Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json)
Hash identifier: /9VwJOrDCCXNghTTEXpeZ0jEEsfsuqlU+w/olcjpuuI=
Subject key identifier: DC:C4:30:0E:30:AF:A3:A2:FC:58:55:7A:F3:E5:60:ED:D1:AF:EA:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2AD0B1735DE140D6F6F739438B8EE6FF2B6DA368
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
Signing time: Tue 19 May 2026 04:50:05 +0000
ROA not before: Tue 19 May 2026 04:50:05 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:d0:b1:73:5d:e1:40:d6:f6:f7:39:43:8b:8e:e6:ff:2b:6d:a3:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:05 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=d3034efa819fea574e57d2d5a98b3aa529264ad8dfac4d81c1d313542e7718dc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:af:a7:f7:a0:88:98:83:df:35:1f:43:5e:ae:
eb:bb:13:2a:51:80:8d:fa:49:9c:78:3d:08:f0:18:
32:9f:78:e7:29:d9:b5:d9:5c:6f:41:eb:9c:61:95:
06:51:f7:a1:05:70:b3:c0:f8:95:5f:ae:32:38:32:
3f:8b:00:dc:ae:e1:e4:36:27:57:c2:42:bf:44:05:
bd:96:ac:ea:cb:03:15:15:35:8e:80:2f:ee:c1:50:
6e:05:00:28:e5:a0:b1:05:2c:f1:71:18:d6:7c:b7:
38:2e:78:fa:90:01:88:21:1d:8d:ba:7c:31:3d:96:
46:17:e1:2c:ca:53:32:52:b8:97:97:c3:e9:b3:fd:
d6:48:ac:39:a5:f6:ad:40:f1:f4:f2:72:77:73:db:
5a:e9:3d:ab:97:bc:da:f6:1f:1b:b2:30:bf:c8:ad:
ad:31:0f:82:3d:2b:67:6f:38:de:03:f4:27:73:25:
91:9a:9e:1a:de:10:0c:b1:95:b2:85:f2:b8:86:bf:
65:24:5a:b4:f2:1b:7b:50:ce:e4:d4:a8:21:81:fe:
fd:41:2b:a7:7e:4c:f4:ca:ee:36:18:7f:13:b2:83:
35:c9:9a:3b:6a:0e:73:40:eb:3c:ad:b2:14:63:c6:
7d:82:39:28:a0:80:56:9d:75:b3:84:ce:18:45:b9:
0c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C4:30:0E:30:AF:A3:A2:FC:58:55:7A:F3:E5:60:ED:D1:AF:EA:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:8000::/40
Signature Algorithm: sha256WithRSAEncryption
38:04:5e:ab:d8:3d:73:85:32:f4:c7:38:70:c1:5b:12:a1:4d:
04:35:1f:a6:36:f2:dc:17:f6:1d:fd:91:09:56:50:24:1f:a2:
2d:22:c6:3e:01:f9:cd:35:5f:b5:10:4a:6e:9f:fb:0c:4f:e8:
90:23:17:d1:06:b9:c5:77:0a:35:c6:04:3c:e5:f1:9d:b5:8a:
f1:c2:27:3a:19:90:dc:bf:3f:3f:73:3a:e5:a3:e8:40:ef:fc:
dc:2f:c5:3a:86:6f:ee:cc:70:9c:e1:45:07:6c:9e:ee:8b:e3:
e5:3f:ac:49:f7:7a:13:26:3e:ef:42:35:f6:f0:7d:32:ce:37:
66:04:ae:03:68:3d:fe:d0:49:92:86:cb:1a:2f:0f:a5:c6:b4:
22:5c:25:7b:5e:d4:53:ac:25:78:e0:ee:2b:1a:fb:62:fc:25:
45:71:b0:39:17:73:85:d6:92:21:c2:14:78:26:dc:81:ee:09:
69:07:e8:d9:36:db:39:55:5c:b4:83:cf:a5:5e:bb:c6:49:ec:
e4:7e:53:54:57:12:32:fb:45:fe:d7:a4:f6:5a:bd:6f:70:7a:
85:b9:dd:96:ad:55:da:5c:ad:d2:af:8f:e6:14:3e:e7:f8:f2:
5f:66:35:ce:27:9e:29:c4:07:49:1c:1d:a5:c2:8b:f5:e4:2d:
50:91:c8:c1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKtCxc13hQNb29zlDi47m/ytto2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMDVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzMDM0ZWZhODE5ZmVhNTc0ZTU3ZDJkNWE5OGIzYWE1MjkyNjRhZDhkZmFj
NGQ4MWMxZDMxMzU0MmU3NzE4ZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOCvp/egiJiD3zUfQ16u67sTKlGAjfpJnHg9CPAYMp945ynZtdlcb0HrnGGV
BlH3oQVws8D4lV+uMjgyP4sA3K7h5DYnV8JCv0QFvZas6ssDFRU1joAv7sFQbgUA
KOWgsQUs8XEY1ny3OC54+pABiCEdjbp8MT2WRhfhLMpTMlK4l5fD6bP91kisOaX2
rUDx9PJyd3PbWuk9q5e82vYfG7Iwv8itrTEPgj0rZ2843gP0J3MlkZqeGt4QDLGV
soXyuIa/ZSRatPIbe1DO5NSoIYH+/UErp35M9MruNhh/E7KDNcmaO2oOc0DrPK2y
FGPGfYI5KKCAVp11s4TOGEW5DMECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTcxDAO
MK+jovxYVXrz5WDt0a/qdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA
MA0GCSqGSIb3DQEBCwUAA4IBAQA4BF6r2D1zhTL0xzhwwVsSoU0ENR+mNvLcF/Yd
/ZEJVlAkH6ItIsY+AfnNNV+1EEpun/sMT+iQIxfRBrnFdwo1xgQ85fGdtYrxwic6
GZDcvz8/czrlo+hA7/zcL8U6hm/uzHCc4UUHbJ7ui+PlP6xJ93oTJj7vQjX28H0y
zjdmBK4DaD3+0EmShssaLw+lxrQiXCV7XtRTrCV44O4rGvti/CVFcbA5F3OF1pIh
whR4JtyB7glpB+jZNts5VVy0g8+lXrvGSezkflNUVxIy+0X+16T2Wr1vcHqFud2W
rVXaXK3Sr4/mFD7n+PJfZjXOJ54pxAdJHB2lwov15C1QkcjB
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:59 2026 by rpki-client