Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
File: 278dd4fa-de02-446c-a4ac-184c5f35a577.roa (raw, json)
Hash identifier: 7hkEU+gO3Yg5V+q93ta7RTD93XYtttaUF/mWcpKBOoI=
Subject key identifier: B0:D2:B4:2C:FC:45:F3:C1:1E:C0:40:2E:2A:4B:0C:0A:20:A6:CD:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66DD5443593F63D7E0FC2C1C0A7DC38AFD6F40E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
Signing time: Sat 28 Feb 2026 06:20:07 +0000
ROA not before: Sat 28 Feb 2026 06:20:07 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:dd:54:43:59:3f:63:d7:e0:fc:2c:1c:0a:7d:c3:8a:fd:6f:40:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:20:07 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=eb709b39a1bc20b28bde55a2e7505021b6f08c3ca29f1c328ed6768388bda1ce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:42:65:ad:bd:f3:67:e1:2a:72:08:70:cf:03:
f7:2a:0e:41:e6:89:cf:a8:a1:b0:5c:aa:22:db:c6:
e4:f7:05:6d:ae:a5:ef:bd:7c:2d:97:30:25:7d:39:
a0:66:de:a3:54:2d:b4:c2:1e:db:06:0f:9d:3b:2c:
68:1c:6a:da:04:a0:2c:d2:7f:62:1b:da:72:0a:ba:
78:43:72:03:48:08:93:89:56:82:7e:f6:ec:c5:f9:
9d:9a:d2:f2:97:b2:8f:b4:cd:6d:6f:54:9c:ff:f4:
a7:87:1e:3e:11:05:f1:c5:c0:05:1b:b2:58:98:8e:
a7:d7:dc:d5:ec:73:dd:f1:fd:fd:ea:c7:7c:52:c6:
ad:33:44:11:d8:11:03:e2:6b:58:67:fd:ef:3a:19:
f5:a4:87:72:c2:43:f8:17:0f:68:03:1f:40:5c:1a:
2c:44:0e:16:41:88:43:b3:a0:2f:85:a6:df:f5:25:
fb:f5:7d:bd:25:8c:45:1b:e7:4b:29:31:db:b0:12:
18:72:9c:28:50:0e:1d:08:64:be:8e:86:f0:4a:04:
b8:12:5e:1a:cc:36:d4:24:81:15:18:6c:b2:b0:5c:
32:8f:45:f6:15:dc:4c:24:45:55:e2:ce:90:2a:b0:
52:a0:02:9b:51:3a:9a:a3:0b:ee:de:5c:a6:a0:bc:
eb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:D2:B4:2C:FC:45:F3:C1:1E:C0:40:2E:2A:4B:0C:0A:20:A6:CD:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
37:ea:38:28:95:ad:3e:f5:73:69:47:4b:40:07:ad:94:0e:af:
6a:f3:bc:76:53:8f:b1:e3:04:83:b8:b4:35:a4:c0:01:7a:ae:
53:ff:02:59:2b:3e:79:4b:c4:40:38:b1:9b:2b:78:b2:ce:05:
2e:55:ae:14:fd:8d:cb:5a:54:64:db:4e:2f:21:da:69:d7:ad:
04:4e:61:a3:a4:f6:c6:8b:5e:bb:cb:64:c1:d8:60:89:53:40:
7f:55:bd:70:8e:ea:e6:06:d5:ab:b8:ad:17:23:26:f7:2a:7f:
90:1b:b3:f7:34:63:ba:41:07:88:52:5e:37:0c:7b:71:a2:ae:
22:0d:d1:93:c0:62:ee:af:9c:3a:16:e5:c4:cd:b5:3c:69:de:
f0:47:13:c7:d1:62:e8:a0:06:6b:d7:ca:23:02:88:ea:5b:98:
c5:53:55:25:c8:f2:df:da:86:6c:02:12:0f:ea:63:0b:93:86:
22:28:f3:01:7d:19:a3:09:7f:30:89:ef:c0:54:20:25:21:65:
c7:ff:e8:91:34:a8:f0:14:a6:66:81:04:dd:95:fd:fd:9f:0e:
56:7a:dc:73:10:f7:78:45:2e:c9:d8:7a:7f:88:a1:aa:b6:e9:
e2:e3:25:60:1b:8a:7d:da:97:65:b5:f0:01:ab:ea:7a:5d:97:
d9:c4:e0:71
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZt1UQ1k/Y9fg/CwcCn3Div1vQOEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIwMDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGViNzA5YjM5YTFiYzIwYjI4YmRlNTVhMmU3NTA1MDIxYjZmMDhjM2NhMjlm
MWMzMjhlZDY3NjgzODhiZGExY2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhCZa2982fhKnIIcM8D9yoOQeaJz6ihsFyqItvG5PcFba6l7718LZcwJX05
oGbeo1QttMIe2wYPnTssaBxq2gSgLNJ/Yhvacgq6eENyA0gIk4lWgn727MX5nZrS
8peyj7TNbW9UnP/0p4cePhEF8cXABRuyWJiOp9fc1exz3fH9/erHfFLGrTNEEdgR
A+JrWGf97zoZ9aSHcsJD+BcPaAMfQFwaLEQOFkGIQ7OgL4Wm3/Ul+/V9vSWMRRvn
Sykx27ASGHKcKFAOHQhkvo6G8EoEuBJeGsw21CSBFRhssrBcMo9F9hXcTCRFVeLO
kCqwUqACm1E6mqML7t5cpqC86/sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSw0rQs
/EXzwR7AQC4qSwwKIKbNdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4ZGQ0ZmEtZGUwMi00NDZjLWE0YWMtMTg0YzVmMzVhNTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+g
MA0GCSqGSIb3DQEBCwUAA4IBAQA36jgola0+9XNpR0tAB62UDq9q87x2U4+x4wSD
uLQ1pMABeq5T/wJZKz55S8RAOLGbK3iyzgUuVa4U/Y3LWlRk204vIdpp160ETmGj
pPbGi167y2TB2GCJU0B/Vb1wjurmBtWruK0XIyb3Kn+QG7P3NGO6QQeIUl43DHtx
oq4iDdGTwGLur5w6FuXEzbU8ad7wRxPH0WLooAZr18ojAojqW5jFU1UlyPLf2oZs
AhIP6mMLk4YiKPMBfRmjCX8wie/AVCAlIWXH/+iRNKjwFKZmgQTdlf39nw5Wetxz
EPd4RS7J2Hp/iKGqtuni4yVgG4p92pdltfABq+p6XZfZxOBx
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:49:06 2026 by rpki-client