Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
File: 02484022-c79f-4464-827b-2127faff0b06.roa (raw, json)
Hash identifier: QpsmhzksrIvEmeTMNFXGG2k2InaXolEDUe5Ru5cWEZA=
Subject key identifier: FF:6D:0B:3F:AA:8B:14:E0:9B:0C:35:9A:9E:CA:04:6C:94:49:3E:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14226AFB82EAF9544F04B72E9509D02D67D49F1B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
Signing time: Fri 20 Feb 2026 01:51:12 +0000
ROA not before: Fri 20 Feb 2026 01:51:12 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:22:6a:fb:82:ea:f9:54:4f:04:b7:2e:95:09:d0:2d:67:d4:9f:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:51:12 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=062b98e2417470781d2944866fd490bdb5d14d40f8a7965f452e080bdc6e2381, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b1:b8:40:7e:3a:a9:08:97:9e:99:21:b2:da:
7f:09:63:e3:0f:da:0e:61:7b:bb:0f:c2:91:50:81:
cf:e4:bc:65:6d:7e:02:44:34:42:d1:fb:b8:a1:4e:
00:7c:cb:fc:88:84:6f:5b:a5:15:71:c6:c3:88:c4:
ec:0e:d8:e8:fe:f7:c7:d3:b1:ab:9d:04:73:d2:d0:
c5:b6:f8:46:5d:a8:22:2d:87:59:41:40:fb:0d:4f:
50:36:a1:14:1e:c5:56:d6:a7:4f:0b:97:f4:c4:0c:
89:bf:18:35:30:85:77:99:2b:30:33:26:7d:57:d2:
c4:4f:22:01:9c:da:d4:1d:47:c9:f6:bd:e7:6e:5f:
25:ec:a5:9e:0b:03:e6:7b:8f:06:c4:14:13:1e:4c:
2b:0f:a4:e7:37:ec:32:1e:d0:e8:f3:5a:0e:19:29:
2a:d6:2b:5c:48:ca:16:91:a6:39:98:a7:ae:89:b6:
5a:68:68:a0:75:1d:8a:04:4e:c5:a0:21:52:5d:31:
19:8f:c8:19:6b:7d:6f:3f:01:8a:3c:92:e8:e4:2c:
5d:9c:4e:8e:a5:4c:2f:81:e1:f7:85:a7:44:26:b8:
84:a3:26:6c:46:6b:91:91:1f:c0:3d:4a:c0:22:34:
0c:b6:4d:56:e0:85:ce:db:1c:a3:b6:f0:ab:12:a1:
de:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:6D:0B:3F:AA:8B:14:E0:9B:0C:35:9A:9E:CA:04:6C:94:49:3E:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02484022-c79f-4464-827b-2127faff0b06.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030::/32
Signature Algorithm: sha256WithRSAEncryption
49:cc:c3:a5:fa:af:84:db:8c:ca:50:af:55:65:df:58:87:77:
82:af:ea:21:40:46:e3:a0:47:6d:fc:88:17:7d:6e:57:00:a0:
d4:e5:fc:0a:ed:ee:91:88:09:0c:f2:35:43:1b:8b:d3:cd:d4:
4a:b5:e4:75:63:d7:99:ac:e0:b4:47:ee:02:5d:53:03:da:e0:
84:6f:95:88:6d:02:8b:da:46:c2:c5:90:c5:ff:88:96:98:22:
86:64:4c:99:e4:e5:33:5b:40:29:fc:bd:1c:e0:20:f5:ac:b8:
57:50:1c:75:a0:f5:d3:f1:15:97:ff:d1:9f:27:61:f3:23:e9:
e2:55:da:d0:16:70:a6:8c:f8:0c:26:8a:26:29:95:66:9b:61:
e2:da:9b:3b:2f:3a:3b:f7:20:a1:70:5c:5d:72:77:d3:b2:6d:
aa:74:04:e5:bf:24:43:c7:c7:fc:a9:d7:d7:b8:45:92:39:47:
20:ae:22:44:7e:eb:ad:5f:c8:e7:f8:7e:1a:8c:bc:0b:58:48:
54:1c:1f:4e:e0:7b:f8:80:bb:9e:56:7a:ff:60:f4:19:71:11:
3e:bc:79:52:be:5e:0b:54:49:24:cb:5f:6b:f8:55:b2:87:1a:
31:9f:c1:9a:e2:e4:68:c7:10:c4:65:30:18:90:24:b3:a6:69:
13:a4:9c:8c
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUFCJq+4Lq+VRPBLculQnQLWfUnxswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUxMTJaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2MmI5OGUyNDE3NDcwNzgxZDI5NDQ4NjZmZDQ5MGJkYjVkMTRkNDBmOGE3
OTY1ZjQ1MmUwODBiZGM2ZTIzODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJaxuEB+OqkIl56ZIbLafwlj4w/aDmF7uw/CkVCBz+S8ZW1+AkQ0QtH7uKFO
AHzL/IiEb1ulFXHGw4jE7A7Y6P73x9Oxq50Ec9LQxbb4Rl2oIi2HWUFA+w1PUDah
FB7FVtanTwuX9MQMib8YNTCFd5krMDMmfVfSxE8iAZza1B1Hyfa9525fJeylngsD
5nuPBsQUEx5MKw+k5zfsMh7Q6PNaDhkpKtYrXEjKFpGmOZinrom2WmhooHUdigRO
xaAhUl0xGY/IGWt9bz8BijyS6OQsXZxOjqVML4Hh94WnRCa4hKMmbEZrkZEfwD1K
wCI0DLZNVuCFztsco7bwqxKh3hkCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBT/bQs/
qosU4JsMNZqeygRslEk+pjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDI0ODQwMjItYzc5Zi00NDY0LTgyN2ItMjEyN2ZhZmYwYjA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DAw
DQYJKoZIhvcNAQELBQADggEBAEnMw6X6r4TbjMpQr1Vl31iHd4Kv6iFARuOgR238
iBd9blcAoNTl/Art7pGICQzyNUMbi9PN1Eq15HVj15ms4LRH7gJdUwPa4IRvlYht
AovaRsLFkMX/iJaYIoZkTJnk5TNbQCn8vRzgIPWsuFdQHHWg9dPxFZf/0Z8nYfMj
6eJV2tAWcKaM+AwmiiYplWabYeLamzsvOjv3IKFwXF1yd9Oybap0BOW/JEPHx/yp
19e4RZI5RyCuIkR+661fyOf4fhqMvAtYSFQcH07ge/iAu55Wev9g9BlxET68eVK+
XgtUSSTLX2v4VbKHGjGfwZri5GjHEMRlMBiQJLOmaROknIw=
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:01:51 2026 by rpki-client