Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fb7dc84-f094-4f1c-8826-a8f7c3464f71.roa
File: 5fb7dc84-f094-4f1c-8826-a8f7c3464f71.roa (raw, json)
Hash identifier: c4vFvkpVW73Pb9c6qeBCQnAAAm4xljWiCVxGlGGr8PI=
Subject key identifier: 3D:4C:BF:46:EE:FE:21:E0:61:FD:DF:44:78:96:75:72:C8:74:A9:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0CCB2C1E9A05D9C9567A4725F75CB6747D9352BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fb7dc84-f094-4f1c-8826-a8f7c3464f71.roa
Signing time: Thu 12 Mar 2026 15:41:30 +0000
ROA not before: Thu 12 Mar 2026 15:41:30 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:cb:2c:1e:9a:05:d9:c9:56:7a:47:25:f7:5c:b6:74:7d:93:52:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:41:30 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=ed5a18175667aaf0805992d20805bfc48568a38fee406bf4b87d6eb19d262532, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:84:c9:cf:78:b6:16:dc:38:0b:80:5b:21:67:
11:62:0b:f2:fe:9f:fc:77:e2:fa:fe:68:bc:6e:bb:
bc:c2:d2:d0:a0:79:c3:1a:31:89:83:f7:57:60:f6:
0e:83:ba:09:e8:88:2b:dc:fa:21:81:f8:1b:ff:50:
84:d7:51:af:d9:cc:85:e6:36:23:f3:9f:4b:2e:c5:
ab:fc:dd:a1:b0:9b:4c:7b:79:ca:e5:6b:aa:dc:6b:
0c:92:8e:92:a4:93:60:1a:b5:05:a4:00:65:2d:7c:
53:db:3f:64:a6:fc:ac:81:9d:07:ad:df:be:d6:e6:
4e:ee:29:e6:90:b2:a0:46:70:97:68:2b:18:c6:3e:
12:4d:73:49:4c:c2:10:8e:1a:84:ca:d0:88:f3:c1:
ef:bc:6b:b6:be:1a:47:7a:ac:19:9a:cf:bc:6c:a7:
1f:35:48:98:2d:e2:01:30:0b:49:90:4c:3e:e1:d9:
65:c0:f4:e5:60:d0:f7:70:5b:33:d8:23:3e:fe:57:
dc:79:e1:20:ac:f3:6c:e8:67:56:0b:fe:28:6e:cc:
cf:af:13:2e:3b:7b:d1:26:82:3a:e2:3d:e1:f0:06:
09:ef:d0:32:05:59:5f:f1:87:ea:6f:bf:bd:3c:af:
eb:69:5c:c1:2c:1a:1e:2f:98:b7:c5:dc:31:54:d2:
0d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:4C:BF:46:EE:FE:21:E0:61:FD:DF:44:78:96:75:72:C8:74:A9:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fb7dc84-f094-4f1c-8826-a8f7c3464f71.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:5000::/40
Signature Algorithm: sha256WithRSAEncryption
80:0d:44:a4:d8:b4:d3:a7:4d:c7:1c:77:51:5e:ba:e9:2b:64:
3a:22:e8:50:f2:bb:67:f2:d1:f7:e4:96:26:34:55:95:bf:4b:
bd:fc:cd:38:d5:70:19:97:22:0f:4d:10:01:c5:f8:0f:ee:00:
08:7d:c1:cc:6b:5d:f0:85:72:e2:a6:a8:19:f5:a1:c8:c1:c2:
37:a6:99:84:ac:30:bd:d8:96:6d:ab:a2:01:8b:69:01:16:f7:
92:e9:16:84:2a:22:4e:0c:16:82:8a:de:47:09:3a:8a:d7:f9:
a8:6b:df:ad:6a:66:69:ac:df:20:1b:ef:58:32:9c:24:39:f7:
93:be:af:17:93:47:f6:81:ef:f3:29:41:e4:2e:06:d3:dc:53:
48:ec:46:e3:9c:98:d1:65:2b:fb:9d:06:33:d4:aa:ca:db:f0:
84:4f:02:35:fd:3e:e4:35:f0:fc:7d:91:72:9f:4b:40:6c:ea:
7a:20:71:08:e1:89:ab:7d:54:4f:a7:0c:5c:8c:96:7f:0a:90:
5d:28:96:9e:60:b7:b9:9f:9e:14:27:21:8d:dd:ca:53:f6:4b:
69:25:4c:a6:68:b7:a8:43:31:3a:79:3d:75:d3:24:ad:a2:2b:
4d:af:95:f4:a9:52:ce:8c:25:66:3d:aa:25:35:5f:e6:01:8a:
4f:cd:7b:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDMssHpoF2clWekcl91y2dH2TUr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTQxMzBaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkNWExODE3NTY2N2FhZjA4MDU5OTJkMjA4MDViZmM0ODU2OGEzOGZlZTQw
NmJmNGI4N2Q2ZWIxOWQyNjI1MzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6Eyc94thbcOAuAWyFnEWIL8v6f/Hfi+v5ovG67vMLS0KB5wxoxiYP3V2D2
DoO6CeiIK9z6IYH4G/9QhNdRr9nMheY2I/OfSy7Fq/zdobCbTHt5yuVrqtxrDJKO
kqSTYBq1BaQAZS18U9s/ZKb8rIGdB63fvtbmTu4p5pCyoEZwl2grGMY+Ek1zSUzC
EI4ahMrQiPPB77xrtr4aR3qsGZrPvGynHzVImC3iATALSZBMPuHZZcD05WDQ93Bb
M9gjPv5X3HnhIKzzbOhnVgv+KG7Mz68TLjt70SaCOuI94fAGCe/QMgVZX/GH6m+/
vTyv62lcwSwaHi+Yt8XcMVTSDQUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9TL9G
7v4h4GH930R4lnVyyHSpmTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWZiN2RjODQtZjA5NC00ZjFjLTg4MjYtYThmN2MzNDY0ZjcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H1Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCADUSk2LTTp03HHHdRXrrpK2Q6IuhQ8rtn8tH3
5JYmNFWVv0u9/M041XAZlyIPTRABxfgP7gAIfcHMa13whXLipqgZ9aHIwcI3ppmE
rDC92JZtq6IBi2kBFveS6RaEKiJODBaCit5HCTqK1/moa9+tamZprN8gG+9YMpwk
OfeTvq8Xk0f2ge/zKUHkLgbT3FNI7EbjnJjRZSv7nQYz1KrK2/CETwI1/T7kNfD8
fZFyn0tAbOp6IHEI4YmrfVRPpwxcjJZ/CpBdKJaeYLe5n54UJyGN3cpT9ktpJUym
aLeoQzE6eT110yStoitNr5X0qVLOjCVmPaolNV/mAYpPzXv6
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:15:16 2026 by rpki-client