Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
File: a84526d7-5029-439b-9e16-14cd601eb5a1.roa (raw, json)
Hash identifier: l8bzW9ijqIjJIgQOoNYDbPNH4pcQRl7bhxRpdeXE+34=
Subject key identifier: 02:C3:8E:F7:16:96:69:0E:FA:F7:B2:F6:56:FF:B0:D1:3D:83:F5:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B5F675E7D3396973CC619ED7CC7D1923E10DEA6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
Signing time: Sat 28 Feb 2026 06:30:13 +0000
ROA not before: Sat 28 Feb 2026 06:30:13 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:5f:67:5e:7d:33:96:97:3c:c6:19:ed:7c:c7:d1:92:3e:10:de:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:30:13 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=278510ccba43fbf9e8ffbcc64d3ec7bbb8e93a3a9bf6fe9ce530121d45d57512, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a3:a0:d1:84:76:09:8d:b5:ab:b0:8e:d5:0a:
f5:ab:8d:44:cd:41:6b:2e:f1:ca:27:89:7d:9e:8d:
ae:bb:00:ee:ef:ab:1a:7b:5b:af:36:8a:1a:56:d5:
9d:ca:e9:70:1f:7c:67:7a:cd:c0:20:79:15:ce:03:
e1:cd:5a:54:55:bd:46:c4:21:10:c3:43:58:ef:c5:
bf:87:51:c3:5a:0a:03:ea:80:4a:fb:5a:ff:aa:f4:
67:9f:84:f3:69:6c:7b:ef:cf:86:05:dd:6e:ff:9b:
c0:1f:71:5d:e6:29:63:eb:26:37:a5:b8:ad:24:87:
7b:60:ae:ca:bd:6e:f4:30:80:17:73:64:71:e3:65:
f6:24:f1:c7:98:24:fd:34:a7:32:50:76:95:8d:6b:
52:40:16:d2:35:18:44:fb:78:bf:73:e0:29:f9:0e:
73:84:75:18:af:dc:ee:56:2c:33:35:37:4c:14:64:
44:b5:ba:32:00:9e:02:d6:07:e1:4b:fa:b3:84:9c:
16:a9:1a:59:9a:d8:53:18:31:30:f5:9c:7c:1e:a4:
a7:54:f8:a4:b0:b9:d4:e7:19:b0:90:cd:19:e6:15:
aa:4a:3e:a0:43:40:1b:b8:cb:db:5a:8e:dd:40:2c:
15:e1:00:cb:fa:5d:05:c7:b9:39:6a:df:c6:79:94:
72:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:C3:8E:F7:16:96:69:0E:FA:F7:B2:F6:56:FF:B0:D1:3D:83:F5:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6080::/48
Signature Algorithm: sha256WithRSAEncryption
33:7d:d3:92:b6:f3:63:c5:25:55:dc:63:79:a1:c4:d8:c7:31:
c4:fd:33:7f:d5:5f:9d:cf:a8:ed:83:26:7f:54:f1:ff:b6:6d:
9b:86:c1:cf:f9:66:d8:e8:17:63:f3:e8:b6:08:30:6e:a6:cd:
68:96:c1:94:06:e3:cb:99:7a:d5:af:35:29:12:6c:d0:c6:2e:
ff:78:24:61:2e:6e:b4:50:5a:74:47:8d:b6:83:8a:97:ab:06:
fc:f9:d7:18:00:81:53:4e:85:02:6a:17:fe:18:2d:93:8d:53:
58:2d:7f:49:18:fc:ec:45:e0:0c:51:07:b8:f6:26:dd:9d:be:
d8:fc:f0:24:c1:5e:34:7d:b1:18:7b:5e:07:e1:43:2e:27:47:
f1:9b:c9:9a:4a:c0:6e:f5:40:b3:cb:ee:5e:d5:9f:9c:db:36:
d4:c3:7e:98:7e:d3:aa:67:0e:2f:f9:0b:21:8e:f7:69:20:d5:
e4:52:ed:33:42:f8:3a:92:12:8c:02:55:ab:d5:84:30:2d:21:
ba:1a:f9:95:5c:fe:b3:1a:69:4b:22:c7:29:43:69:c0:28:12:
bd:24:36:5b:35:03:5a:4e:d1:a4:4f:43:10:aa:79:20:49:1b:
8b:8f:94:6c:d7:9e:50:df:77:fb:87:2c:f4:44:ab:82:6c:12:
5b:18:38:40
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUO19nXn0zlpc8xhntfMfRkj4Q3qYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjMwMTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3ODUxMGNjYmE0M2ZiZjllOGZmYmNjNjRkM2VjN2JiYjhlOTNhM2E5YmY2
ZmU5Y2U1MzAxMjFkNDVkNTc1MTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOjoNGEdgmNtauwjtUK9auNRM1Bay7xyieJfZ6NrrsA7u+rGntbrzaKGlbV
ncrpcB98Z3rNwCB5Fc4D4c1aVFW9RsQhEMNDWO/Fv4dRw1oKA+qASvta/6r0Z5+E
82lse+/PhgXdbv+bwB9xXeYpY+smN6W4rSSHe2Cuyr1u9DCAF3NkceNl9iTxx5gk
/TSnMlB2lY1rUkAW0jUYRPt4v3PgKfkOc4R1GK/c7lYsMzU3TBRkRLW6MgCeAtYH
4Uv6s4ScFqkaWZrYUxgxMPWcfB6kp1T4pLC51OcZsJDNGeYVqko+oENAG7jL21qO
3UAsFeEAy/pdBce5OWrfxnmUcuUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQCw473
FpZpDvr3svZW/7DRPYP1/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTg0NTI2ZDctNTAyOS00MzliLTllMTYtMTRjZDYwMWViNWExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
gDANBgkqhkiG9w0BAQsFAAOCAQEAM33TkrbzY8UlVdxjeaHE2McxxP0zf9Vfnc+o
7YMmf1Tx/7Ztm4bBz/lm2OgXY/PotggwbqbNaJbBlAbjy5l61a81KRJs0MYu/3gk
YS5utFBadEeNtoOKl6sG/PnXGACBU06FAmoX/hgtk41TWC1/SRj87EXgDFEHuPYm
3Z2+2PzwJMFeNH2xGHteB+FDLidH8ZvJmkrAbvVAs8vuXtWfnNs21MN+mH7TqmcO
L/kLIY73aSDV5FLtM0L4OpISjAJVq9WEMC0huhr5lVz+sxppSyLHKUNpwCgSvSQ2
WzUDWk7RpE9DEKp5IEkbi4+UbNeeUN93+4cs9ESrgmwSWxg4QA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:12:55 2026 by rpki-client