Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
File: b83c6ff3-492f-409c-86bf-cb90ca64f452.roa (raw, json)
Hash identifier: s8/ubyQpELhGObyFzguwLu3+R50lxJ8OzzgP41jzIc0=
Subject key identifier: 80:54:10:E8:CE:DE:FD:01:82:F2:E5:92:D5:F5:5D:54:F4:CC:12:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4CC42CF67F55B3022720EB64C52DEEC6B84ECF35
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
Signing time: Tue 17 Feb 2026 03:10:05 +0000
ROA not before: Tue 17 Feb 2026 03:10:05 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:c4:2c:f6:7f:55:b3:02:27:20:eb:64:c5:2d:ee:c6:b8:4e:cf:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:05 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=964ec6c09e1b613753e2cbfaae5d135ac1b1573baf9b56f16576d8d109f01c1d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:68:fd:24:be:a9:51:69:ef:48:6c:7a:c5:79:
56:f4:8e:7a:38:33:46:6a:f2:7c:d7:e6:88:81:98:
0f:9f:a4:04:83:cc:32:dc:5c:30:c4:ab:85:e5:ae:
af:d2:4f:52:7d:12:bc:91:cc:74:b1:32:44:24:df:
f6:be:f8:db:81:df:22:0c:95:73:41:04:84:a5:3a:
14:e5:62:02:ba:66:92:c1:b4:94:cf:5f:1e:75:6f:
26:31:d3:93:8f:7e:48:45:b4:6c:bf:da:42:6c:43:
da:14:d5:06:95:91:4b:04:74:fd:6f:cb:63:20:75:
ed:49:15:5e:f8:8b:c8:11:1e:44:49:f3:45:9c:1a:
e7:65:95:3d:e6:3f:43:27:c4:de:63:5a:a3:ed:5f:
79:8a:ad:fc:9f:4d:86:a7:e2:af:5d:e5:ca:8e:4b:
b7:d1:84:03:bf:ae:8c:14:2b:6f:57:19:53:37:c5:
4f:80:98:d2:05:ec:3f:ea:f2:de:09:55:ff:29:c8:
c9:b4:49:64:d2:fe:eb:84:d6:91:eb:fd:33:15:38:
c0:37:a2:cb:fd:a8:a9:d2:7d:3b:ba:89:76:13:81:
42:55:ed:4e:8e:09:a2:f8:2b:1d:92:7a:90:f3:bd:
3a:53:2f:01:01:04:89:8f:76:e7:b1:74:d8:09:ad:
25:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:54:10:E8:CE:DE:FD:01:82:F2:E5:92:D5:F5:5D:54:F4:CC:12:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:c3:54:9e:35:ad:d6:22:18:63:ab:f7:79:20:b1:9e:aa:0a:
3a:df:3e:1a:3e:61:47:34:74:b2:c6:49:bd:82:a7:c4:e2:b5:
90:02:ae:f0:d0:db:36:af:da:bf:2a:fc:9a:3b:a2:50:ea:9c:
39:47:ba:e9:bc:cd:75:1a:30:4e:a4:cd:f2:74:74:82:82:15:
72:83:ab:c4:01:68:8e:21:f6:a8:01:57:dd:27:b1:66:49:32:
93:34:85:ec:54:13:ac:61:58:c0:a7:b5:4b:b6:fc:fa:db:fe:
a8:06:80:04:fa:a9:6d:28:f5:10:df:76:f4:ba:9c:f6:cf:9f:
2a:eb:e5:cc:39:1f:92:88:2f:2e:29:14:60:3c:44:fc:ef:25:
aa:1f:5f:89:01:95:4e:cd:68:3c:18:fe:13:98:28:5a:38:01:
9e:cf:93:38:45:7d:ad:f4:40:81:f6:8a:8f:6f:70:ab:03:c0:
72:ce:b1:ae:25:13:c1:05:d7:33:9d:2e:37:57:9a:20:e7:4d:
02:27:7e:09:0b:33:a9:48:69:98:8f:fd:00:23:5e:4e:d1:c1:
39:c0:52:3e:0b:ec:99:7a:b9:76:e4:16:47:ec:94:2e:b9:41:
dd:db:23:c8:cb:89:fb:ec:fa:8e:2d:7f:d5:4d:36:1d:93:8e:
ed:6f:0a:17
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTMQs9n9VswInIOtkxS3uxrhOzzUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMDVaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2NGVjNmMwOWUxYjYxMzc1M2UyY2JmYWFlNWQxMzVhYzFiMTU3M2JhZjli
NTZmMTY1NzZkOGQxMDlmMDFjMWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlo/SS+qVFp70hsesV5VvSOejgzRmryfNfmiIGYD5+kBIPMMtxcMMSrheWu
r9JPUn0SvJHMdLEyRCTf9r7424HfIgyVc0EEhKU6FOViArpmksG0lM9fHnVvJjHT
k49+SEW0bL/aQmxD2hTVBpWRSwR0/W/LYyB17UkVXviLyBEeREnzRZwa52WVPeY/
QyfE3mNao+1feYqt/J9Nhqfir13lyo5Lt9GEA7+ujBQrb1cZUzfFT4CY0gXsP+ry
3glV/ynIybRJZNL+64TWkev9MxU4wDeiy/2oqdJ9O7qJdhOBQlXtTo4JovgrHZJ6
kPO9OlMvAQEEiY9257F02AmtJe8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSAVBDo
zt79AYLy5ZLV9V1U9MwSMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjgzYzZmZjMtNDkyZi00MDljLTg2YmYtY2I5MGNhNjRmNDUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng
MA0GCSqGSIb3DQEBCwUAA4IBAQCew1SeNa3WIhhjq/d5ILGeqgo63z4aPmFHNHSy
xkm9gqfE4rWQAq7w0Ns2r9q/KvyaO6JQ6pw5R7rpvM11GjBOpM3ydHSCghVyg6vE
AWiOIfaoAVfdJ7FmSTKTNIXsVBOsYVjAp7VLtvz62/6oBoAE+qltKPUQ33b0upz2
z58q6+XMOR+SiC8uKRRgPET87yWqH1+JAZVOzWg8GP4TmChaOAGez5M4RX2t9ECB
9oqPb3CrA8ByzrGuJRPBBdcznS43V5og500CJ34JCzOpSGmYj/0AI15O0cE5wFI+
C+yZerl25BZH7JQuuUHd2yPIy4n77PqOLX/VTTYdk47tbwoX
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:56 2026 by rpki-client