Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
File: 144286ab-f239-401f-a4ef-706749b0d570.roa (raw, json)
Hash identifier: JtZiPKI6pUKYziZLPVnSuqBDvIfIWyDFyDp/cmBd45k=
Subject key identifier: D4:A0:20:96:2E:04:9F:E3:3F:4C:9F:E9:7A:19:1F:04:6D:B0:A8:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7711E7B4D68CF06FED49ABCE6BB7AFAF612DD1ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
Signing time: Tue 19 May 2026 04:50:35 +0000
ROA not before: Tue 19 May 2026 04:50:35 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:11:e7:b4:d6:8c:f0:6f:ed:49:ab:ce:6b:b7:af:af:61:2d:d1:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:35 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=6ff43733f953e45b980731809bb4fd5c69e7ada55750bb9de211986446e08978, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fd:f8:2e:00:7a:cd:2d:d8:f6:d9:a7:b1:f4:
1b:79:06:ca:2f:cc:ff:e4:ac:0f:2c:09:65:a1:e3:
fc:cf:4b:a4:13:a6:4c:20:f8:ca:a2:9e:be:0b:1b:
43:61:fa:f3:74:f4:5f:07:ea:f8:50:f6:7c:65:5e:
98:91:7a:f5:d2:3f:0b:54:32:f2:7d:b4:38:13:ea:
cc:00:2f:5d:b0:9c:31:c0:de:cf:49:7e:cf:a3:31:
3e:04:58:1c:ac:c4:62:9d:46:8a:2d:ac:a1:04:a1:
72:93:f9:25:9d:e8:c8:17:38:ca:9c:fb:83:8f:43:
32:04:bb:36:06:23:eb:22:5e:9a:db:80:16:7a:74:
dc:fa:bf:cf:47:56:a5:a8:fd:4a:f2:72:58:9b:52:
b0:63:db:ec:2c:cc:93:40:b3:7a:e0:6a:fd:85:20:
fb:88:ec:d7:c0:b0:90:f0:8c:8c:d8:11:cc:f3:0a:
aa:5f:91:b7:4e:10:50:39:ba:23:60:e6:f4:61:1a:
ec:0b:ed:ec:ca:93:05:25:83:c5:7b:2e:cf:dd:08:
d4:44:58:43:6e:28:48:07:e1:10:53:7d:bf:84:ca:
f6:16:e3:eb:ba:8f:a6:dc:17:30:7a:12:67:4e:b9:
ba:19:22:c9:07:11:e9:73:94:eb:21:65:d3:1d:ae:
92:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A0:20:96:2E:04:9F:E3:3F:4C:9F:E9:7A:19:1F:04:6D:B0:A8:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/144286ab-f239-401f-a4ef-706749b0d570.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
31:26:d2:49:6d:5e:27:a8:f9:d7:fa:c2:87:40:66:aa:a2:7f:
c4:01:94:ba:ef:a3:49:88:f0:3a:74:dc:37:8b:88:d3:c0:01:
85:0c:92:a4:93:71:f1:df:5a:3d:9f:da:fd:59:d4:fb:55:ab:
d9:4d:27:8d:ca:db:70:f0:88:f2:9c:91:8a:db:ea:c9:cc:aa:
9c:cb:32:ba:a2:11:4a:ec:cc:15:da:21:d4:29:92:36:fd:64:
d7:d7:d8:e8:0c:4f:1a:41:01:0e:12:f9:82:ff:1f:51:89:ff:
47:8e:7c:23:10:1d:48:81:2e:ed:72:18:b4:0e:2c:ad:40:54:
fb:dc:95:ea:cc:2e:42:c6:4b:29:af:f0:93:6e:bf:8a:cd:98:
24:da:c4:2b:79:38:3f:df:51:2e:ee:11:d4:15:a0:b4:b5:6d:
6a:16:b3:d0:56:d3:76:ea:ac:d1:96:8c:b5:9e:a9:6e:25:98:
77:70:66:74:03:a6:c1:74:bd:1a:33:b2:e5:3f:82:99:fd:cb:
9b:5c:45:0c:2f:ef:23:ad:89:8c:b1:07:3e:8d:ec:41:a2:9b:
8c:aa:10:f5:1c:88:4a:e0:5d:af:c1:d6:65:c5:27:97:09:b3:
f3:fa:6f:a6:a3:0a:df:33:c6:ec:f4:66:65:c0:60:f7:f0:27:
c7:0f:46:dc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdxHntNaM8G/tSavOa7evr2Et0e0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMzVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmZjQzNzMzZjk1M2U0NWI5ODA3MzE4MDliYjRmZDVjNjllN2FkYTU1NzUw
YmI5ZGUyMTE5ODY0NDZlMDg5NzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALH9+C4Aes0t2PbZp7H0G3kGyi/M/+SsDywJZaHj/M9LpBOmTCD4yqKevgsb
Q2H683T0Xwfq+FD2fGVemJF69dI/C1Qy8n20OBPqzAAvXbCcMcDez0l+z6MxPgRY
HKzEYp1Gii2soQShcpP5JZ3oyBc4ypz7g49DMgS7NgYj6yJemtuAFnp03Pq/z0dW
paj9SvJyWJtSsGPb7CzMk0CzeuBq/YUg+4js18CwkPCMjNgRzPMKql+Rt04QUDm6
I2Dm9GEa7Avt7MqTBSWDxXsuz90I1ERYQ24oSAfhEFN9v4TK9hbj67qPptwXMHoS
Z065uhkiyQcR6XOU6yFl0x2ukjMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTUoCCW
LgSf4z9Mn+l6GR8EbbCoLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTQ0Mjg2YWItZjIzOS00MDFmLWE0ZWYtNzA2NzQ5YjBkNTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
wDANBgkqhkiG9w0BAQsFAAOCAQEAMSbSSW1eJ6j51/rCh0BmqqJ/xAGUuu+jSYjw
OnTcN4uI08ABhQySpJNx8d9aPZ/a/VnU+1Wr2U0njcrbcPCI8pyRitvqycyqnMsy
uqIRSuzMFdoh1CmSNv1k19fY6AxPGkEBDhL5gv8fUYn/R458IxAdSIEu7XIYtA4s
rUBU+9yV6swuQsZLKa/wk26/is2YJNrEK3k4P99RLu4R1BWgtLVtahaz0FbTduqs
0ZaMtZ6pbiWYd3BmdAOmwXS9GjOy5T+Cmf3Lm1xFDC/vI62JjLEHPo3sQaKbjKoQ
9RyISuBdr8HWZcUnlwmz8/pvpqMK3zPG7PRmZcBg9/Anxw9G3A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:26:43 2026 by rpki-client