C8ymB+57HE0k=
Subject key identifier: 0C:C5:89:58:84:E6:B9:D4:8D:D9:4C:41:8D:65:2D:00:19:9A:B3:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30A51552E93225677CB8233C3387F42C3C02CE15
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
Signing time: Sat 28 Feb 2026 06:20:09 +0000
ROA not before: Sat 28 Feb 2026 06:20:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:a5:15:52:e9:32:25:67:7c:b8:23:3c:33:87:f4:2c:3c:02:ce:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:20:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=65c2f118def91a6b08f0ebd60bee744cfc11056b72bab1b47e768f96fad7a8fa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:02:b2:5b:b9:19:68:20:de:44:1b:aa:56:0e:
6f:c2:5f:21:01:4e:e6:23:ad:42:02:0c:f5:f3:70:
ab:5c:bb:4b:47:d3:28:a0:4e:2c:af:a8:f1:40:f1:
2e:a8:a2:74:59:aa:60:1f:f5:e6:e7:35:5b:76:c9:
46:31:c2:9b:7f:bd:aa:52:82:9e:f0:6d:43:4e:31:
c8:a5:3c:76:62:3c:34:0a:5b:84:54:f2:d5:b1:1d:
cd:82:77:e5:46:48:c0:d6:f7:2f:02:6d:03:18:43:
5e:b9:4b:2f:fb:08:74:4e:ab:da:f8:a5:83:0c:ef:
d4:4f:5b:41:33:a1:85:ad:db:f1:2b:21:a4:a2:ab:
1a:6c:e3:3c:75:b4:a7:a8:1f:f4:38:fc:ad:49:63:
d6:49:02:2c:03:08:7a:56:07:31:cc:f9:1d:94:89:
d0:fa:81:62:93:8e:da:4d:9c:06:8a:4d:ec:bb:68:
d3:a6:2f:0f:a1:d6:ed:0d:dc:4c:e1:aa:7f:20:d2:
18:df:44:5f:c0:a4:74:e9:7b:b5:0f:4b:07:c9:72:
99:a2:f6:9e:2d:66:fa:46:69:40:a4:8e:ed:9c:51:
49:36:b9:3f:58:7d:d3:c2:b3:e2:82:94:cb:c7:a3:
3f:87:48:fb:4c:d3:86:00:23:09:34:eb:12:27:15:
c8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C5:89:58:84:E6:B9:D4:8D:D9:4C:41:8D:65:2D:00:19:9A:B3:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:4000::/40
Signature Algorithm: sha256WithRSAEncryption
08:8d:b5:21:07:67:ba:09:2f:8f:22:6e:0e:ee:51:2e:0c:5c:
80:b4:a5:ae:58:15:e4:17:ff:43:55:f8:cd:02:a7:45:0d:71:
1c:6e:9a:09:cb:e2:24:7f:00:70:f6:a4:f0:da:f2:90:d6:0c:
14:f7:22:0c:7b:57:14:e4:6d:10:a6:23:b8:a9:d8:d9:46:33:
e2:20:98:8b:d4:93:cb:16:06:75:25:bf:e7:3c:cf:9c:cb:2b:
c1:ab:42:70:6a:7f:14:87:4a:7e:f0:91:c5:7a:9d:8e:8f:65:
3d:5d:42:14:83:a1:46:87:5f:f6:04:4e:5c:f2:16:da:64:f3:
17:f4:78:26:e9:2c:17:15:30:b1:fc:ec:04:d3:aa:d2:e1:6a:
35:29:f8:2a:9a:30:1b:a1:14:a2:90:43:3d:73:74:15:53:1f:
35:b4:a1:39:70:3f:cb:69:69:4e:86:a3:e9:b2:23:13:40:f2:
40:70:7d:e9:f2:17:7b:d6:1d:cf:cc:0b:9f:ca:28:a9:f7:08:
bf:37:a4:63:b1:74:1f:ac:b2:ba:27:fd:85:d3:dc:e1:78:5e:
49:5a:25:d6:d2:30:ca:a0:fe:75:d8:71:6b:16:0c:ba:48:4b:
15:97:15:49:86:51:eb:29:bb:68:cd:69:dc:d9:90:5d:c3:33:
c0:89:20:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMKUVUukyJWd8uCM8M4f0LDwCzhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIwMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1YzJmMTE4ZGVmOTFhNmIwOGYwZWJkNjBiZWU3NDRjZmMxMTA1NmI3MmJh
YjFiNDdlNzY4Zjk2ZmFkN2E4ZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMACslu5GWgg3kQbqlYOb8JfIQFO5iOtQgIM9fNwq1y7S0fTKKBOLK+o8UDx
LqiidFmqYB/15uc1W3bJRjHCm3+9qlKCnvBtQ04xyKU8dmI8NApbhFTy1bEdzYJ3
5UZIwNb3LwJtAxhDXrlLL/sIdE6r2vilgwzv1E9bQTOhha3b8SshpKKrGmzjPHW0
p6gf9Dj8rUlj1kkCLAMIelYHMcz5HZSJ0PqBYpOO2k2cBopN7Lto06YvD6HW7Q3c
TOGqfyDSGN9EX8CkdOl7tQ9LB8lymaL2ni1m+kZpQKSO7ZxRSTa5P1h908Kz4oKU
y8ejP4dI+0zThgAjCTTrEicVyL8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQMxYlY
hOa51I3ZTEGNZS0AGZqzJjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGViNjNjZWItMzM1MC00OTBjLTlhMWEtODViMjU2M2E4OTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFA
MA0GCSqGSIb3DQEBCwUAA4IBAQAIjbUhB2e6CS+PIm4O7lEuDFyAtKWuWBXkF/9D
VfjNAqdFDXEcbpoJy+IkfwBw9qTw2vKQ1gwU9yIMe1cU5G0QpiO4qdjZRjPiIJiL
1JPLFgZ1Jb/nPM+cyyvBq0Jwan8Uh0p+8JHFep2Oj2U9XUIUg6FGh1/2BE5c8hba
ZPMX9Hgm6SwXFTCx/OwE06rS4Wo1KfgqmjAboRSikEM9c3QVUx81tKE5cD/LaWlO
hqPpsiMTQPJAcH3p8hd71h3PzAufyiip9wi/N6RjsXQfrLK6J/2F09zheF5JWiXW
0jDKoP512HFrFgy6SEsVlxVJhlHrKbtozWnc2ZBdwzPAiSBG
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:48:46 2026 by rpki-client