Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
File: 2d9f3120-fab9-43aa-973f-4142925b1416.roa (raw, json)
Hash identifier: y5CXXkJGKVDGJ13qMZdNUUldH5McyEqXT+OCcla0/F0=
Subject key identifier: 25:06:7B:AB:B2:F2:17:11:3E:12:A3:FF:C3:84:6C:51:36:03:43:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12EAC65F909AE34DA267C337A657DCC70F932340
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
Signing time: Sat 28 Feb 2026 06:20:47 +0000
ROA not before: Sat 28 Feb 2026 06:20:47 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:ea:c6:5f:90:9a:e3:4d:a2:67:c3:37:a6:57:dc:c7:0f:93:23:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:20:47 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=b5b382f54cba4d6d1c5293703dcb57883f9553f957843a54fed5b37fc434bdc8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b1:5b:4f:cf:be:fc:b1:99:90:3d:5c:ee:77:
8e:39:73:48:ad:46:8a:d7:bd:c2:af:f6:40:19:51:
54:42:36:ea:51:31:93:0f:43:30:90:28:16:68:d8:
8b:6a:ec:ba:27:0a:31:4b:6c:31:52:20:ea:48:9b:
56:34:47:90:13:d4:e3:7d:14:ac:9c:bb:a7:33:57:
cd:48:49:30:42:0d:41:a6:32:43:ea:27:67:b5:c5:
9b:d9:aa:d0:61:b8:e4:96:f4:3a:5b:c8:8e:9c:fa:
4b:89:23:30:3d:75:25:a6:83:e0:43:54:13:f7:cc:
77:7b:bc:ea:20:59:e9:1f:50:78:40:e6:81:1c:de:
67:9e:d4:49:41:bb:44:b2:62:21:f0:90:11:15:2a:
5f:2c:9d:8b:6a:2a:a9:e6:91:a2:ed:b9:fe:f3:85:
db:86:ff:f3:dc:3e:b0:8c:8d:17:e0:fe:91:75:40:
01:91:66:43:0d:41:c3:ad:80:8b:4b:db:e0:d1:2c:
1e:dd:6b:c3:63:21:e8:2e:82:49:f6:5d:8e:a8:90:
b9:5e:de:26:80:1b:65:70:ec:10:26:0e:0d:09:4e:
7d:7b:c2:4b:f3:ae:4d:f7:ae:d3:4b:e2:c6:36:5e:
5e:85:48:f5:c6:fa:d2:1a:3b:2a:b8:fc:98:11:17:
d1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:06:7B:AB:B2:F2:17:11:3E:12:A3:FF:C3:84:6C:51:36:03:43:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
84:03:4b:a2:c4:8b:27:5f:5f:58:f7:ac:1e:11:45:ee:82:a4:
df:e7:30:7c:06:e4:fe:ac:d3:dd:00:b4:94:c0:76:11:96:29:
d6:a3:f4:b3:65:d3:86:f7:d5:56:58:d7:7d:a5:ea:1a:75:ca:
ea:44:e1:81:c5:0a:f3:62:a5:36:82:3b:4a:af:59:02:bb:f9:
12:9a:af:11:77:bd:34:e4:cf:c5:1c:45:84:84:f1:c3:99:b3:
b8:b6:3a:dc:44:15:a2:a1:70:45:cf:fd:37:36:84:7e:77:8e:
ef:b5:11:55:33:5c:00:e7:cd:7b:5a:f6:a8:f4:18:81:6d:e9:
e4:d8:ed:17:26:02:4f:2d:0f:41:40:a3:16:27:c1:5e:a4:7b:
f9:76:e6:6b:ad:e0:67:b8:5f:4e:f3:5f:b8:b8:d0:e1:b6:f1:
c3:8f:52:a0:c6:7d:9f:5a:98:4f:ac:22:ea:7c:a6:ae:ed:5f:
88:f2:fb:ad:b2:bb:1b:22:11:25:fd:8d:05:a4:f5:46:7e:75:
c3:73:87:a5:fa:29:37:88:8b:3d:82:63:8a:2b:b2:61:82:3d:
46:d0:73:76:ed:40:28:b0:13:14:f4:58:95:e3:ca:35:fc:fd:
47:32:f4:24:39:56:7d:cd:4b:73:22:39:32:66:50:5d:b7:1f:
15:ae:b8:79
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEurGX5Ca402iZ8M3plfcxw+TI0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIwNDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1YjM4MmY1NGNiYTRkNmQxYzUyOTM3MDNkY2I1Nzg4M2Y5NTUzZjk1Nzg0
M2E1NGZlZDViMzdmYzQzNGJkYzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKKxW0/PvvyxmZA9XO53jjlzSK1Gite9wq/2QBlRVEI26lExkw9DMJAoFmjY
i2rsuicKMUtsMVIg6kibVjRHkBPU430UrJy7pzNXzUhJMEINQaYyQ+onZ7XFm9mq
0GG45Jb0OlvIjpz6S4kjMD11JaaD4ENUE/fMd3u86iBZ6R9QeEDmgRzeZ57USUG7
RLJiIfCQERUqXyydi2oqqeaRou25/vOF24b/89w+sIyNF+D+kXVAAZFmQw1Bw62A
i0vb4NEsHt1rw2Mh6C6CSfZdjqiQuV7eJoAbZXDsECYODQlOfXvCS/OuTfeu00vi
xjZeXoVI9cb60ho7Krj8mBEX0b8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQlBnur
svIXET4So//DhGxRNgNDazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmQ5ZjMxMjAtZmFiOS00M2FhLTk3M2YtNDE0MjkyNWIxNDE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAhANLosSLJ19fWPesHhFF7oKk3+cwfAbk/qzT
3QC0lMB2EZYp1qP0s2XThvfVVljXfaXqGnXK6kThgcUK82KlNoI7Sq9ZArv5Epqv
EXe9NOTPxRxFhITxw5mzuLY63EQVoqFwRc/9NzaEfneO77URVTNcAOfNe1r2qPQY
gW3p5NjtFyYCTy0PQUCjFifBXqR7+Xbma63gZ7hfTvNfuLjQ4bbxw49SoMZ9n1qY
T6wi6nymru1fiPL7rbK7GyIRJf2NBaT1Rn51w3OHpfopN4iLPYJjiiuyYYI9RtBz
du1AKLATFPRYlePKNfz9RzL0JDlWfc1LcyI5MmZQXbcfFa64eQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:27:02 2026 by rpki-client