Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0531f8d8-edca-4435-bfca-4e3a22de673b.roa
File: 0531f8d8-edca-4435-bfca-4e3a22de673b.roa (raw, json)
Hash identifier: 6EO/OgA4QtMEaOvAEon88C0EiPEsLdWkQ8HV5QE0qQI=
Subject key identifier: 23:7B:35:B3:C8:A2:FE:1F:75:55:62:49:4A:AA:25:48:7F:59:B2:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 184CFC0880B67DE164FC770A84A38243351D4C15
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0531f8d8-edca-4435-bfca-4e3a22de673b.roa
Signing time: Thu 12 Mar 2026 15:41:31 +0000
ROA not before: Thu 12 Mar 2026 15:41:31 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:4c:fc:08:80:b6:7d:e1:64:fc:77:0a:84:a3:82:43:35:1d:4c:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:41:31 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=38138e226dc9c6bcd9f1a7000196e4975a1f6a23cb9cbae2d10e3d60a3544828, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4a:cb:27:67:a8:0e:3b:c6:0b:60:cc:bb:83:
7b:46:e9:8c:3a:94:93:16:4c:13:a6:b5:34:b9:03:
d0:8b:62:a3:eb:40:c8:50:4a:24:e1:f9:2d:c6:f2:
09:b4:5b:6e:c1:53:a6:2e:80:5c:ee:a0:9b:ac:49:
71:d2:2c:9d:8d:c8:44:3e:49:76:fe:86:a4:ac:6e:
0c:73:cd:6f:5d:af:b9:67:89:9a:32:c1:61:34:d7:
73:cf:25:3c:17:fa:63:67:5c:68:83:0a:de:6b:69:
ec:2e:dd:75:9d:d3:53:83:19:12:f7:8d:c2:10:39:
b4:6f:7b:cc:03:45:4e:0c:e8:76:e0:2e:a5:82:75:
8e:99:33:aa:eb:d5:ae:b0:d2:f7:39:a0:4d:77:33:
31:fe:3e:ae:fc:15:6f:7a:76:09:09:67:5f:ea:e7:
6d:36:04:9d:c5:62:08:54:15:4c:40:e0:d8:2d:58:
8a:17:48:7b:f2:ef:24:41:cd:11:51:47:59:33:3a:
3c:f1:68:2e:ea:89:14:c9:bf:ce:43:06:02:86:d8:
f1:8a:e9:6e:1f:02:4e:0b:3d:2e:00:ce:8d:d8:61:
a2:52:5b:65:44:a2:28:39:da:a3:3c:0f:a1:12:1c:
d5:29:75:c6:b9:92:96:f8:49:f9:8b:21:89:57:f1:
a9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:7B:35:B3:C8:A2:FE:1F:75:55:62:49:4A:AA:25:48:7F:59:B2:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0531f8d8-edca-4435-bfca-4e3a22de673b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:6000::/40
Signature Algorithm: sha256WithRSAEncryption
05:73:a4:a6:5c:d0:23:a8:32:ca:8f:72:c4:63:20:51:d0:5a:
e6:71:04:f9:74:8f:fc:a6:b4:7b:e1:20:8e:5e:e1:a1:a3:4b:
12:fa:39:10:11:f9:d7:52:c2:e8:62:04:6d:a8:e8:bc:86:7e:
3e:8f:d4:54:83:f2:4c:64:45:b4:42:b5:93:5b:6f:f4:c5:47:
bc:3c:23:8b:72:08:28:97:a4:ab:74:68:bd:2a:1c:8c:63:22:
51:67:15:2b:9e:a3:74:55:e7:44:80:18:8b:af:60:5e:60:27:
31:f1:93:2d:92:98:67:2e:35:b0:ef:46:e5:6b:8b:39:c6:81:
d6:df:69:e3:2f:8f:1a:c4:fb:df:ac:2d:79:98:9f:b3:ca:31:
57:c1:88:22:98:f6:92:5e:65:a3:b8:2b:2f:e0:0e:12:e7:33:
78:cd:89:ba:9a:66:47:eb:06:b2:f1:90:e1:27:c2:ac:53:56:
b9:a5:4e:cd:af:9a:c0:04:fd:c5:6f:83:e2:75:63:02:45:13:
67:e1:7b:0b:b3:e5:08:e0:73:a7:97:20:58:19:d6:1b:91:e6:
73:01:97:a6:87:c2:a6:cc:a3:8c:c7:1c:76:56:3a:dc:8b:79:
24:13:c9:14:be:4d:5d:de:af:85:d8:a9:53:dc:f8:0e:a7:cb:
35:d5:14:15
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGEz8CIC2feFk/HcKhKOCQzUdTBUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTQxMzFaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4MTM4ZTIyNmRjOWM2YmNkOWYxYTcwMDAxOTZlNDk3NWExZjZhMjNjYjlj
YmFlMmQxMGUzZDYwYTM1NDQ4MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtKyydnqA47xgtgzLuDe0bpjDqUkxZME6a1NLkD0Itio+tAyFBKJOH5Lcby
CbRbbsFTpi6AXO6gm6xJcdIsnY3IRD5Jdv6GpKxuDHPNb12vuWeJmjLBYTTXc88l
PBf6Y2dcaIMK3mtp7C7ddZ3TU4MZEveNwhA5tG97zANFTgzoduAupYJ1jpkzquvV
rrDS9zmgTXczMf4+rvwVb3p2CQlnX+rnbTYEncViCFQVTEDg2C1YihdIe/LvJEHN
EVFHWTM6PPFoLuqJFMm/zkMGAobY8Yrpbh8CTgs9LgDOjdhholJbZUSiKDnaozwP
oRIc1Sl1xrmSlvhJ+YshiVfxqfkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQjezWz
yKL+H3VVYklKqiVIf1myFTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDUzMWY4ZDgtZWRjYS00NDM1LWJmY2EtNGUzYTIyZGU2NzNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H1g
MA0GCSqGSIb3DQEBCwUAA4IBAQAFc6SmXNAjqDLKj3LEYyBR0FrmcQT5dI/8prR7
4SCOXuGho0sS+jkQEfnXUsLoYgRtqOi8hn4+j9RUg/JMZEW0QrWTW2/0xUe8PCOL
cggol6SrdGi9KhyMYyJRZxUrnqN0VedEgBiLr2BeYCcx8ZMtkphnLjWw70bla4s5
xoHW32njL48axPvfrC15mJ+zyjFXwYgimPaSXmWjuCsv4A4S5zN4zYm6mmZH6way
8ZDhJ8KsU1a5pU7Nr5rABP3Fb4PidWMCRRNn4XsLs+UI4HOnlyBYGdYbkeZzAZem
h8KmzKOMxxx2Vjrci3kkE8kUvk1d3q+F2KlT3PgOp8s11RQV
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:16:21 2026 by rpki-client