Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
File: 3f1caa71-8276-42c2-bf3a-470ac560fb89.roa (raw, json)
Hash identifier: oSDXu7M6yyM1bljvuy7b5qZR13FOSFOclFDHUQ+BQ8U=
Subject key identifier: 06:04:3F:9C:28:04:64:63:82:EB:40:4D:26:FE:EB:A8:0F:4F:50:2D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01F70E2D57AB6EA0AA3A8E5D5002E841DDBE97E5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
Signing time: Tue 19 May 2026 04:40:58 +0000
ROA not before: Tue 19 May 2026 04:40:58 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:f7:0e:2d:57:ab:6e:a0:aa:3a:8e:5d:50:02:e8:41:dd:be:97:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:58 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=80d4ccdfcd2ad9deeef01df1e315b0834dd8e66c37056d5441e49fb76165bc03, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:c4:a7:51:1f:b9:2e:47:0c:d9:6f:d8:a7:46:
46:f1:b7:ff:59:39:5e:c1:0c:0a:cb:40:4c:93:39:
63:23:c7:97:de:74:71:e5:a5:06:29:5a:31:c9:7b:
cb:3e:12:f5:ea:c2:a7:bb:2b:ea:1d:92:eb:dd:c4:
80:5b:06:54:fb:ba:1d:d6:46:b6:59:ab:a2:4f:80:
2a:8b:4a:ba:26:56:f5:05:7a:2e:56:18:44:e0:78:
d3:6c:30:3b:48:df:ce:f8:d6:3a:36:37:7b:6e:37:
26:26:7d:26:0b:24:5b:da:ea:fa:7e:f7:b7:8c:c8:
43:20:13:a4:e5:54:ae:b3:5d:14:2e:d8:ca:ce:fd:
ab:cf:f6:1f:fb:d7:8a:b4:22:a5:a1:ca:cf:17:be:
ea:1c:2d:57:2f:af:a9:47:fd:f8:40:6c:90:95:6a:
8e:7b:5d:5c:c3:19:3c:79:35:42:c6:7e:f7:b3:9b:
6e:18:e0:98:89:e8:0a:bd:e2:8a:00:75:47:ba:9f:
c6:f1:b3:6c:41:ad:cf:f0:6a:4c:ab:17:4d:2f:5b:
6b:89:f6:0e:a5:dc:e9:71:50:4c:95:2d:95:ac:b6:
2c:bd:2b:44:f0:60:c4:e3:64:79:cc:fa:e8:cc:c1:
c4:50:d2:1a:c9:c8:64:4e:3f:41:00:01:21:b0:72:
2a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:04:3F:9C:28:04:64:63:82:EB:40:4D:26:FE:EB:A8:0F:4F:50:2D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d::/37
Signature Algorithm: sha256WithRSAEncryption
76:1f:c3:a6:9c:d0:95:65:e8:53:df:34:21:70:f4:5d:94:8d:
6d:45:f3:21:2e:b4:9d:c4:52:c3:58:1a:d0:58:1c:49:88:79:
1c:74:98:44:48:b7:fa:6b:9f:73:3b:ec:0f:0f:15:87:73:04:
94:f4:24:5d:b8:e2:c2:a7:a0:b4:cf:85:fb:b9:87:e4:97:df:
0e:79:82:b5:cd:c3:44:69:62:3a:7d:e1:b9:78:d3:3b:f8:93:
ba:93:e6:b4:85:54:a2:2c:9f:8e:30:5e:e1:06:9a:20:df:1c:
a9:b6:1b:70:21:31:06:d7:3b:12:33:8b:25:12:4a:b3:63:9d:
c4:bd:a1:30:d0:a9:1b:1a:f4:6d:38:15:1b:1a:37:70:f8:05:
11:78:b6:a4:e0:36:da:0f:1c:2f:f6:b7:5f:6a:bc:fe:e8:2d:
2c:39:70:95:bb:24:9a:b0:5a:59:78:d5:fe:5e:c8:a0:b7:72:
b2:bc:7f:dd:f1:08:84:b7:74:dd:1e:24:fc:8c:ca:c5:53:63:
87:63:5b:e0:00:5a:a0:47:d7:48:75:92:82:6b:61:1b:17:94:
11:4b:10:47:81:e3:ea:37:f1:e6:f4:bb:a8:ea:2f:2f:b1:c8:
dc:6f:78:ca:ed:08:06:74:18:a4:0c:10:c5:a9:cc:db:5d:e6:
4d:c2:02:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAfcOLVerbqCqOo5dUALoQd2+l+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwNThaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwZDRjY2RmY2QyYWQ5ZGVlZWYwMWRmMWUzMTViMDgzNGRkOGU2NmMzNzA1
NmQ1NDQxZTQ5ZmI3NjE2NWJjMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPPEp1EfuS5HDNlv2KdGRvG3/1k5XsEMCstATJM5YyPHl950ceWlBilaMcl7
yz4S9erCp7sr6h2S693EgFsGVPu6HdZGtlmrok+AKotKuiZW9QV6LlYYROB402ww
O0jfzvjWOjY3e243JiZ9JgskW9rq+n73t4zIQyATpOVUrrNdFC7Yys79q8/2H/vX
irQipaHKzxe+6hwtVy+vqUf9+EBskJVqjntdXMMZPHk1QsZ+97ObbhjgmInoCr3i
igB1R7qfxvGzbEGtz/BqTKsXTS9ba4n2DqXc6XFQTJUtlay2LL0rRPBgxONkecz6
6MzBxFDSGsnIZE4/QQABIbByKkECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQGBD+c
KARkY4LrQE0m/uuoD09QLTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2YxY2FhNzEtODI3Ni00MmMyLWJmM2EtNDcwYWM1NjBmYjg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0A
MA0GCSqGSIb3DQEBCwUAA4IBAQB2H8OmnNCVZehT3zQhcPRdlI1tRfMhLrSdxFLD
WBrQWBxJiHkcdJhESLf6a59zO+wPDxWHcwSU9CRduOLCp6C0z4X7uYfkl98OeYK1
zcNEaWI6feG5eNM7+JO6k+a0hVSiLJ+OMF7hBpog3xypthtwITEG1zsSM4slEkqz
Y53EvaEw0KkbGvRtOBUbGjdw+AUReLak4DbaDxwv9rdfarz+6C0sOXCVuySasFpZ
eNX+Xsigt3KyvH/d8QiEt3TdHiT8jMrFU2OHY1vgAFqgR9dIdZKCa2EbF5QRSxBH
gePqN/Hm9Luo6i8vscjcb3jK7QgGdBikDBDFqczbXeZNwgI9
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:13 2026 by rpki-client