Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
File: 87659113-4050-43f4-ade6-cfd7a3483d5c.roa (raw, json)
Hash identifier: 8T7R+OK4BHf3NzPyA6pVJlr1pM4aNhbg9/BOH8t9XKw=
Subject key identifier: 14:EE:FC:24:D3:0F:E5:4A:ED:30:37:88:DA:CB:78:75:16:E2:29:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FC41B81907422F43C37D098F44A7BA9C7DA94E5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
Signing time: Sat 28 Feb 2026 06:01:16 +0000
ROA not before: Sat 28 Feb 2026 06:01:16 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 01 Mar 2026 16:58:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:c4:1b:81:90:74:22:f4:3c:37:d0:98:f4:4a:7b:a9:c7:da:94:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:01:16 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=9b92df81c7e39bd3fba244ef61e0b02969e7501bd735727a253fba6beb89cda3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1d:24:fd:5c:2b:61:0c:3e:9e:33:e0:ce:a5:
bb:1f:94:9a:35:42:38:59:39:5c:56:87:3a:9a:32:
78:fa:35:42:e5:fb:a2:5a:8c:fb:76:64:ad:d7:0a:
3e:2c:8d:8f:5a:02:31:53:9e:72:7a:d6:58:5e:7d:
ac:4a:73:9f:06:0d:a6:77:ff:b7:b6:a6:f9:ca:9b:
d3:84:04:7f:42:8d:3f:89:fa:53:41:ca:31:34:86:
33:b6:8d:1e:b8:d1:5e:19:6a:e9:c4:63:96:82:e2:
d5:6a:8c:ee:47:9b:cd:3c:83:1f:e2:55:5f:0e:76:
5c:d2:ab:21:29:93:26:2f:2f:0d:50:8c:16:b2:6d:
1b:35:de:14:fe:22:ec:42:5e:e5:69:44:6a:22:df:
25:9e:bc:98:59:f4:9c:f6:49:ee:1c:84:48:97:75:
68:44:f1:c4:af:6a:6f:2b:d5:7b:28:fd:5e:b4:48:
d7:39:af:54:10:45:73:6b:7b:ee:b5:6c:f8:3c:51:
86:6f:87:74:14:53:35:a5:35:38:6e:f5:0c:65:c1:
b5:65:61:7b:d2:40:ba:fd:5b:4f:d4:51:01:27:65:
40:65:8f:96:31:54:e2:fc:37:26:2b:2b:82:ed:2e:
1e:02:b8:97:50:b0:a7:72:c1:5f:3f:2d:bd:d5:87:
1e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:EE:FC:24:D3:0F:E5:4A:ED:30:37:88:DA:CB:78:75:16:E2:29:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:8000::/40
Signature Algorithm: sha256WithRSAEncryption
04:5c:0e:8d:93:c9:61:2e:8f:c1:8d:e5:2f:b6:c3:fb:18:17:
25:ad:1a:ef:99:56:74:a2:25:d8:4a:e7:9e:e1:6b:69:87:89:
36:af:a5:0d:27:4f:c2:6d:8d:27:c1:db:f7:38:f9:a0:71:e1:
6b:2a:42:5c:20:73:e0:70:0e:16:4f:af:51:45:32:2a:ca:31:
e2:7c:3d:82:6d:b3:8b:59:7a:d8:5e:07:b4:14:b6:d5:73:1f:
d1:8d:12:2c:7b:55:fb:c4:49:64:4b:c0:25:80:9c:48:55:02:
81:dd:64:41:e2:1c:dd:4a:16:48:e4:b7:5e:18:8c:a4:a6:d5:
a0:bd:79:ea:22:38:88:08:43:9c:46:d7:7f:ba:96:c5:43:d1:
3d:d9:90:2b:66:81:90:27:37:22:35:1f:0f:c2:ec:d1:2d:98:
ca:b1:bb:15:f0:11:8f:88:6f:b3:a5:8d:33:52:be:c3:7c:5c:
41:32:5d:4f:57:b1:0c:94:b3:3c:a2:94:ac:93:08:fe:0e:9e:
31:77:cd:2a:fc:69:fe:82:14:5f:ca:1e:86:c3:be:af:91:5a:
f7:01:0d:63:ac:81:aa:f7:16:11:4d:30:14:bb:59:32:95:a7:
70:76:63:ac:fe:9d:db:cd:fd:68:d2:01:b9:0e:7a:5e:b2:e5:
c5:11:c0:47
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT8QbgZB0IvQ8N9CY9Ep7qcfalOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAxMTZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDliOTJkZjgxYzdlMzliZDNmYmEyNDRlZjYxZTBiMDI5NjllNzUwMWJkNzM1
NzI3YTI1M2ZiYTZiZWI4OWNkYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEdJP1cK2EMPp4z4M6lux+UmjVCOFk5XFaHOpoyePo1QuX7olqM+3ZkrdcK
PiyNj1oCMVOecnrWWF59rEpznwYNpnf/t7am+cqb04QEf0KNP4n6U0HKMTSGM7aN
HrjRXhlq6cRjloLi1WqM7kebzTyDH+JVXw52XNKrISmTJi8vDVCMFrJtGzXeFP4i
7EJe5WlEaiLfJZ68mFn0nPZJ7hyESJd1aETxxK9qbyvVeyj9XrRI1zmvVBBFc2t7
7rVs+DxRhm+HdBRTNaU1OG71DGXBtWVhe9JAuv1bT9RRASdlQGWPljFU4vw3Jisr
gu0uHgK4l1Cwp3LBXz8tvdWHHg8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQU7vwk
0w/lSu0wN4jay3h1FuIpYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODc2NTkxMTMtNDA1MC00M2Y0LWFkZTYtY2ZkN2EzNDgzZDVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HiA
MA0GCSqGSIb3DQEBCwUAA4IBAQAEXA6Nk8lhLo/BjeUvtsP7GBclrRrvmVZ0oiXY
Suee4Wtph4k2r6UNJ0/CbY0nwdv3OPmgceFrKkJcIHPgcA4WT69RRTIqyjHifD2C
bbOLWXrYXge0FLbVcx/RjRIse1X7xElkS8AlgJxIVQKB3WRB4hzdShZI5LdeGIyk
ptWgvXnqIjiICEOcRtd/upbFQ9E92ZArZoGQJzciNR8PwuzRLZjKsbsV8BGPiG+z
pY0zUr7DfFxBMl1PV7EMlLM8opSskwj+Dp4xd80q/Gn+ghRfyh6Gw76vkVr3AQ1j
rIGq9xYRTTAUu1kyladwdmOs/p3bzf1o0gG5DnpesuXFEcBH
-----END CERTIFICATE-----
Generated at Sun Mar 1 00:24:26 2026 by rpki-client