Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
File: e84166dd-4497-414d-9864-983017c7c326.roa (raw, json)
Hash identifier: SY7oIxrV5BHN66+aqFRHleeLLQVMsTAwIx2vURvYRw8=
Subject key identifier: 83:87:17:08:3B:AA:34:EE:EC:54:53:AC:CF:BE:DD:BA:1E:FF:31:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B814DB37FDE9F1E2F27D879DFFF253ED58366AC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
Signing time: Sat 28 Feb 2026 06:10:26 +0000
ROA not before: Sat 28 Feb 2026 06:10:26 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:81:4d:b3:7f:de:9f:1e:2f:27:d8:79:df:ff:25:3e:d5:83:66:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:26 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=1cb350380cfe19f3250d2820165e79ddf2ffa72f8bfd72a5c9f0a361df894b05, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7c:aa:65:00:6c:37:1c:10:1c:c1:87:1d:15:
e4:c2:a6:2b:b2:c1:f9:78:c0:db:1a:27:c4:cf:a2:
c6:68:11:54:5c:87:a6:04:84:9b:4a:29:00:ae:b9:
c8:4a:4f:4f:91:dc:de:7f:68:7a:1b:e1:0e:c1:ee:
0f:7a:11:91:c5:6f:dd:0b:bc:75:25:56:4a:bc:57:
ae:c7:02:6b:8e:ec:51:c1:8f:e9:ff:f6:21:29:b5:
1b:50:28:1c:1f:5e:8a:4d:ee:e0:4e:82:03:49:2a:
74:38:83:ed:fe:d8:80:a7:e7:1b:13:d2:00:dd:47:
78:2f:e4:11:61:05:41:bc:50:0e:d4:f0:d7:32:ae:
1a:41:12:dd:7f:f2:ac:d2:e3:7d:f8:33:79:62:a7:
cd:2f:2e:e4:77:bf:86:f3:1c:7a:1d:20:c4:08:c4:
b4:e6:de:9f:06:e2:3a:b5:c2:00:74:db:a3:57:49:
4d:77:75:c1:4c:de:c7:b5:1c:d3:53:89:10:ba:21:
1d:08:33:7d:46:4e:6f:42:5b:5e:10:1a:8a:50:0c:
19:6c:2e:e4:6b:78:b6:31:29:1e:02:e6:6d:b0:3b:
0d:e9:55:f9:c8:e7:33:ac:92:60:7c:c2:c0:08:fb:
a4:5d:54:27:97:4b:f9:c3:97:83:9d:df:db:94:6c:
fa:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:87:17:08:3B:AA:34:EE:EC:54:53:AC:CF:BE:DD:BA:1E:FF:31:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:5000::/40
Signature Algorithm: sha256WithRSAEncryption
37:b0:b8:43:e0:6b:7a:30:51:fe:97:9e:e9:6c:d0:a4:a3:0e:
4f:a4:55:3e:84:11:7f:c9:21:c6:bc:13:47:68:8f:ea:d1:a4:
81:b0:cd:40:d0:45:cd:53:2e:3f:0f:fa:7a:ad:89:62:9a:67:
21:f8:e4:48:4b:32:48:bc:9b:9e:2e:9e:c1:e5:64:36:6d:0c:
22:db:53:d4:1c:61:b5:98:a9:80:93:6f:10:20:46:9b:ac:1d:
90:ae:d7:08:c5:e8:0d:76:94:60:8a:6d:e2:fa:f1:0f:b9:62:
d9:d3:dc:f7:69:34:7d:1e:56:42:de:d1:a0:70:02:cf:9b:07:
e8:3a:e1:fe:c9:13:40:d4:dd:d2:b5:25:28:c2:92:c8:e0:3c:
e9:82:1d:bb:ad:f8:76:27:aa:69:f2:30:66:ee:19:39:5c:6a:
da:e0:0f:ef:80:4f:22:16:59:b7:2c:19:a4:da:16:0a:99:3c:
3e:04:33:ed:2d:4e:ad:0e:a0:f6:64:d1:cc:70:0a:29:d0:08:
66:c4:bb:92:9e:38:16:eb:f9:4f:89:5a:7a:c2:50:1c:dc:cd:
3b:5f:a8:92:61:9c:8c:e3:0b:63:ab:33:c6:9f:c3:55:31:21:
22:93:fb:88:02:eb:1c:9b:f2:f6:1c:be:c2:86:b4:bf:9f:81:
1b:3f:40:15
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG4FNs3/enx4vJ9h53/8lPtWDZqwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwMjZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjYjM1MDM4MGNmZTE5ZjMyNTBkMjgyMDE2NWU3OWRkZjJmZmE3MmY4YmZk
NzJhNWM5ZjBhMzYxZGY4OTRiMDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMB8qmUAbDccEBzBhx0V5MKmK7LB+XjA2xonxM+ixmgRVFyHpgSEm0opAK65
yEpPT5Hc3n9oehvhDsHuD3oRkcVv3Qu8dSVWSrxXrscCa47sUcGP6f/2ISm1G1Ao
HB9eik3u4E6CA0kqdDiD7f7YgKfnGxPSAN1HeC/kEWEFQbxQDtTw1zKuGkES3X/y
rNLjffgzeWKnzS8u5He/hvMceh0gxAjEtObenwbiOrXCAHTbo1dJTXd1wUzex7Uc
01OJELohHQgzfUZOb0JbXhAailAMGWwu5Gt4tjEpHgLmbbA7DelV+cjnM6ySYHzC
wAj7pF1UJ5dL+cOXg53f25Rs+h8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSDhxcI
O6o07uxUU6zPvt26Hv8xCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg0MTY2ZGQtNDQ5Ny00MTRkLTk4NjQtOTgzMDE3YzdjMzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA3sLhD4Gt6MFH+l57pbNCkow5PpFU+hBF/ySHG
vBNHaI/q0aSBsM1A0EXNUy4/D/p6rYlimmch+ORISzJIvJueLp7B5WQ2bQwi21PU
HGG1mKmAk28QIEabrB2QrtcIxegNdpRgim3i+vEPuWLZ09z3aTR9HlZC3tGgcALP
mwfoOuH+yRNA1N3StSUowpLI4Dzpgh27rfh2J6pp8jBm7hk5XGra4A/vgE8iFlm3
LBmk2hYKmTw+BDPtLU6tDqD2ZNHMcAop0AhmxLuSnjgW6/lPiVp6wlAc3M07X6iS
YZyM4wtjqzPGn8NVMSEik/uIAuscm/L2HL7ChrS/n4EbP0AV
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:40:28 2026 by rpki-client