Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa
File: 130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa (raw, json)
Hash identifier: eYkirZRfbGvQnRSxU0C19atU0NggjS/NIzSFXtZvaH0=
Subject key identifier: CD:A0:63:58:26:FF:4A:D7:AB:D9:85:65:F3:FD:52:C7:C2:6E:31:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30DEA7EA424B91B74FDAA1D21A8A577F82369B0D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa
Signing time: Tue 17 Feb 2026 03:10:06 +0000
ROA not before: Tue 17 Feb 2026 03:10:06 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:de:a7:ea:42:4b:91:b7:4f:da:a1:d2:1a:8a:57:7f:82:36:9b:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:06 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=2e90d973c1a66d3d3bc60d140cc0b562df84c6306e8eeb13d12f56daac375b22, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:db:73:0d:6a:dd:08:99:7c:d8:b9:5f:9f:17:
5e:3c:5d:bb:10:f8:ce:ad:de:ae:c0:5d:91:b1:0c:
e3:bc:af:a0:af:d6:8a:79:54:ce:5a:75:e2:37:b8:
d3:5f:8a:41:6c:7f:f8:61:ac:12:7d:3e:46:df:17:
12:60:54:9c:cb:2b:59:48:37:a5:05:88:15:bd:51:
f2:b0:5e:80:52:cf:a3:e7:69:20:8d:e6:a9:2e:23:
b6:6c:8a:52:8a:5f:db:65:40:28:f2:ab:a9:52:18:
d1:a4:01:6a:ff:22:d7:9b:2a:5c:ec:8b:1c:b4:68:
17:e7:24:6b:8d:54:25:d2:29:15:12:69:6e:29:1a:
f5:d0:90:fb:49:a2:7f:cc:f6:b3:8e:a3:88:25:50:
73:ab:de:57:1c:7c:0e:46:d6:a3:e2:7d:1e:81:86:
08:1b:98:bb:90:6c:54:6c:8f:67:be:e6:4e:c4:de:
14:a1:0b:cc:f6:85:07:df:b9:d9:9f:e4:10:fe:68:
58:a8:b8:1e:56:fd:93:98:bd:06:8a:b6:dd:43:7e:
b8:1a:bc:ae:34:3b:ae:4f:d6:8f:29:42:f4:c1:b6:
96:0e:2a:f7:08:2b:00:ae:50:54:17:8c:37:4d:b1:
67:db:52:f9:c7:f1:00:12:86:f7:03:c4:30:db:a1:
86:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A0:63:58:26:FF:4A:D7:AB:D9:85:65:F3:FD:52:C7:C2:6E:31:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
3f:6f:bd:2d:75:c2:b6:43:18:b5:0f:d6:54:78:98:8e:70:c9:
e9:12:10:6a:f2:77:71:75:ab:a5:61:6f:1d:e4:8b:4a:ce:b8:
27:8a:01:95:af:4a:dc:43:24:f6:a7:ff:ef:6f:e9:39:82:f2:
28:bb:91:ca:d3:c3:6c:82:c1:c8:f8:86:1f:e5:0d:82:00:42:
45:d3:48:aa:e5:90:0a:7d:33:ce:b9:ef:cd:66:22:eb:44:29:
3f:d9:d3:bd:de:6d:ea:12:91:e6:bb:95:c2:13:94:68:ca:f4:
a0:7c:39:0e:4e:96:b0:b8:26:61:a1:f9:69:fa:66:ed:c6:e8:
de:a5:ab:3b:cd:f0:e5:ba:25:1f:70:9d:38:ed:97:c0:34:13:
21:47:1d:03:79:2e:1d:95:ac:d7:93:45:cf:ba:e5:27:45:84:
c9:49:67:6b:3d:07:df:44:0c:28:d0:05:f5:c7:46:0c:3f:b6:
e3:cd:73:a0:08:67:39:5d:74:fa:8f:ce:db:4a:73:49:49:31:
b9:18:e5:2b:ca:0b:ad:84:11:89:50:a7:03:3f:b2:6e:32:c3:
f5:60:a1:c4:e8:dc:d8:84:7f:27:07:92:d6:c1:91:df:1b:cf:
14:48:89:34:01:b2:96:4f:ef:d6:ff:36:53:37:66:b8:b6:08:
45:fc:94:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMN6n6kJLkbdP2qHSGopXf4I2mw0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMDZaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlOTBkOTczYzFhNjZkM2QzYmM2MGQxNDBjYzBiNTYyZGY4NGM2MzA2ZThl
ZWIxM2QxMmY1NmRhYWMzNzViMjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXbcw1q3QiZfNi5X58XXjxduxD4zq3ersBdkbEM47yvoK/WinlUzlp14je4
01+KQWx/+GGsEn0+Rt8XEmBUnMsrWUg3pQWIFb1R8rBegFLPo+dpII3mqS4jtmyK
Uopf22VAKPKrqVIY0aQBav8i15sqXOyLHLRoF+cka41UJdIpFRJpbika9dCQ+0mi
f8z2s46jiCVQc6veVxx8DkbWo+J9HoGGCBuYu5BsVGyPZ77mTsTeFKELzPaFB9+5
2Z/kEP5oWKi4Hlb9k5i9Boq23UN+uBq8rjQ7rk/WjylC9MG2lg4q9wgrAK5QVBeM
N02xZ9tS+cfxABKG9wPEMNuhhpcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTNoGNY
Jv9K16vZhWXz/VLHwm4xWzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTMwYmI1MTgtY2EzNi00M2VkLWI4ZGQtMDM0NWY1YzFiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng
MA0GCSqGSIb3DQEBCwUAA4IBAQA/b70tdcK2Qxi1D9ZUeJiOcMnpEhBq8ndxdaul
YW8d5ItKzrgnigGVr0rcQyT2p//vb+k5gvIou5HK08NsgsHI+IYf5Q2CAEJF00iq
5ZAKfTPOue/NZiLrRCk/2dO93m3qEpHmu5XCE5RoyvSgfDkOTpawuCZhoflp+mbt
xujepas7zfDluiUfcJ047ZfANBMhRx0DeS4dlazXk0XPuuUnRYTJSWdrPQffRAwo
0AX1x0YMP7bjzXOgCGc5XXT6j87bSnNJSTG5GOUryguthBGJUKcDP7JuMsP1YKHE
6NzYhH8nB5LWwZHfG88USIk0AbKWT+/W/zZTN2a4tghF/JSB
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:17:54 2026 by rpki-client