Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
File: 11f67075-d744-49be-809b-fca0d72c41e0.roa (raw, json)
Hash identifier: QjyEGTvKByVebf/9JmSUUjDVkclkK/tAmQFa67EgTWY=
Subject key identifier: A4:C1:77:37:2F:9D:6A:6B:83:68:16:37:CC:A9:DE:6F:61:FA:1C:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E54FD5D5C9D718550BBEAB90F5F623BC925A827
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
Signing time: Tue 19 May 2026 04:40:08 +0000
ROA not before: Tue 19 May 2026 04:40:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:54:fd:5d:5c:9d:71:85:50:bb:ea:b9:0f:5f:62:3b:c9:25:a8:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=b63b53576615cef89e9938d126293fdea9357f9ba035e5d7eaf327bc85f91bbf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d3:35:5d:f9:ec:ca:ed:c8:a1:63:6f:0f:70:
03:c6:05:da:a6:49:cc:8b:54:2d:fd:1b:9b:b0:3f:
6d:af:fb:6e:39:bb:ea:fa:b0:56:44:2a:3d:da:ca:
65:0c:71:ba:19:48:b9:78:0e:43:5c:00:e0:31:89:
d7:c5:d6:1b:1f:ef:3b:49:fc:b9:af:03:23:da:c9:
2f:94:0a:a9:4a:43:0e:42:13:cf:d3:79:17:4d:0c:
81:4d:9e:61:eb:b2:2c:b9:d9:5a:55:ef:f6:eb:4e:
26:fc:59:26:de:2d:f9:53:9b:ac:d7:4a:41:24:c2:
f2:04:13:92:3f:0d:1f:55:ab:ef:89:2a:ea:75:df:
7a:cf:74:59:30:7f:30:48:0c:78:29:85:52:e7:15:
b1:fc:7f:e7:0b:8e:b9:d0:5a:6a:0e:c1:67:88:bd:
f7:10:97:13:dc:59:2d:90:85:c9:74:e9:c2:68:c6:
9f:d2:0c:ba:7f:23:af:e6:8d:c8:ff:21:a0:c7:7c:
ee:7b:d5:25:7b:90:37:9d:7a:0e:f4:4d:89:6d:5f:
f1:85:42:61:fc:ae:d6:bc:dc:e1:b4:bd:14:f5:6b:
27:39:2a:03:aa:96:fc:ba:17:8e:b6:b8:5d:2a:ea:
59:8e:9f:bc:68:be:06:11:9f:d6:aa:67:c6:4c:41:
b9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C1:77:37:2F:9D:6A:6B:83:68:16:37:CC:A9:DE:6F:61:FA:1C:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:2000::/40
Signature Algorithm: sha256WithRSAEncryption
9a:44:ff:c8:3f:e9:e6:e8:5d:bb:cd:97:4a:43:30:b0:5c:cf:
83:68:bf:0f:c3:e4:6d:16:96:0a:66:05:75:51:b6:c9:79:cf:
6e:91:7f:84:82:32:bd:91:a7:37:14:5e:ef:f2:6d:e5:60:c0:
db:59:cb:ce:b9:7e:29:cd:d9:d9:5d:73:67:9e:32:3a:22:ab:
d1:b1:d2:d6:55:54:bc:16:d7:e8:f8:38:ba:64:a7:5f:49:df:
a1:23:60:83:45:c1:34:f4:63:bc:19:52:ce:ce:04:bd:6c:31:
ad:25:6b:f0:c9:43:2a:88:b1:c0:06:42:87:70:13:ff:f8:2e:
c6:ce:5a:61:ac:ba:bc:a9:fc:fe:89:f3:68:de:2b:fb:1d:34:
dd:15:84:62:30:1b:93:d7:11:ba:fd:20:ee:46:39:d8:1b:36:
b2:7b:56:d3:62:e5:0d:f9:c5:c9:c8:05:42:73:47:82:f5:0b:
91:19:83:ba:83:ab:37:59:2c:65:2e:04:88:d6:18:90:15:dc:
4b:01:87:0e:49:8b:d1:22:04:7e:0a:a6:44:2e:1c:0e:cd:1b:
50:ae:ff:71:93:32:d0:0b:fd:0e:39:8b:d5:c8:67:5d:2b:e5:
36:74:67:9a:f3:aa:d8:b9:f0:d8:f6:5a:6d:8e:48:7a:81:c5:
51:09:ef:42
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXlT9XVydcYVQu+q5D19iO8klqCcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2M2I1MzU3NjYxNWNlZjg5ZTk5MzhkMTI2MjkzZmRlYTkzNTdmOWJhMDM1
ZTVkN2VhZjMyN2JjODVmOTFiYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHTNV357MrtyKFjbw9wA8YF2qZJzItULf0bm7A/ba/7bjm76vqwVkQqPdrK
ZQxxuhlIuXgOQ1wA4DGJ18XWGx/vO0n8ua8DI9rJL5QKqUpDDkITz9N5F00MgU2e
YeuyLLnZWlXv9utOJvxZJt4t+VObrNdKQSTC8gQTkj8NH1Wr74kq6nXfes90WTB/
MEgMeCmFUucVsfx/5wuOudBaag7BZ4i99xCXE9xZLZCFyXTpwmjGn9IMun8jr+aN
yP8hoMd87nvVJXuQN516DvRNiW1f8YVCYfyu1rzc4bS9FPVrJzkqA6qW/LoXjra4
XSrqWY6fvGi+BhGf1qpnxkxBufkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSkwXc3
L51qa4NoFjfMqd5vYfocYTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFmNjcwNzUtZDc0NC00OWJlLTgwOWItZmNhMGQ3MmM0MWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hgg
MA0GCSqGSIb3DQEBCwUAA4IBAQCaRP/IP+nm6F27zZdKQzCwXM+DaL8Pw+RtFpYK
ZgV1UbbJec9ukX+EgjK9kac3FF7v8m3lYMDbWcvOuX4pzdnZXXNnnjI6IqvRsdLW
VVS8Ftfo+Di6ZKdfSd+hI2CDRcE09GO8GVLOzgS9bDGtJWvwyUMqiLHABkKHcBP/
+C7GzlphrLq8qfz+ifNo3iv7HTTdFYRiMBuT1xG6/SDuRjnYGzaye1bTYuUN+cXJ
yAVCc0eC9QuRGYO6g6s3WSxlLgSI1hiQFdxLAYcOSYvRIgR+CqZELhwOzRtQrv9x
kzLQC/0OOYvVyGddK+U2dGea86rYufDY9lptjkh6gcVRCe9C
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:55 2026 by rpki-client