Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6b6ad0a-4421-4d1e-97dc-9ac638c3ee31.roa
File: f6b6ad0a-4421-4d1e-97dc-9ac638c3ee31.roa (raw, json)
Hash identifier: joi5Psc8VML7wMtd4flGrZ8IENKZ45DIo0JY60K7Szk=
Subject key identifier: D3:45:F1:C5:B3:2F:27:CC:1E:61:D6:0B:A3:62:5B:13:EF:22:F5:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 600A2657B4CE80F1F34257C0D35BB5F02BE47889
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6b6ad0a-4421-4d1e-97dc-9ac638c3ee31.roa
Signing time: Thu 12 Mar 2026 15:40:01 +0000
ROA not before: Thu 12 Mar 2026 15:40:01 +0000
ROA not after: Wed 10 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:0a:26:57:b4:ce:80:f1:f3:42:57:c0:d3:5b:b5:f0:2b:e4:78:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 12 15:40:01 2026 GMT
Not After : Jun 10 23:59:59 2026 GMT
Subject: serialNumber=0f6fb98542a9a2c15190787c18f5cd981688e6e7692d34c6688994dc4e0e1104, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b3:f5:70:d1:d6:98:9a:d5:26:c8:43:42:b2:
0b:f9:f7:6c:f6:f3:45:cb:15:73:e3:83:ee:92:30:
1b:05:42:42:d3:f5:8c:70:d7:bd:3a:8f:58:d0:e7:
1e:c2:56:8e:a9:25:f5:15:f5:84:cb:b6:92:2b:ca:
d6:be:e8:4b:5e:f4:33:7c:97:53:d0:46:72:4f:fc:
91:c9:0c:36:16:6b:eb:ba:0d:56:5c:74:ab:0a:bb:
b2:33:ef:35:41:ca:5c:e9:9a:b9:7f:0d:ed:6c:65:
96:a2:5a:17:e5:3b:d8:a9:a6:ff:6e:f1:3e:90:88:
99:d8:68:d5:13:8e:cd:62:1b:5d:12:f5:01:fd:0a:
ca:2b:a7:00:36:c3:1a:55:e1:00:35:21:f8:b9:a8:
e1:d6:ed:34:ed:97:cf:02:99:58:22:0a:9a:3f:95:
06:d8:13:14:ca:94:97:74:fd:60:73:90:d8:4f:07:
77:c2:70:0f:92:57:a3:c2:0e:bf:87:2e:eb:54:f4:
e1:59:34:1f:2b:70:d7:4c:ee:70:05:91:61:da:65:
74:a8:84:04:84:d9:a8:6a:77:04:ac:f7:7f:91:24:
9d:e2:d9:d2:ac:3e:2a:85:ea:08:54:c4:6e:8b:db:
ed:91:dd:a8:6b:0c:f4:3f:72:df:e8:ec:56:ea:74:
55:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:45:F1:C5:B3:2F:27:CC:1E:61:D6:0B:A3:62:5B:13:EF:22:F5:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6b6ad0a-4421-4d1e-97dc-9ac638c3ee31.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:e040::/48
Signature Algorithm: sha256WithRSAEncryption
73:a8:56:6c:51:c8:89:4f:04:6e:21:20:48:0f:38:51:cf:4b:
11:4f:ee:d3:47:c0:0b:a7:be:e9:57:86:b5:e4:73:44:d8:14:
24:c2:ec:18:6f:d0:91:ef:7d:bb:71:b9:c9:64:2e:cc:d0:ea:
8b:cc:f2:d8:8e:17:22:39:1e:15:0e:02:81:dc:97:55:f1:89:
90:f6:e7:42:e5:57:6c:e3:64:38:b5:a3:b5:e9:d2:f5:60:d6:
b9:4f:42:6f:c5:5b:d3:c1:88:53:fd:7d:5d:22:76:54:e5:3f:
9e:f1:9c:ff:5d:60:65:59:ab:b5:5d:7d:30:7a:ae:a7:fb:47:
da:4a:02:7c:3a:c5:00:68:0f:cf:55:8b:4f:0f:5c:95:3f:a6:
c3:ef:2e:21:a3:c4:a5:c2:a5:ca:c0:14:53:3b:1e:94:9c:e7:
04:10:80:14:28:56:88:40:aa:39:18:37:97:f0:5c:d7:0d:f2:
ce:2e:41:1c:88:0d:bf:f9:5b:c8:40:05:72:4c:84:9e:96:d2:
c2:4d:ba:72:2e:49:c3:df:cd:27:f5:61:c0:56:73:da:cc:61:
d5:0d:e1:22:79:f8:df:06:be:8f:2b:1f:5b:d2:24:95:e1:06:
d4:a2:4a:37:d9:9e:db:a7:4f:93:ce:1a:e1:78:15:30:ae:93:
19:2f:2b:35
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYAomV7TOgPHzQlfA01u18CvkeIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMTIxNTQwMDFaFw0yNjA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNmZiOTg1NDJhOWEyYzE1MTkwNzg3YzE4ZjVjZDk4MTY4OGU2ZTc2OTJk
MzRjNjY4ODk5NGRjNGUwZTExMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCz9XDR1pia1SbIQ0KyC/n3bPbzRcsVc+OD7pIwGwVCQtP1jHDXvTqPWNDn
HsJWjqkl9RX1hMu2kivK1r7oS170M3yXU9BGck/8kckMNhZr67oNVlx0qwq7sjPv
NUHKXOmauX8N7WxllqJaF+U72Kmm/27xPpCImdho1ROOzWIbXRL1Af0KyiunADbD
GlXhADUh+Lmo4dbtNO2XzwKZWCIKmj+VBtgTFMqUl3T9YHOQ2E8Hd8JwD5JXo8IO
v4cu61T04Vk0Hytw10zucAWRYdpldKiEBITZqGp3BKz3f5EkneLZ0qw+KoXqCFTE
bovb7ZHdqGsM9D9y3+jsVup0VZMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTTRfHF
sy8nzB5h1gujYlsT7yL1zzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjZiNmFkMGEtNDQyMS00ZDFlLTk3ZGMtOWFjNjM4YzNlZTMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H3g
QDANBgkqhkiG9w0BAQsFAAOCAQEAc6hWbFHIiU8EbiEgSA84Uc9LEU/u00fAC6e+
6VeGteRzRNgUJMLsGG/Qke99u3G5yWQuzNDqi8zy2I4XIjkeFQ4CgdyXVfGJkPbn
QuVXbONkOLWjtenS9WDWuU9Cb8Vb08GIU/19XSJ2VOU/nvGc/11gZVmrtV19MHqu
p/tH2koCfDrFAGgPz1WLTw9clT+mw+8uIaPEpcKlysAUUzselJznBBCAFChWiECq
ORg3l/Bc1w3yzi5BHIgNv/lbyEAFckyEnpbSwk26ci5Jw9/NJ/VhwFZz2sxh1Q3h
Inn43wa+jysfW9IkleEG1KJKN9me26dPk84a4XgVMK6TGS8rNQ==
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:15:15 2026 by rpki-client