Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
File: 41abc6c7-a6fb-4666-b503-a8a0784797a1.roa (raw, json)
Hash identifier: Q/K+putyO654gSghDhY3Jco9jI3Itv9wLFHxUN23bPw=
Subject key identifier: BF:76:0D:EE:3D:56:85:F4:83:D3:CD:1D:64:40:04:BA:E2:E1:66:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B1AC83E00632DB264597E1D84E9A4BA2D5442A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
Signing time: Sat 28 Feb 2026 06:21:21 +0000
ROA not before: Sat 28 Feb 2026 06:21:21 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:1a:c8:3e:00:63:2d:b2:64:59:7e:1d:84:e9:a4:ba:2d:54:42:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:21 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=6d3d509084239a52bd14b71c6ddc2b68591b0a75dd2cb6282eec73c650520de2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:30:33:5f:0f:73:c9:06:b2:fe:ff:07:4a:83:
fd:44:fc:00:39:7f:f5:bd:cb:a7:d3:86:57:b5:cf:
5f:d3:5b:08:20:a9:a7:e7:77:13:c0:21:e8:0e:2f:
ce:cb:48:c5:ad:7b:7a:60:79:d7:2a:f2:30:d3:3f:
60:12:fd:57:da:50:0e:bb:77:e1:9d:f0:42:0b:5d:
f8:42:1a:2c:36:9b:1f:d2:5d:1f:d4:15:cd:05:26:
ea:68:cb:36:31:0e:59:98:7b:30:7e:4d:b3:4e:05:
e9:cd:c2:c1:4a:e6:be:5f:91:dd:eb:f5:74:ba:00:
a8:95:28:08:c9:f6:08:b9:aa:23:8d:b6:87:85:66:
4c:74:41:cf:30:00:ed:cd:e1:c7:16:ca:d9:b4:56:
0f:2c:3a:97:a3:e9:6d:13:b5:d6:ba:80:f6:26:29:
2c:4a:56:bc:52:05:35:f7:f3:fa:35:6f:cb:fa:e2:
41:e2:22:b8:b8:2b:f2:3c:15:35:24:80:41:67:33:
fc:d9:5b:fb:bb:f9:72:54:d4:4e:50:c2:5b:48:1f:
cd:1c:b1:ce:58:77:a1:f7:c8:86:a4:bb:c3:26:da:
41:64:2b:ee:70:b8:30:77:dd:5f:e4:fa:6a:f5:49:
c7:39:bc:03:85:e4:c2:cd:15:be:93:63:41:61:75:
48:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:76:0D:EE:3D:56:85:F4:83:D3:CD:1D:64:40:04:BA:E2:E1:66:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8000::/40
Signature Algorithm: sha256WithRSAEncryption
19:ac:fe:88:bd:34:96:f2:df:e7:25:54:ee:44:18:c3:b6:43:
02:64:41:81:06:47:bf:91:cb:b2:e9:f3:ae:07:97:de:39:58:
96:d8:50:3b:8a:d5:46:7e:65:74:d6:09:90:5f:c1:a2:56:d1:
ce:79:cb:c5:da:77:ab:1c:88:37:ac:2d:49:0b:3e:7d:1f:6b:
6e:38:c6:38:4e:67:69:3a:10:b4:21:c9:13:62:2d:34:20:a8:
c0:cc:38:b9:e7:dd:64:73:74:16:0c:40:13:bf:1f:a1:f3:7c:
a9:93:7a:af:b8:d7:99:64:c7:4d:c9:36:26:be:75:5f:45:b5:
5b:f9:15:79:c3:af:03:19:cf:fa:39:3d:54:7b:28:89:1a:d0:
e5:b1:6d:98:71:22:6c:71:0e:a2:f8:3d:31:fd:c8:0e:b8:2f:
12:30:5b:f0:c4:d5:44:c1:a7:a6:01:11:10:ba:c8:51:92:bd:
44:1f:c1:72:aa:d3:f4:8b:e6:18:73:4b:b8:6d:49:21:79:cb:
65:9a:31:92:dc:c9:39:db:e3:ad:76:40:f9:50:5c:e8:23:05:
b3:06:e7:51:b7:fe:01:ca:5a:6a:9a:91:c0:78:b2:cb:82:b1:
36:f4:7e:11:5b:a3:0a:a5:a0:56:8d:dd:8f:82:4b:1c:35:d2:
a6:16:e2:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSxrIPgBjLbJkWX4dhOmkui1UQqAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMjFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkM2Q1MDkwODQyMzlhNTJiZDE0YjcxYzZkZGMyYjY4NTkxYjBhNzVkZDJj
YjYyODJlZWM3M2M2NTA1MjBkZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJIwM18Pc8kGsv7/B0qD/UT8ADl/9b3Lp9OGV7XPX9NbCCCpp+d3E8Ah6A4v
zstIxa17emB51yryMNM/YBL9V9pQDrt34Z3wQgtd+EIaLDabH9JdH9QVzQUm6mjL
NjEOWZh7MH5Ns04F6c3CwUrmvl+R3ev1dLoAqJUoCMn2CLmqI422h4VmTHRBzzAA
7c3hxxbK2bRWDyw6l6PpbRO11rqA9iYpLEpWvFIFNffz+jVvy/riQeIiuLgr8jwV
NSSAQWcz/Nlb+7v5clTUTlDCW0gfzRyxzlh3offIhqS7wybaQWQr7nC4MHfdX+T6
avVJxzm8A4Xkws0VvpNjQWF1SPUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS/dg3u
PVaF9IPTzR1kQAS64uFmjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDFhYmM2YzctYTZmYi00NjY2LWI1MDMtYThhMDc4NDc5N2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACA
MA0GCSqGSIb3DQEBCwUAA4IBAQAZrP6IvTSW8t/nJVTuRBjDtkMCZEGBBke/kcuy
6fOuB5feOViW2FA7itVGfmV01gmQX8GiVtHOecvF2nerHIg3rC1JCz59H2tuOMY4
TmdpOhC0IckTYi00IKjAzDi5591kc3QWDEATvx+h83ypk3qvuNeZZMdNyTYmvnVf
RbVb+RV5w68DGc/6OT1UeyiJGtDlsW2YcSJscQ6i+D0x/cgOuC8SMFvwxNVEwaem
AREQushRkr1EH8FyqtP0i+YYc0u4bUkhectlmjGS3Mk52+OtdkD5UFzoIwWzBudR
t/4BylpqmpHAeLLLgrE29H4RW6MKpaBWjd2PgkscNdKmFuKV
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:15 2026 by rpki-client