Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json)
Hash identifier: UnqY3c7LpGY/MMqFoUKsQ9lN+ckp488kype7zhCGMwY=
Subject key identifier: 8D:2D:55:52:C0:B8:65:13:D3:E7:A4:F6:19:BE:AA:A4:FA:E3:D0:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 286FAF706EB497C33F552281055023B053FD46EC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
Signing time: Sat 28 Feb 2026 05:40:52 +0000
ROA not before: Sat 28 Feb 2026 05:40:52 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:6f:af:70:6e:b4:97:c3:3f:55:22:81:05:50:23:b0:53:fd:46:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:52 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=1613ad01b32ea3a1d01a5b7c05e5ab2edb943d28d7c6ad6333044a491e9f1c43, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9e:87:6f:ea:40:02:5b:4d:f5:8d:44:e2:bb:
98:b9:2f:85:1b:11:9a:bf:9e:37:6d:de:6b:0d:42:
fe:6d:43:42:2d:61:e0:81:9b:14:33:e5:25:4f:d5:
ff:f2:60:3a:f2:fd:96:a1:ba:a6:d6:b6:ae:ee:ac:
9b:9e:42:9f:81:50:a8:32:27:44:bb:5f:e7:4c:6e:
11:dc:33:91:ad:32:ac:d3:08:3e:56:19:8b:af:f1:
58:55:b6:96:06:f9:47:d0:39:c2:69:6b:4f:80:07:
d7:d1:82:d0:14:a5:af:39:c2:8c:a7:a3:0a:16:25:
62:c6:73:33:2b:d6:be:0f:09:47:2f:78:da:fa:65:
d0:e3:ed:e4:b4:3c:74:b3:58:39:b5:d3:8c:bd:cc:
a0:ab:fc:a3:26:e6:53:32:d5:8b:bc:2f:b8:4e:43:
97:66:bd:a8:1e:e5:27:38:6d:5d:09:e0:14:02:b9:
04:32:ec:33:0c:c9:fb:a6:60:93:3b:ca:61:00:db:
9f:c8:e7:49:27:89:89:0e:46:44:dc:f2:64:a3:1f:
b0:99:bf:b4:22:9e:c8:fa:1a:8e:04:d2:51:3d:a8:
45:1e:cc:fa:47:c2:87:fd:3d:8a:f0:87:65:cb:c8:
0d:82:4b:5a:cc:24:01:6d:d9:79:13:c2:c1:20:80:
85:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:2D:55:52:C0:B8:65:13:D3:E7:A4:F6:19:BE:AA:A4:FA:E3:D0:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:8000::/40
Signature Algorithm: sha256WithRSAEncryption
53:9e:e4:5c:4b:ae:46:2a:ad:a3:75:4e:60:c8:5c:2b:09:69:
f3:b5:53:d0:d0:63:e7:57:58:77:e6:c1:0b:15:23:33:00:b6:
19:26:ba:ba:ef:87:f3:18:db:0b:ae:b4:69:61:ba:b0:3f:01:
3b:a6:69:43:6e:ac:5d:e8:e1:17:b2:82:c3:84:2d:49:a4:9d:
13:4d:28:22:d8:95:f0:b1:b1:f5:73:a9:42:5f:29:21:bb:c0:
8b:21:2f:4a:ab:ea:02:e6:7e:8b:75:f6:14:3b:b8:32:3d:bc:
52:56:23:c2:cb:f5:93:e5:c6:5b:2c:85:28:a3:6b:3f:b1:f3:
5a:ff:cb:63:2f:4f:6e:9d:d3:1e:0d:24:ee:2a:5f:f2:04:ca:
97:40:8e:1c:c2:15:a3:eb:a0:c9:63:a1:e8:f9:23:e6:bd:40:
3e:4c:a0:8e:30:8d:24:fc:5d:f7:2b:f1:bf:19:01:65:ed:62:
c9:17:0d:0f:af:fe:0a:66:2e:c8:96:95:5d:ed:87:15:7e:97:
a6:17:58:73:a7:70:12:af:74:70:7e:8b:04:e9:9c:1f:2d:a5:
7c:20:1c:4d:6f:c3:b8:f6:b5:67:19:c7:5e:55:38:7f:7c:2a:
ba:9f:64:d2:c5:c6:c5:d7:78:fa:1e:de:07:24:68:d4:60:82:
bf:82:95:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKG+vcG60l8M/VSKBBVAjsFP9RuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwNTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MTNhZDAxYjMyZWEzYTFkMDFhNWI3YzA1ZTVhYjJlZGI5NDNkMjhkN2M2
YWQ2MzMzMDQ0YTQ5MWU5ZjFjNDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMueh2/qQAJbTfWNROK7mLkvhRsRmr+eN23eaw1C/m1DQi1h4IGbFDPlJU/V
//JgOvL9lqG6pta2ru6sm55Cn4FQqDInRLtf50xuEdwzka0yrNMIPlYZi6/xWFW2
lgb5R9A5wmlrT4AH19GC0BSlrznCjKejChYlYsZzMyvWvg8JRy942vpl0OPt5LQ8
dLNYObXTjL3MoKv8oybmUzLVi7wvuE5Dl2a9qB7lJzhtXQngFAK5BDLsMwzJ+6Zg
kzvKYQDbn8jnSSeJiQ5GRNzyZKMfsJm/tCKeyPoajgTSUT2oRR7M+kfCh/09ivCH
ZcvIDYJLWswkAW3ZeRPCwSCAhX0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSNLVVS
wLhlE9PnpPYZvqqk+uPQnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA
MA0GCSqGSIb3DQEBCwUAA4IBAQBTnuRcS65GKq2jdU5gyFwrCWnztVPQ0GPnV1h3
5sELFSMzALYZJrq674fzGNsLrrRpYbqwPwE7pmlDbqxd6OEXsoLDhC1JpJ0TTSgi
2JXwsbH1c6lCXykhu8CLIS9Kq+oC5n6LdfYUO7gyPbxSViPCy/WT5cZbLIUoo2s/
sfNa/8tjL09undMeDSTuKl/yBMqXQI4cwhWj66DJY6Ho+SPmvUA+TKCOMI0k/F33
K/G/GQFl7WLJFw0Pr/4KZi7IlpVd7YcVfpemF1hzp3ASr3RwfosE6ZwfLaV8IBxN
b8O49rVnGcdeVTh/fCq6n2TSxcbF13j6Ht4HJGjUYIK/gpVG
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:55:37 2026 by rpki-client