Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
File: 27140a0d-612c-4da4-a60a-55c28faff6fe.roa (raw, json)
Hash identifier: EjxULwdiHDX17BXtGKAXQXGaCkCg0sPXDuQH+uvytNM=
Subject key identifier: E3:89:21:CD:95:0A:69:36:84:9C:18:EE:18:29:BB:6A:3D:DB:A4:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6ECCD90121E42F50F662911F10AFD0A00F7FC9C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
Signing time: Sat 28 Feb 2026 05:20:06 +0000
ROA not before: Sat 28 Feb 2026 05:20:06 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:cc:d9:01:21:e4:2f:50:f6:62:91:1f:10:af:d0:a0:0f:7f:c9:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:06 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=9ffd1c05216cb5616b8691e3677aae5ae480843172e857a9e7ea9ffc8c49ac11, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:28:e3:44:a5:8b:f7:a4:cf:3c:71:2a:11:02:
b2:c2:81:34:32:ab:1a:c5:60:be:dd:29:f6:37:db:
e1:73:87:16:f1:6b:76:26:9b:1c:c5:c1:12:eb:10:
5b:19:f6:a9:b0:a0:8f:29:9e:db:ee:df:a0:7d:85:
f9:16:68:30:7d:49:fe:95:ed:40:58:c4:c1:72:82:
e8:39:61:a9:ec:20:22:f5:9c:c7:87:1d:7b:2b:70:
26:30:7c:92:38:01:08:74:47:e8:96:6a:37:11:b1:
8d:13:47:84:1e:a5:d1:28:4b:74:e7:fa:58:7c:e2:
23:c6:9b:bc:7f:57:39:fb:1d:61:07:ec:e3:d5:e6:
b3:90:9f:f3:79:a7:30:b1:ec:85:22:b6:b1:80:f5:
6f:ec:cc:7c:17:93:42:a6:81:56:09:9c:d2:7c:88:
70:b6:29:22:dc:22:5a:8b:a2:27:cf:be:c3:d8:8b:
05:5c:26:be:27:fc:1d:00:59:82:ff:bf:1b:2d:57:
fd:05:d7:73:0b:eb:1f:f6:09:ba:2b:ff:8f:7e:99:
f4:c4:75:97:0a:19:58:ec:9e:9e:47:58:11:57:db:
2a:62:b8:f4:e6:0d:eb:78:90:22:cb:27:90:ae:83:
67:65:9d:e0:9d:87:a8:b6:77:1f:8c:34:01:fa:46:
f6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:89:21:CD:95:0A:69:36:84:9C:18:EE:18:29:BB:6A:3D:DB:A4:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:a3:dc:0f:33:9a:86:24:c5:56:91:c8:f5:7f:fc:c4:92:c5:
11:e0:04:c1:da:1c:44:25:4b:0f:36:10:3a:8a:36:ad:b6:e3:
1b:63:e3:ac:64:b3:9c:f3:41:65:e5:c7:c6:4c:d9:a3:d6:b0:
88:f1:f6:96:8e:35:4b:a3:5d:7e:db:41:0e:a4:6d:a5:60:d6:
e2:15:ef:d0:9a:24:19:0d:3e:f7:06:4f:f6:4c:a5:71:f2:a1:
26:ac:7f:2d:53:04:d3:e8:ad:c5:a7:0c:1d:76:ed:92:8b:61:
94:d3:33:df:e7:f7:1f:10:b8:c5:86:b9:3e:f8:b6:0d:bc:4a:
b4:b8:04:74:4d:77:25:bb:1a:a0:17:13:bb:e0:dc:77:ca:a9:
54:ae:af:f7:51:23:54:17:72:94:af:c9:be:2d:4e:c1:57:68:
c0:3c:85:7c:be:eb:4a:9a:68:44:10:ad:62:2b:03:d5:10:c3:
71:59:fd:69:5e:31:12:b4:f7:e6:1a:f5:c5:b4:3f:3d:e5:de:
84:62:85:06:29:95:e7:7f:ac:09:d2:b0:d6:2a:39:f5:25:28:
38:3b:ed:fc:6d:71:3f:3c:92:5c:b3:24:d9:d3:7a:cf:9d:b7:
9c:11:f2:66:63:b3:50:93:30:da:7a:de:bf:ff:76:1a:a8:06:
d5:43:93:ab
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbszZASHkL1D2YpEfEK/QoA9/ycgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmZmQxYzA1MjE2Y2I1NjE2Yjg2OTFlMzY3N2FhZTVhZTQ4MDg0MzE3MmU4
NTdhOWU3ZWE5ZmZjOGM0OWFjMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKso40Sli/ekzzxxKhECssKBNDKrGsVgvt0p9jfb4XOHFvFrdiabHMXBEusQ
Wxn2qbCgjyme2+7foH2F+RZoMH1J/pXtQFjEwXKC6DlhqewgIvWcx4cdeytwJjB8
kjgBCHRH6JZqNxGxjRNHhB6l0ShLdOf6WHziI8abvH9XOfsdYQfs49Xms5Cf83mn
MLHshSK2sYD1b+zMfBeTQqaBVgmc0nyIcLYpItwiWouiJ8++w9iLBVwmvif8HQBZ
gv+/Gy1X/QXXcwvrH/YJuiv/j36Z9MR1lwoZWOyenkdYEVfbKmK49OYN63iQIssn
kK6DZ2Wd4J2HqLZ3H4w0AfpG9p0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTjiSHN
lQppNoScGO4YKbtqPdukMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjcxNDBhMGQtNjEyYy00ZGE0LWE2MGEtNTVjMjhmYWZmNmZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQB+o9wPM5qGJMVWkcj1f/zEksUR4ATB2hxEJUsP
NhA6ijattuMbY+OsZLOc80Fl5cfGTNmj1rCI8faWjjVLo11+20EOpG2lYNbiFe/Q
miQZDT73Bk/2TKVx8qEmrH8tUwTT6K3Fpwwddu2Si2GU0zPf5/cfELjFhrk++LYN
vEq0uAR0TXcluxqgFxO74Nx3yqlUrq/3USNUF3KUr8m+LU7BV2jAPIV8vutKmmhE
EK1iKwPVEMNxWf1pXjEStPfmGvXFtD895d6EYoUGKZXnf6wJ0rDWKjn1JSg4O+38
bXE/PJJcsyTZ03rPnbecEfJmY7NQkzDaet6//3YaqAbVQ5Or
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:07 2026 by rpki-client