Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
File: d84b5798-b167-465e-8272-054986363200.roa (raw, json)
Hash identifier: 1GcPE5RgoOc31wYQskEKqJ1hkPrK6syCvR5pJB3ubcA=
Subject key identifier: 43:54:6F:CD:8A:1F:0F:00:A7:9A:DC:0D:C5:15:58:C5:6A:7E:50:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F3A2DF4F32C244FF4F42467F19EAF0CA57674C3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
Signing time: Sat 28 Feb 2026 06:21:04 +0000
ROA not before: Sat 28 Feb 2026 06:21:04 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:3a:2d:f4:f3:2c:24:4f:f4:f4:24:67:f1:9e:af:0c:a5:76:74:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:04 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f68fe02422f2f1c4aeb75803e2d30e464b759b88f3c28d34e216304ec25a4256, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d0:1b:13:1f:05:2a:57:fe:ea:f6:76:85:32:
fb:ea:5b:37:fb:d4:b2:62:83:cd:9d:23:74:91:d9:
32:db:9b:e2:0d:65:df:18:9e:e6:8c:c0:27:55:83:
a6:3d:e2:41:d5:c7:c5:2d:f8:e5:07:a2:8f:17:cb:
f4:f6:3e:a3:b1:5b:17:16:28:5a:84:c6:78:c5:50:
ed:54:3d:30:75:a5:ab:f0:2a:60:e0:4b:f6:38:d0:
40:a6:b4:dc:66:67:26:12:22:1f:15:f8:1e:d0:01:
e8:cc:32:59:66:d4:5c:ab:c2:8d:29:a1:7c:e7:59:
fb:e5:3e:ba:90:ee:f7:9c:c7:be:94:01:a6:cd:33:
e7:7f:db:c5:63:29:4c:f8:d2:62:7a:7b:18:3b:be:
11:7b:12:9c:e0:bc:4d:35:3d:7a:8b:e0:d3:64:13:
9c:f5:67:c6:12:fe:d4:0c:d6:45:a1:d2:f1:07:2d:
19:f4:c5:35:cb:77:5a:46:15:d0:aa:57:36:56:21:
2f:59:e2:7f:23:1a:21:b2:49:90:5d:41:4a:e2:0c:
83:8a:a5:7b:91:13:fe:2a:81:68:71:0a:19:2e:db:
9a:b5:c1:49:52:9f:ff:41:11:26:cf:66:26:7b:9a:
64:5e:16:27:b4:21:b2:21:b0:10:38:5a:ba:ae:59:
48:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:54:6F:CD:8A:1F:0F:00:A7:9A:DC:0D:C5:15:58:C5:6A:7E:50:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
44:96:97:3d:5a:35:a0:44:00:cb:ba:ff:5d:a7:0b:a0:6a:9b:
89:05:0e:06:31:fb:a0:d0:fc:6a:d0:8e:3b:92:a2:f8:34:6f:
ae:1d:b3:9d:96:53:bf:7d:fd:59:b3:37:51:46:a4:56:ad:a2:
13:49:5f:be:d2:dc:9e:71:ff:65:24:70:47:3c:88:f4:e6:6b:
1d:5f:c9:1d:ae:94:f3:8c:d2:0b:7a:47:ee:5e:cc:fc:8d:77:
11:db:a9:f7:83:01:6c:d0:76:f8:a3:a4:c1:b3:06:c9:18:fd:
64:86:db:9d:ef:4a:b1:7f:0b:8d:b2:1b:7d:57:f9:7a:e7:90:
c8:08:1a:05:fa:80:d9:46:af:b7:94:1f:9d:5d:74:26:a6:63:
4d:f1:1b:0d:9f:90:44:9a:d5:33:d3:f0:fd:81:43:7f:0b:26:
04:23:f7:b5:e7:97:89:e3:6d:2c:03:e8:31:34:1b:bb:d7:52:
64:a0:24:eb:44:f4:79:3c:db:5a:c0:6b:c2:ea:4d:0c:97:cf:
9a:83:78:c4:75:41:cc:51:e1:96:c5:b0:58:fe:63:7c:ab:d4:
7d:87:66:38:46:30:c8:28:ce:ec:9a:bc:69:4b:76:7a:86:27:
7a:c9:94:17:7f:80:50:ca:c4:59:0d:d5:1a:39:68:6f:b8:44:
3a:95:9e:6b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHzot9PMsJE/09CRn8Z6vDKV2dMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMDRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2OGZlMDI0MjJmMmYxYzRhZWI3NTgwM2UyZDMwZTQ2NGI3NTliODhmM2My
OGQzNGUyMTYzMDRlYzI1YTQyNTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXQGxMfBSpX/ur2doUy++pbN/vUsmKDzZ0jdJHZMtub4g1l3xie5ozAJ1WD
pj3iQdXHxS345QeijxfL9PY+o7FbFxYoWoTGeMVQ7VQ9MHWlq/AqYOBL9jjQQKa0
3GZnJhIiHxX4HtAB6MwyWWbUXKvCjSmhfOdZ++U+upDu95zHvpQBps0z53/bxWMp
TPjSYnp7GDu+EXsSnOC8TTU9eovg02QTnPVnxhL+1AzWRaHS8QctGfTFNct3WkYV
0KpXNlYhL1nifyMaIbJJkF1BSuIMg4qle5ET/iqBaHEKGS7bmrXBSVKf/0ERJs9m
JnuaZF4WJ7QhsiGwEDhauq5ZSLECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRDVG/N
ih8PAKea3A3FFVjFan5Q5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDg0YjU3OTgtYjE2Ny00NjVlLTgyNzItMDU0OTg2MzYzMjAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
wDANBgkqhkiG9w0BAQsFAAOCAQEARJaXPVo1oEQAy7r/XacLoGqbiQUOBjH7oND8
atCOO5Ki+DRvrh2znZZTv339WbM3UUakVq2iE0lfvtLcnnH/ZSRwRzyI9OZrHV/J
Ha6U84zSC3pH7l7M/I13Edup94MBbNB2+KOkwbMGyRj9ZIbbne9KsX8LjbIbfVf5
eueQyAgaBfqA2Uavt5QfnV10JqZjTfEbDZ+QRJrVM9Pw/YFDfwsmBCP3teeXieNt
LAPoMTQbu9dSZKAk60T0eTzbWsBrwupNDJfPmoN4xHVBzFHhlsWwWP5jfKvUfYdm
OEYwyCjO7Jq8aUt2eoYnesmUF3+AUMrEWQ3VGjlob7hEOpWeaw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:48:52 2026 by rpki-client