Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
File: 3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa (raw, json)
Hash identifier: AKTckeCuVvoeAOogoDu3JP+nHa1JU26jP7dTP7dMBT8=
Subject key identifier: B5:23:2F:ED:1A:06:21:90:A9:23:20:4A:15:D9:1B:59:C7:4A:AD:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36FFBCCDE63480373EEE4BE5A2B3F8CAFAF86730
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
Signing time: Tue 19 May 2026 05:00:52 +0000
ROA not before: Tue 19 May 2026 05:00:52 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:ff:bc:cd:e6:34:80:37:3e:ee:4b:e5:a2:b3:f8:ca:fa:f8:67:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:52 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=c2504332ff5499e016ba1376502cc3b665cd19da147d824d7075c00a410d6dd9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f3:c8:a6:95:42:ca:a4:25:af:5a:2c:b2:65:
3a:71:6d:87:e7:69:71:18:9a:05:9a:c4:ba:94:bd:
80:b3:ac:82:af:18:d5:6a:92:ab:3f:6c:0f:67:f0:
b0:6d:d1:6c:fe:e9:aa:c6:a7:4f:d0:a9:57:e2:ec:
ef:1c:6d:5a:5e:f6:71:81:39:9d:dd:9f:d6:9c:8b:
3a:61:a0:b3:7c:df:10:65:14:f4:ad:4b:a1:8d:74:
23:5f:57:83:21:e9:a2:fa:fc:9f:03:a5:bf:1c:2b:
7a:3d:9c:58:6a:dc:ac:85:1b:a1:78:01:35:39:a0:
aa:52:57:d6:a7:e4:18:38:48:7e:f5:be:25:af:51:
ba:2d:0c:27:79:01:49:17:22:95:6b:fe:ab:48:a4:
cb:bd:64:26:18:aa:13:23:66:93:f3:bf:16:61:1b:
7a:27:a2:1d:20:de:9b:a0:9c:bc:e1:c1:13:72:b6:
07:ca:08:51:7a:eb:c7:a3:5e:4f:d7:ee:b1:5c:59:
d4:63:1e:01:b2:da:6c:ec:bf:54:c4:a5:d1:95:c6:
e2:a5:08:b0:94:6b:4b:6e:6c:8d:da:62:76:14:d6:
c2:cd:c6:60:7c:35:0a:1f:4e:ea:a8:6c:5b:35:78:
37:87:48:b2:57:e7:20:b5:80:c7:7a:76:41:b9:60:
19:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:23:2F:ED:1A:06:21:90:A9:23:20:4A:15:D9:1B:59:C7:4A:AD:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:b000::/40
Signature Algorithm: sha256WithRSAEncryption
28:b2:fb:3a:1f:8c:65:71:cf:c2:e0:df:53:4e:6b:2c:00:75:
0f:ec:a5:86:21:fe:71:e5:04:06:fa:92:98:d7:6b:3e:f0:66:
3d:20:50:e3:d3:f1:dd:7c:c6:62:b8:d6:da:db:e4:ff:9c:fc:
40:f3:87:74:52:69:98:f7:5f:2c:eb:f8:ce:ce:ec:e8:3e:a9:
49:15:48:0f:91:32:df:d3:61:33:e7:79:28:c5:dd:7a:be:6a:
1d:2d:bb:e5:4e:a7:b5:09:8d:33:7f:7e:7b:7b:3a:8c:b8:22:
4e:02:9f:e8:74:bb:1f:a1:88:e9:9e:35:74:8b:61:56:37:20:
33:5e:e7:c3:48:b4:37:c6:a8:06:33:a1:13:ff:ef:5a:69:d9:
66:39:aa:f1:1d:50:53:5f:40:86:b4:24:cd:b6:94:0f:f3:5b:
44:5e:8d:f0:d7:db:15:df:1f:bc:14:db:a3:54:01:88:c7:00:
c4:8f:75:19:1d:ce:da:bd:14:e3:1e:46:cc:ea:ef:30:f7:9e:
dd:3f:0d:8d:8f:4b:fb:c1:25:8a:73:66:b4:7d:9b:34:40:ef:
8c:2b:99:17:8e:13:a7:ab:90:8d:95:0b:e5:ae:53:12:d2:33:
97:74:b9:72:7c:b4:33:f4:22:55:9e:30:f2:06:6a:97:23:df:
3a:79:d2:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNv+8zeY0gDc+7kvlorP4yvr4ZzAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwNTJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyNTA0MzMyZmY1NDk5ZTAxNmJhMTM3NjUwMmNjM2I2NjVjZDE5ZGExNDdk
ODI0ZDcwNzVjMDBhNDEwZDZkZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOXzyKaVQsqkJa9aLLJlOnFth+dpcRiaBZrEupS9gLOsgq8Y1WqSqz9sD2fw
sG3RbP7pqsanT9CpV+Ls7xxtWl72cYE5nd2f1pyLOmGgs3zfEGUU9K1LoY10I19X
gyHpovr8nwOlvxwrej2cWGrcrIUboXgBNTmgqlJX1qfkGDhIfvW+Ja9Rui0MJ3kB
SRcilWv+q0iky71kJhiqEyNmk/O/FmEbeieiHSDem6CcvOHBE3K2B8oIUXrrx6Ne
T9fusVxZ1GMeAbLabOy/VMSl0ZXG4qUIsJRrS25sjdpidhTWws3GYHw1Ch9O6qhs
WzV4N4dIslfnILWAx3p2QblgGf0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS1Iy/t
GgYhkKkjIEoV2RtZx0qtMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2E2YWJhMWYtNDQwZS00ODc0LTkxOTMtYTNhMWY2ZWEzZWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKw
MA0GCSqGSIb3DQEBCwUAA4IBAQAosvs6H4xlcc/C4N9TTmssAHUP7KWGIf5x5QQG
+pKY12s+8GY9IFDj0/HdfMZiuNba2+T/nPxA84d0UmmY918s6/jOzuzoPqlJFUgP
kTLf02Ez53koxd16vmodLbvlTqe1CY0zf357ezqMuCJOAp/odLsfoYjpnjV0i2FW
NyAzXufDSLQ3xqgGM6ET/+9aadlmOarxHVBTX0CGtCTNtpQP81tEXo3w19sV3x+8
FNujVAGIxwDEj3UZHc7avRTjHkbM6u8w957dPw2Nj0v7wSWKc2a0fZs0QO+MK5kX
jhOnq5CNlQvlrlMS0jOXdLlyfLQz9CJVnjDyBmqXI986edJG
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:42 2026 by rpki-client