Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/34c01ebb-9e77-41b5-a2ef-1caa5f389bf1.roa
File: 34c01ebb-9e77-41b5-a2ef-1caa5f389bf1.roa (raw, json)
Hash identifier: mQl8R2HA+Q+TkVc8YH+f8PVTY7lfTyUs8/AO7OoEqdo=
Subject key identifier: 70:93:59:A0:FF:E2:F4:F2:10:BD:2A:3D:0B:C9:FD:A8:88:CC:0D:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 375BE35DEE858D205CFE5E7DBE150ED92A821786
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/34c01ebb-9e77-41b5-a2ef-1caa5f389bf1.roa
Signing time: Wed 11 Feb 2026 01:30:09 +0000
ROA not before: Wed 11 Feb 2026 01:30:09 +0000
ROA not after: Tue 12 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:50c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:5b:e3:5d:ee:85:8d:20:5c:fe:5e:7d:be:15:0e:d9:2a:82:17:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 11 01:30:09 2026 GMT
Not After : May 12 23:59:59 2026 GMT
Subject: serialNumber=c70df4fdc8a90cb669583429d6c924dfd2211e2a3d62a72de64bdbc9c1a0464c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ac:53:bc:f0:58:36:17:5b:a7:8a:9f:92:c4:
bc:5c:e6:e3:9b:b0:21:2f:69:02:7c:5e:59:72:57:
96:00:03:f8:b5:5c:f1:ef:3e:e5:16:8b:3c:52:6a:
50:ca:28:45:b5:cd:93:db:67:1f:b6:52:65:3a:6c:
43:da:c4:ed:28:bd:b6:2b:a5:2b:f7:86:12:9e:4d:
36:82:29:87:dc:70:86:87:76:9f:b0:b3:49:9f:b1:
2b:87:8b:74:0d:79:b4:87:55:28:f0:5a:ae:99:94:
e2:84:13:bc:a8:a0:90:eb:c5:a3:00:9a:84:35:d1:
64:09:fa:60:20:39:55:67:15:b2:59:b1:0c:f0:3c:
7a:50:a8:5d:b0:69:21:ec:6b:0d:33:a6:b6:f6:5f:
64:92:24:86:30:58:47:c3:2f:41:6b:e1:90:3c:6d:
e5:16:38:ae:2d:86:d4:de:9e:91:dd:bf:b6:a3:73:
08:71:ed:23:73:fd:eb:df:d9:a8:32:79:09:83:c9:
56:61:ad:59:4e:0a:13:7f:57:e4:54:fe:dc:d6:8d:
00:3e:fe:22:a7:1f:fe:34:cf:b7:d0:db:5d:dd:87:
50:62:c2:b6:38:5e:8c:f1:3a:03:32:7a:2b:93:85:
9b:89:38:8d:80:3e:e0:29:fa:e9:c1:27:df:d3:3e:
79:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:93:59:A0:FF:E2:F4:F2:10:BD:2A:3D:0B:C9:FD:A8:88:CC:0D:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/34c01ebb-9e77-41b5-a2ef-1caa5f389bf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
0e:c7:94:a7:d4:c9:42:90:75:0d:7c:2a:7f:73:b2:8d:03:00:
e3:6f:6b:e6:44:ba:d1:13:40:00:14:bf:b8:7d:bf:7d:24:81:
dc:66:29:0e:66:52:40:59:8b:52:38:ee:57:8e:8c:4f:19:80:
4a:8c:f2:2b:ec:5f:94:10:01:37:af:fa:b1:54:67:b2:49:d5:
d2:96:a8:c5:b7:98:78:76:13:9b:22:14:78:9b:7c:65:b9:78:
55:bd:87:81:40:7f:48:a8:d7:44:78:2a:47:b6:ae:17:f3:3c:
df:2e:d2:34:bf:ac:26:fd:8e:e2:85:4e:54:b9:d1:d1:18:bd:
cc:f4:5f:bb:c3:22:2b:8b:76:48:f6:53:09:13:fa:2a:35:d4:
72:c0:3e:39:c0:a2:46:c0:7e:3b:d9:72:ad:eb:df:b4:51:51:
51:13:9b:a3:52:9f:31:20:55:4a:d6:b8:4e:7f:45:a0:65:24:
1a:5f:32:9f:0d:41:0a:b0:e3:49:4f:a5:91:98:f3:ef:e8:1c:
52:f7:61:62:0f:53:c3:28:f1:ae:79:11:d5:aa:04:aa:ac:b8:
a4:bf:38:90:48:f0:d7:43:19:46:80:e6:fc:4c:23:a0:b9:b9:
ed:87:3a:f2:00:7c:b4:de:f3:53:28:cd:38:b8:b2:6c:90:32:
b4:49:95:ee
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUN1vjXe6FjSBc/l59vhUO2SqCF4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTEwMTMwMDlaFw0yNjA1MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3MGRmNGZkYzhhOTBjYjY2OTU4MzQyOWQ2YzkyNGRmZDIyMTFlMmEzZDYy
YTcyZGU2NGJkYmM5YzFhMDQ2NGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALasU7zwWDYXW6eKn5LEvFzm45uwIS9pAnxeWXJXlgAD+LVc8e8+5RaLPFJq
UMooRbXNk9tnH7ZSZTpsQ9rE7Si9tiulK/eGEp5NNoIph9xwhod2n7CzSZ+xK4eL
dA15tIdVKPBarpmU4oQTvKigkOvFowCahDXRZAn6YCA5VWcVslmxDPA8elCoXbBp
IexrDTOmtvZfZJIkhjBYR8MvQWvhkDxt5RY4ri2G1N6ekd2/tqNzCHHtI3P969/Z
qDJ5CYPJVmGtWU4KE39X5FT+3NaNAD7+Iqcf/jTPt9DbXd2HUGLCtjhejPE6AzJ6
K5OFm4k4jYA+4Cn66cEn39M+ef0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRwk1mg
/+L08hC9Kj0Lyf2oiMwNLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzRjMDFlYmItOWU3Ny00MWI1LWEyZWYtMWNhYTVmMzg5YmYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GpQ
wDANBgkqhkiG9w0BAQsFAAOCAQEADseUp9TJQpB1DXwqf3OyjQMA429r5kS60RNA
ABS/uH2/fSSB3GYpDmZSQFmLUjjuV46MTxmASozyK+xflBABN6/6sVRnsknV0pao
xbeYeHYTmyIUeJt8Zbl4Vb2HgUB/SKjXRHgqR7auF/M83y7SNL+sJv2O4oVOVLnR
0Ri9zPRfu8MiK4t2SPZTCRP6KjXUcsA+OcCiRsB+O9lyrevftFFRURObo1KfMSBV
Sta4Tn9FoGUkGl8ynw1BCrDjSU+lkZjz7+gcUvdhYg9TwyjxrnkR1aoEqqy4pL84
kEjw10MZRoDm/EwjoLm57Yc68gB8tN7zUyjNOLiybJAytEmV7g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:37:55 2026 by rpki-client