Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa
File: 28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa (raw, json)
Hash identifier: A+x54qqqvplUP0HVxqdeLzikM7QyYVp5FOvQ7XhrOvY=
Subject key identifier: 6C:F4:7E:54:2D:73:BE:AA:5A:96:D4:22:D1:14:C8:B7:2F:10:9A:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 768CCFCF2531940E5DED390A60AF8C624403959C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa
Signing time: Tue 19 May 2026 05:31:02 +0000
ROA not before: Tue 19 May 2026 05:31:02 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:8c:cf:cf:25:31:94:0e:5d:ed:39:0a:60:af:8c:62:44:03:95:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:31:02 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=1721ac3e8e255ebd70e4136a2e35bc3eaa13441b4f89e8681c4fdbace003b7dc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:03:6e:d3:32:1d:78:e4:03:63:30:f3:d6:d5:
bf:ee:ed:8b:79:2c:5c:9e:d6:00:a9:3e:2f:41:40:
4c:94:e0:57:0c:86:1c:87:95:6b:b0:8b:4c:78:79:
a9:91:b7:6a:8d:0c:f7:f5:f5:69:2a:4c:ef:28:07:
a7:32:d4:a5:de:1a:28:08:ff:e4:58:40:36:f5:be:
ae:6e:c8:e7:d5:e9:57:81:84:73:b8:8a:d3:73:bf:
48:5e:76:9f:ef:98:cd:d5:ae:13:57:80:75:8c:26:
5d:2c:f5:f1:a7:8d:9b:64:73:5f:5f:b4:0f:28:c1:
4b:92:da:f9:81:eb:2c:e2:9f:5a:97:40:97:63:4d:
40:dc:1e:2c:46:61:ce:2f:e5:51:a2:9d:28:41:8f:
b4:76:2d:b1:9b:48:00:f9:99:3a:a4:7d:dc:88:4d:
0d:36:7e:ab:a9:0c:4e:cd:bf:c7:a4:dc:fb:ad:2e:
c5:41:04:80:41:1f:b7:9c:f7:29:c3:7d:ef:24:6e:
ec:5e:b7:eb:a3:9e:64:e8:36:00:cb:43:b4:1b:f0:
35:41:0e:eb:01:0a:1c:a9:f3:69:01:0c:fc:29:89:
c7:9d:87:63:5a:fc:53:6d:70:bc:29:f7:f4:21:5b:
16:93:43:5f:bb:7c:7e:8f:7e:00:76:0a:39:77:ec:
7d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F4:7E:54:2D:73:BE:AA:5A:96:D4:22:D1:14:C8:B7:2F:10:9A:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
4a:dd:4f:b7:ff:b9:e5:27:f5:9b:f5:85:e1:d4:9c:8f:5b:fc:
b5:8a:1e:21:d9:e0:84:22:3a:87:ae:90:a5:0a:23:68:1e:9d:
58:03:f6:9d:bc:6c:64:5c:78:a2:6a:94:fb:a5:11:fb:96:0c:
8d:9e:bb:34:ab:a4:20:b7:bc:6c:2c:2d:df:98:c7:8a:5d:0b:
3e:39:57:03:87:a4:68:c8:59:ff:82:07:53:b8:42:57:bd:9a:
29:5f:b3:04:a5:28:e0:e3:0c:70:ae:4f:42:b3:92:2d:36:85:
da:a0:b4:32:20:55:8b:18:d4:d7:00:00:01:18:3f:26:d1:66:
a7:78:b2:bc:17:9b:2f:2f:e2:39:09:cf:2f:90:43:f7:40:3c:
1c:96:99:77:2c:d9:1d:3e:d1:9b:28:ee:55:84:3f:a8:67:af:
22:fe:b9:bf:90:be:bd:51:e9:00:05:cb:31:32:0c:b3:9b:b1:
b9:7d:90:3a:1a:c1:ff:92:26:e1:db:8a:9e:e4:27:e1:28:4b:
a5:0e:c4:44:3a:ed:1a:f5:7c:24:9c:46:88:49:76:2d:a5:80:
29:b0:56:a6:59:be:01:0b:7a:fa:3d:10:0d:b2:cc:92:f0:da:
5f:3d:b1:bb:75:37:7c:f5:3f:87:ff:77:ef:73:8e:42:e9:b7:
25:c9:ef:ab
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdozPzyUxlA5d7TkKYK+MYkQDlZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMxMDJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3MjFhYzNlOGUyNTVlYmQ3MGU0MTM2YTJlMzViYzNlYWExMzQ0MWI0Zjg5
ZTg2ODFjNGZkYmFjZTAwM2I3ZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEDbtMyHXjkA2Mw89bVv+7ti3ksXJ7WAKk+L0FATJTgVwyGHIeVa7CLTHh5
qZG3ao0M9/X1aSpM7ygHpzLUpd4aKAj/5FhANvW+rm7I59XpV4GEc7iK03O/SF52
n++YzdWuE1eAdYwmXSz18aeNm2RzX1+0DyjBS5La+YHrLOKfWpdAl2NNQNweLEZh
zi/lUaKdKEGPtHYtsZtIAPmZOqR93IhNDTZ+q6kMTs2/x6Tc+60uxUEEgEEft5z3
KcN97yRu7F6366OeZOg2AMtDtBvwNUEO6wEKHKnzaQEM/CmJx52HY1r8U21wvCn3
9CFbFpNDX7t8fo9+AHYKOXfsfaECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRs9H5U
LXO+qlqW1CLRFMi3LxCa+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjhmYzQzYWQtMGMzYi00ZDc3LWFhMzItNWVmYzQzMWU2OWMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
4DANBgkqhkiG9w0BAQsFAAOCAQEASt1Pt/+55Sf1m/WF4dScj1v8tYoeIdnghCI6
h66QpQojaB6dWAP2nbxsZFx4omqU+6UR+5YMjZ67NKukILe8bCwt35jHil0LPjlX
A4ekaMhZ/4IHU7hCV72aKV+zBKUo4OMMcK5PQrOSLTaF2qC0MiBVixjU1wAAARg/
JtFmp3iyvBebLy/iOQnPL5BD90A8HJaZdyzZHT7RmyjuVYQ/qGevIv65v5C+vVHp
AAXLMTIMs5uxuX2QOhrB/5Im4duKnuQn4ShLpQ7ERDrtGvV8JJxGiEl2LaWAKbBW
plm+AQt6+j0QDbLMkvDaXz2xu3U3fPU/h/9373OOQum3Jcnvqw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:35 2026 by rpki-client