Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
File: 4498c2d2-5806-4a94-bd91-8de10249561d.roa (raw, json)
Hash identifier: I9O5iZEGCSoTgUDVMBdaDlmCyIUo4V6/MvImmoId8BE=
Subject key identifier: AE:B1:8F:1D:D7:45:98:83:5F:BB:5B:F8:F6:6E:92:EE:D8:E7:6F:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1030798FF03283AD6D2943732023045DCC94F583
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
Signing time: Tue 19 May 2026 04:30:27 +0000
ROA not before: Tue 19 May 2026 04:30:27 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:30:79:8f:f0:32:83:ad:6d:29:43:73:20:23:04:5d:cc:94:f5:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:27 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=a74cb0475334734592648232ffb7c079f445c8a4664a9d8cfe6e1fdf1b876740, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f9:1f:bf:d1:40:ab:3f:62:4f:4c:47:45:d4:
dc:0a:dc:31:51:12:0a:5f:9d:23:09:af:d1:74:0b:
ff:52:14:05:d5:ba:20:f7:58:36:e8:1f:7b:dc:95:
24:72:36:22:2f:2f:8e:89:34:aa:8d:4c:68:90:34:
a5:45:ea:a8:c5:ae:31:e8:36:9f:54:86:02:0c:9b:
f4:a3:44:40:fa:9d:87:54:6e:3a:b6:78:19:3a:c8:
5e:85:d2:a3:3e:f0:6a:e3:c5:f0:0b:73:fc:bb:31:
5c:92:a1:a9:5b:b5:6e:12:6a:dd:d4:83:cf:78:32:
07:83:7c:4a:c9:c6:53:2a:dc:b6:49:dc:20:d8:dc:
32:12:36:bc:ef:b9:ab:1a:ef:d6:23:50:94:bc:17:
de:f1:c7:41:5f:92:07:3d:e3:cc:86:55:76:19:b1:
57:29:43:c2:32:7f:74:25:a4:97:f6:f7:f2:67:c9:
f3:4d:c3:84:cd:8e:44:4c:fa:7b:73:3b:fa:db:f9:
f3:e2:42:8c:b1:20:cc:f6:22:4b:64:03:01:b3:38:
9a:e1:35:2f:50:a3:d4:7c:a0:57:f7:73:28:48:5a:
b9:26:f5:07:36:9a:72:f4:e1:53:06:3d:fa:e2:7c:
fd:89:0d:3a:0d:e5:1f:3e:3b:cc:f3:5e:7d:d5:32:
cd:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:B1:8F:1D:D7:45:98:83:5F:BB:5B:F8:F6:6E:92:EE:D8:E7:6F:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:e000::/40
Signature Algorithm: sha256WithRSAEncryption
33:ad:dd:1f:84:f3:56:8c:fa:97:6d:ed:e3:49:12:cb:3c:4f:
fb:29:95:4d:63:da:ef:70:ef:63:96:7c:8b:46:0a:b2:fe:5d:
c5:6e:bd:62:b7:06:ad:45:6d:37:84:07:f8:77:73:e8:e8:57:
e5:1f:0c:80:89:c7:fd:dc:b8:0c:28:7b:c3:e8:ac:fb:85:b9:
6d:87:3d:a2:c3:91:f0:c1:c4:8b:b3:b9:78:89:fa:87:54:dd:
e5:1e:63:ad:29:22:b1:90:15:e6:bd:54:78:29:d4:f8:57:27:
44:07:4a:50:3d:14:4b:78:9b:58:41:39:3c:92:54:b8:24:a3:
71:66:4e:68:31:78:0e:66:db:ff:31:0b:1c:2d:3e:e8:67:c6:
4a:f0:e1:80:21:ad:07:f4:bf:76:81:67:f9:1f:d0:2f:ad:fc:
51:41:75:c4:7e:7a:28:8f:6a:69:db:ae:5d:a7:e6:43:f0:f4:
1c:ed:15:66:21:f9:11:db:a7:8b:4b:f7:46:7c:50:df:f3:b2:
42:51:0e:5c:07:b7:34:3c:6a:6b:f5:92:dd:53:1b:fd:74:94:
1f:b5:a9:2f:ca:94:00:77:55:12:bb:00:67:46:dc:71:20:0d:
16:0a:ce:18:1f:17:98:b2:d9:fc:df:a2:76:05:20:a0:71:4a:
4c:94:d3:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEDB5j/Ayg61tKUNzICMEXcyU9YMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMjdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3NGNiMDQ3NTMzNDczNDU5MjY0ODIzMmZmYjdjMDc5ZjQ0NWM4YTQ2NjRh
OWQ4Y2ZlNmUxZmRmMWI4NzY3NDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAND5H7/RQKs/Yk9MR0XU3ArcMVESCl+dIwmv0XQL/1IUBdW6IPdYNugfe9yV
JHI2Ii8vjok0qo1MaJA0pUXqqMWuMeg2n1SGAgyb9KNEQPqdh1RuOrZ4GTrIXoXS
oz7wauPF8Atz/LsxXJKhqVu1bhJq3dSDz3gyB4N8SsnGUyrctkncINjcMhI2vO+5
qxrv1iNQlLwX3vHHQV+SBz3jzIZVdhmxVylDwjJ/dCWkl/b38mfJ803DhM2OREz6
e3M7+tv58+JCjLEgzPYiS2QDAbM4muE1L1Cj1HygV/dzKEhauSb1BzaacvThUwY9
+uJ8/YkNOg3lHz47zPNefdUyzeUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSusY8d
10WYg1+7W/j2bpLu2OdvfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQ5OGMyZDItNTgwNi00YTk0LWJkOTEtOGRlMTAyNDk1NjFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hjg
MA0GCSqGSIb3DQEBCwUAA4IBAQAzrd0fhPNWjPqXbe3jSRLLPE/7KZVNY9rvcO9j
lnyLRgqy/l3Fbr1itwatRW03hAf4d3Po6FflHwyAicf93LgMKHvD6Kz7hblthz2i
w5HwwcSLs7l4ifqHVN3lHmOtKSKxkBXmvVR4KdT4VydEB0pQPRRLeJtYQTk8klS4
JKNxZk5oMXgOZtv/MQscLT7oZ8ZK8OGAIa0H9L92gWf5H9AvrfxRQXXEfnooj2pp
265dp+ZD8PQc7RVmIfkR26eLS/dGfFDf87JCUQ5cB7c0PGpr9ZLdUxv9dJQftakv
ypQAd1USuwBnRtxxIA0WCs4YHxeYstn836J2BSCgcUpMlNNe
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:20 2026 by rpki-client