Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b173f3a7-92aa-4ed5-a064-449ecccb21fb.roa
File: b173f3a7-92aa-4ed5-a064-449ecccb21fb.roa (raw, json)
Hash identifier: 7BPz0LHugDqhNbQK9luKZHUWlVzPVXK0B1XmrLUN974=
Subject key identifier: EE:55:8A:CF:B9:8C:A3:BA:82:29:88:EC:6E:3E:87:23:5B:D7:54:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55A821BD74F7C98001A06F8D987BB371438ED37D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b173f3a7-92aa-4ed5-a064-449ecccb21fb.roa
Signing time: Thu 12 Mar 2026 15:36:37 +0000
ROA not before: Thu 12 Mar 2026 15:36:37 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:a8:21:bd:74:f7:c9:80:01:a0:6f:8d:98:7b:b3:71:43:8e:d3:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:36:37 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=5044e61476573f598e4a42452cfce775fe94295c552aaf5b73590a363dbfeb54, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1b:42:78:51:37:d8:ca:76:d2:f8:75:78:46:
53:81:e9:15:4c:7b:ae:ba:42:09:a3:80:e0:f2:38:
87:53:4f:35:0c:77:2c:85:ba:52:21:22:a8:1d:cc:
d7:55:06:8c:da:13:fc:fc:67:d7:98:dc:b4:6d:9e:
76:bc:d1:54:a0:26:0b:72:76:1a:dd:6b:84:dc:c5:
e4:7c:b7:37:8c:c6:bd:04:9d:d6:1b:c8:b5:75:0c:
cf:12:d6:a5:8f:72:16:90:a2:c2:a9:6a:3a:9d:98:
9d:22:81:55:2f:36:18:48:27:1b:97:b8:97:de:4a:
cf:86:bd:fc:d1:4e:c1:d7:f6:35:a2:2f:82:94:e5:
63:85:e5:a4:a6:dd:57:ce:a1:91:ea:bf:e9:98:a1:
9a:0a:7b:44:62:c8:41:3f:4e:e4:25:d6:72:fd:8a:
5f:15:fd:80:c9:cd:52:da:2b:bf:d5:09:04:6c:c1:
cb:30:c9:99:22:2d:f0:38:e6:ed:37:e7:d2:08:ff:
91:63:82:05:04:94:84:cd:13:fb:e8:0d:04:e7:b1:
80:ff:bc:b4:5f:40:fa:91:bb:de:03:73:5e:9e:44:
86:dd:20:86:ca:b4:7c:e7:26:08:ef:10:b4:79:03:
42:57:7f:06:a9:d4:1c:18:a6:fc:45:6f:a2:20:09:
0d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:55:8A:CF:B9:8C:A3:BA:82:29:88:EC:6E:3E:87:23:5B:D7:54:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b173f3a7-92aa-4ed5-a064-449ecccb21fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:1040::/48
Signature Algorithm: sha256WithRSAEncryption
77:16:9d:11:4f:63:51:12:e0:5d:04:10:81:c5:67:31:34:16:
10:ca:c1:e5:96:f6:90:4b:ac:4b:e6:c2:b5:cb:8d:40:fa:2e:
d5:54:ca:49:c3:fa:f1:9b:48:90:aa:23:97:17:70:70:64:a1:
e1:f3:ae:2f:6e:16:eb:7d:19:6d:eb:6c:d5:d1:b3:fc:b9:a0:
c9:bc:a9:98:be:39:54:3a:18:b7:d3:9b:34:f3:c3:d9:28:46:
bc:16:54:66:f2:eb:9a:67:4a:bc:a6:a2:8a:24:40:c7:33:24:
93:4d:2f:8c:03:3e:31:8c:e7:8d:3b:fc:f0:6a:8e:5a:64:db:
28:c9:2b:db:f0:be:93:02:6d:74:51:c3:ad:1d:15:16:57:a1:
dc:26:08:3e:15:15:53:8c:70:cf:b3:0e:6a:18:3a:3e:9d:4f:
dc:0a:f5:21:8b:a6:f7:09:63:7d:d7:1b:00:5b:91:a8:d4:56:
7a:22:c0:a6:64:a2:d3:91:ae:6d:af:19:d1:75:57:5c:47:83:
c6:93:cc:03:23:a8:ed:d1:14:79:73:9c:a2:96:ad:33:f8:7b:
3f:c4:6b:e4:38:e0:fa:d6:cc:e6:43:40:ae:4c:fb:fe:96:5e:
63:45:c2:9f:b8:67:8b:e1:da:ea:46:05:e2:ac:83:bf:0d:6a:
c4:26:8a:fd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVaghvXT3yYABoG+NmHuzcUOO030wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTM2MzdaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwNDRlNjE0NzY1NzNmNTk4ZTRhNDI0NTJjZmNlNzc1ZmU5NDI5NWM1NTJh
YWY1YjczNTkwYTM2M2RiZmViNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgbQnhRN9jKdtL4dXhGU4HpFUx7rrpCCaOA4PI4h1NPNQx3LIW6UiEiqB3M
11UGjNoT/Pxn15jctG2edrzRVKAmC3J2Gt1rhNzF5Hy3N4zGvQSd1hvItXUMzxLW
pY9yFpCiwqlqOp2YnSKBVS82GEgnG5e4l95Kz4a9/NFOwdf2NaIvgpTlY4XlpKbd
V86hkeq/6Zihmgp7RGLIQT9O5CXWcv2KXxX9gMnNUtorv9UJBGzByzDJmSIt8Djm
7Tfn0gj/kWOCBQSUhM0T++gNBOexgP+8tF9A+pG73gNzXp5Eht0ghsq0fOcmCO8Q
tHkDQld/BqnUHBim/EVvoiAJDaMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTuVYrP
uYyjuoIpiOxuPocjW9dUKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE3M2YzYTctOTJhYS00ZWQ1LWEwNjQtNDQ5ZWNjY2IyMWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FoQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAdxadEU9jURLgXQQQgcVnMTQWEMrB5Zb2kEus
S+bCtcuNQPou1VTKScP68ZtIkKojlxdwcGSh4fOuL24W630Zbets1dGz/Lmgybyp
mL45VDoYt9ObNPPD2ShGvBZUZvLrmmdKvKaiiiRAxzMkk00vjAM+MYznjTv88GqO
WmTbKMkr2/C+kwJtdFHDrR0VFleh3CYIPhUVU4xwz7MOahg6Pp1P3Ar1IYum9wlj
fdcbAFuRqNRWeiLApmSi05Guba8Z0XVXXEeDxpPMAyOo7dEUeXOcopatM/h7P8Rr
5Djg+tbM5kNArkz7/pZeY0XCn7hni+Ha6kYF4qyDvw1qxCaK/Q==
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:16:18 2026 by rpki-client