Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
File: 15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa (raw, json)
Hash identifier: rn3BA1MJuXZH2AqJ1t5sPhwUyR3g2YOud/sDfcvJfJ0=
Subject key identifier: 55:B3:51:22:A0:CE:AE:48:29:65:90:90:0A:BA:B4:FD:0C:D5:B0:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 055B779304AC993800445F40EAAC42B156220696
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
Signing time: Sat 28 Feb 2026 05:50:45 +0000
ROA not before: Sat 28 Feb 2026 05:50:45 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:5b:77:93:04:ac:99:38:00:44:5f:40:ea:ac:42:b1:56:22:06:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:45 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=fa555c8e442fd7e39ddd7e65e5d4c19f1124ada076fd706e9e7d29e9dfd45761, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:0a:ca:e6:23:5b:9c:df:89:f9:cf:64:a1:b6:
92:18:4b:74:3c:d2:5b:56:f8:e1:23:d2:39:b4:6a:
0a:23:e5:46:09:54:d5:21:16:f7:20:64:2b:09:50:
ed:63:9d:8a:10:62:2b:45:98:60:25:41:b7:9c:74:
a8:b9:b4:5e:89:c7:00:e5:19:e5:c9:51:7e:02:86:
51:da:f1:0d:58:68:06:b9:4b:de:f2:72:66:a9:fd:
27:c1:41:99:d1:3c:b5:33:ea:76:e2:a6:44:9d:04:
9a:f2:4f:85:79:a0:14:4e:5e:36:09:b4:5c:ca:08:
74:98:2f:ba:94:40:ad:79:67:46:5b:17:a5:a6:07:
a5:8c:b0:7d:e9:96:ac:5e:b2:7f:fd:5c:6d:20:4c:
dd:0b:c9:2f:26:08:0d:1f:67:75:3b:54:a3:62:38:
80:0c:71:bd:f7:7d:24:3f:4e:79:c1:9a:86:20:97:
6b:65:69:45:30:61:57:b1:de:7b:2c:b2:74:4f:c3:
4c:d8:b7:79:1c:d0:c3:97:99:82:3b:13:30:8f:c1:
f0:1c:7e:62:88:2f:3f:9b:04:cd:c0:7d:91:f2:0d:
d6:9d:96:d8:67:92:3c:aa:5d:15:0c:4b:40:88:06:
2c:6e:22:60:17:d2:07:95:57:df:0c:c3:6e:3a:cf:
e7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:B3:51:22:A0:CE:AE:48:29:65:90:90:0A:BA:B4:FD:0C:D5:B0:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
11:83:ea:17:5d:30:9e:aa:5c:7f:21:80:ef:01:37:30:47:72:
ce:fa:cc:d7:b7:38:cf:0d:3c:00:95:ed:ba:46:eb:ae:7d:76:
fd:41:3a:de:ce:73:c3:13:8a:62:12:9a:b2:93:45:80:72:20:
50:ed:62:f3:45:6c:94:dc:88:e8:aa:db:18:de:b5:ae:c1:31:
34:da:46:c6:db:1b:fd:7c:31:c4:a4:58:40:d8:89:fa:b8:2e:
62:df:54:32:d9:a0:ef:3e:2c:37:3b:db:c4:50:88:20:22:c8:
b4:2b:13:19:37:1d:b6:5f:fa:2e:04:c0:3a:d7:70:1b:69:21:
ba:2f:3c:d6:89:d4:2e:6a:f0:69:f4:62:2f:e0:22:49:f5:85:
0d:3a:2d:02:be:aa:56:d2:3b:0f:57:f7:95:50:81:1c:c3:d1:
ea:3c:86:96:54:df:7c:c0:e4:0d:30:d5:f3:81:f1:5f:22:a1:
59:ce:c5:cc:bf:30:47:d2:d0:0c:48:b4:f1:57:9f:2a:06:83:
c9:6b:fd:47:32:4e:98:0a:16:1c:13:75:51:1a:31:7b:b4:b0:
96:4d:06:83:02:34:f2:8c:4d:1f:cd:05:44:ba:bc:44:89:3a:
9e:79:30:8c:d1:44:ee:46:bf:2b:90:96:46:b9:07:c6:28:e9:
ab:e9:af:03
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBVt3kwSsmTgARF9A6qxCsVYiBpYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwNDVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhNTU1YzhlNDQyZmQ3ZTM5ZGRkN2U2NWU1ZDRjMTlmMTEyNGFkYTA3NmZk
NzA2ZTllN2QyOWU5ZGZkNDU3NjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANcKyuYjW5zfifnPZKG2khhLdDzSW1b44SPSObRqCiPlRglU1SEW9yBkKwlQ
7WOdihBiK0WYYCVBt5x0qLm0XonHAOUZ5clRfgKGUdrxDVhoBrlL3vJyZqn9J8FB
mdE8tTPqduKmRJ0EmvJPhXmgFE5eNgm0XMoIdJgvupRArXlnRlsXpaYHpYywfemW
rF6yf/1cbSBM3QvJLyYIDR9ndTtUo2I4gAxxvfd9JD9OecGahiCXa2VpRTBhV7He
eyyydE/DTNi3eRzQw5eZgjsTMI/B8Bx+YogvP5sEzcB9kfIN1p2W2GeSPKpdFQxL
QIgGLG4iYBfSB5VX3wzDbjrP5x0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRVs1Ei
oM6uSCllkJAKurT9DNWwmzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTVkZTAwNGItY2QwZi00NGExLTk5YjEtNGUyZTcxZmYwN2QxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
wDANBgkqhkiG9w0BAQsFAAOCAQEAEYPqF10wnqpcfyGA7wE3MEdyzvrM17c4zw08
AJXtukbrrn12/UE63s5zwxOKYhKaspNFgHIgUO1i80VslNyI6KrbGN61rsExNNpG
xtsb/XwxxKRYQNiJ+rguYt9UMtmg7z4sNzvbxFCIICLItCsTGTcdtl/6LgTAOtdw
G2khui881onULmrwafRiL+AiSfWFDTotAr6qVtI7D1f3lVCBHMPR6jyGllTffMDk
DTDV84HxXyKhWc7FzL8wR9LQDEi08VefKgaDyWv9RzJOmAoWHBN1URoxe7Swlk0G
gwI08oxNH80FRLq8RIk6nnkwjNFE7ka/K5CWRrkHxijpq+mvAw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:21:39 2026 by rpki-client