Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73d32a7e-651e-4ae6-b0c4-d847af22fc9d.roa
File: 73d32a7e-651e-4ae6-b0c4-d847af22fc9d.roa (raw, json)
Hash identifier: 3hQTwG+XoZck2xU5LzDTjjcVjFM7iGdnlK0qqirbw0U=
Subject key identifier: C2:F4:C3:76:EC:10:4E:2A:37:DF:65:F9:73:C5:78:CD:31:CD:72:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E0930F7029E51EA36CE012BE303A536B97DCD00
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73d32a7e-651e-4ae6-b0c4-d847af22fc9d.roa
Signing time: Thu 12 Mar 2026 15:38:31 +0000
ROA not before: Thu 12 Mar 2026 15:38:31 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:09:30:f7:02:9e:51:ea:36:ce:01:2b:e3:03:a5:36:b9:7d:cd:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:38:31 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=c7de6c3b18c3adbf85bb2bd87c4c88b1d24930b1b73fc99e1fb9612e1d441692, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f4:ff:73:44:66:54:5d:6f:74:75:b2:9c:87:
a3:d5:2f:91:70:c6:f7:e4:ab:bb:ec:ca:9f:f3:3e:
d9:26:36:fc:5a:77:78:c3:66:f6:de:91:02:e8:a2:
3c:16:2f:6c:ad:a7:0e:0e:03:55:be:cb:7e:3b:ad:
87:24:61:19:d5:ff:ce:0d:94:c3:e9:6a:07:6f:3f:
09:4d:1c:6d:fa:96:11:47:ce:17:6c:2d:aa:b1:b7:
2c:7b:87:f4:b8:fc:f3:d0:50:ee:1d:ae:61:a6:5b:
9a:fd:2b:fa:2f:a5:84:e1:4a:4e:8b:be:26:7c:4b:
c8:27:8e:29:5c:15:9b:16:ca:6d:66:0f:c6:f7:62:
c9:62:20:d0:a2:5e:08:88:25:fc:b1:65:80:19:a0:
28:76:4f:65:2f:1a:82:88:c4:bb:22:de:a1:dd:bb:
05:7d:48:44:90:4b:24:ae:4c:df:98:ca:96:18:5e:
54:aa:5d:5c:44:d4:f3:29:bb:78:da:51:9d:ef:a8:
03:c1:b7:ef:59:73:69:3a:fa:8e:2f:ad:00:9d:94:
73:8a:fe:af:84:32:cd:5a:b5:2e:f5:32:69:bf:71:
6f:2e:ef:e7:fd:4d:e3:e4:49:ea:11:6c:0c:75:44:
ec:ae:e5:a7:63:f1:52:28:ff:de:a1:ac:ee:ae:7b:
e8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:F4:C3:76:EC:10:4E:2A:37:DF:65:F9:73:C5:78:CD:31:CD:72:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73d32a7e-651e-4ae6-b0c4-d847af22fc9d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:6040::/48
Signature Algorithm: sha256WithRSAEncryption
83:09:fc:ec:0a:ef:4f:d8:31:6f:79:a5:95:df:3b:9d:e9:4f:
52:f5:b1:a3:bf:fb:88:26:1c:e3:43:1b:28:3a:09:13:99:13:
48:2b:ec:31:d0:97:2f:45:63:68:ae:13:75:26:9e:cb:a6:5d:
3c:b4:40:94:02:2b:b2:58:35:a6:4c:8f:be:70:6c:e7:8b:f4:
44:ae:61:20:47:9d:c5:2c:a4:ec:50:9e:d9:e7:80:76:af:13:
59:83:fa:84:8f:34:20:5e:06:a2:3a:35:8a:41:4f:a9:a0:74:
67:77:36:09:c9:dc:3b:0a:b8:2e:b2:ea:41:ea:22:e6:ea:e4:
6e:49:93:e2:8d:2a:06:a3:2f:19:2b:18:5c:88:64:0b:45:1f:
8e:71:a0:bd:b9:8e:26:d3:82:79:86:44:2a:78:50:2d:54:3d:
18:07:8d:a1:84:58:1c:68:42:54:ff:e1:b1:0e:ec:57:e0:b0:
23:19:4a:fa:13:e4:2f:76:c9:a5:02:ed:1d:a2:09:01:91:4f:
25:b5:ef:d7:12:ee:3d:09:35:59:69:53:d0:10:cb:4f:0d:b3:
84:db:63:17:46:ca:13:71:41:76:8f:37:af:f2:c8:ba:90:74:
15:d9:39:ad:df:ed:3b:4a:5f:e2:f4:ef:5c:33:03:b8:d5:2e:
c2:07:75:cd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDgkw9wKeUeo2zgEr4wOlNrl9zQAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTM4MzFaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3ZGU2YzNiMThjM2FkYmY4NWJiMmJkODdjNGM4OGIxZDI0OTMwYjFiNzNm
Yzk5ZTFmYjk2MTJlMWQ0NDE2OTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANL0/3NEZlRdb3R1spyHo9UvkXDG9+Sru+zKn/M+2SY2/Fp3eMNm9t6RAuii
PBYvbK2nDg4DVb7LfjuthyRhGdX/zg2Uw+lqB28/CU0cbfqWEUfOF2wtqrG3LHuH
9Lj889BQ7h2uYaZbmv0r+i+lhOFKTou+JnxLyCeOKVwVmxbKbWYPxvdiyWIg0KJe
CIgl/LFlgBmgKHZPZS8agojEuyLeod27BX1IRJBLJK5M35jKlhheVKpdXETU8ym7
eNpRne+oA8G371lzaTr6ji+tAJ2Uc4r+r4QyzVq1LvUyab9xby7v5/1N4+RJ6hFs
DHVE7K7lp2PxUij/3qGs7q576LUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTC9MN2
7BBOKjffZflzxXjNMc1yZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzNkMzJhN2UtNjUxZS00YWU2LWIwYzQtZDg0N2FmMjJmYzlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H1g
QDANBgkqhkiG9w0BAQsFAAOCAQEAgwn87ArvT9gxb3mlld87nelPUvWxo7/7iCYc
40MbKDoJE5kTSCvsMdCXL0VjaK4TdSaey6ZdPLRAlAIrslg1pkyPvnBs54v0RK5h
IEedxSyk7FCe2eeAdq8TWYP6hI80IF4Gojo1ikFPqaB0Z3c2CcncOwq4LrLqQeoi
5urkbkmT4o0qBqMvGSsYXIhkC0UfjnGgvbmOJtOCeYZEKnhQLVQ9GAeNoYRYHGhC
VP/hsQ7sV+CwIxlK+hPkL3bJpQLtHaIJAZFPJbXv1xLuPQk1WWlT0BDLTw2zhNtj
F0bKE3FBdo83r/LIupB0Fdk5rd/tO0pf4vTvXDMDuNUuwgd1zQ==
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:16:19 2026 by rpki-client