Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
File: 4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa (raw, json)
Hash identifier: RROP/ixmrhQAhCklyWso8Jci9O+2cPQFR3UWgNR/qCA=
Subject key identifier: 69:14:1B:B3:2E:5C:90:53:45:3E:36:1D:A6:69:67:A4:CC:DA:AA:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A7E0F7C041A75FBB8084AED12081071EB2B380D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
Signing time: Thu 26 Feb 2026 02:00:11 +0000
ROA not before: Thu 26 Feb 2026 02:00:11 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:7e:0f:7c:04:1a:75:fb:b8:08:4a:ed:12:08:10:71:eb:2b:38:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 26 02:00:11 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=1ba86be8afade39e51987364bd0b5f6db2f05d65af9e414619d31abc962c5066, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:02:3b:00:7a:c4:22:0f:a0:fd:b5:74:ea:bc:
b2:8f:c1:1b:54:85:10:92:f2:ee:a1:05:80:dd:5b:
31:7e:0d:92:a1:f4:be:77:17:9a:ae:7d:ab:20:37:
dc:38:ce:de:a4:4f:14:23:a9:27:38:e5:8b:e0:3b:
f9:b8:e8:c6:b0:cd:72:d0:6a:a5:00:a5:e4:cc:28:
91:d2:a3:c4:18:0c:6b:7a:db:a1:d0:59:e8:f7:4a:
5d:5c:a3:c8:e4:48:77:16:5a:c3:be:a3:e9:24:00:
11:fe:b6:27:43:bc:38:4b:0e:ec:cc:14:ef:a7:00:
a8:1a:ea:94:1b:14:35:96:33:48:fe:55:9b:c6:5d:
51:b2:90:3b:fe:52:cf:ed:d5:ec:3b:10:68:c2:7c:
0d:0d:cb:c1:8c:18:12:3a:b3:d9:10:20:1a:d2:1c:
11:66:ad:5f:88:ad:d0:67:32:88:d7:77:21:b4:1b:
86:2e:7d:d3:bb:67:c2:0f:a8:4b:a6:f9:40:0f:d3:
2f:5a:eb:72:c3:04:88:2c:38:5b:7e:3a:74:30:f5:
88:52:21:01:31:33:6d:d0:57:55:fc:cb:2b:72:24:
34:30:bc:5c:c3:04:63:b5:d0:4c:96:b7:f3:72:5d:
28:71:18:48:ad:f4:b7:5a:8d:7a:05:7c:a1:bf:b9:
ee:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:14:1B:B3:2E:5C:90:53:45:3E:36:1D:A6:69:67:A4:CC:DA:AA:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
85:c5:4e:a6:a2:1c:a0:52:b9:ea:d2:b0:fe:16:f4:7e:52:6d:
fb:0d:f4:8a:a8:b0:77:3b:de:99:e3:3f:21:19:59:a0:e2:6f:
cb:5a:a6:49:34:36:2a:55:42:9b:9f:76:58:36:61:4f:11:02:
1b:b7:0a:d5:64:27:1d:cb:b4:8d:ff:a4:03:1a:ee:03:1a:a3:
a2:9d:87:31:fc:84:ea:0c:a5:d2:46:40:e5:73:de:de:2a:36:
9a:05:82:49:a0:f4:e2:ff:e6:95:71:fb:28:65:28:23:b5:45:
7c:8d:9a:4b:03:97:21:c4:37:97:71:60:3e:3a:50:b9:b3:20:
df:f1:d3:6c:4b:7d:4e:55:a4:9f:37:42:44:5d:4a:4f:e9:5e:
12:43:f8:fa:eb:ef:11:a1:87:b1:63:4c:fb:83:c7:06:b0:3b:
89:7f:24:2c:8d:e4:f0:0b:64:80:be:63:72:7c:af:5c:be:1f:
3b:dd:8d:8c:26:1c:c1:05:75:31:a2:53:62:f2:77:e6:94:6f:
df:12:f7:72:d9:6c:f7:c9:97:21:d8:72:b8:59:51:f0:31:f8:
f6:a3:da:51:a2:7a:54:27:13:f9:31:40:0d:7e:62:27:08:d3:
88:9a:c6:8f:0e:5a:cc:88:14:f8:f9:6f:25:d3:bf:31:75:01:
b1:d5:d7:9b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUen4PfAQadfu4CErtEggQcesrOA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjYwMjAwMTFaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiYTg2YmU4YWZhZGUzOWU1MTk4NzM2NGJkMGI1ZjZkYjJmMDVkNjVhZjll
NDE0NjE5ZDMxYWJjOTYyYzUwNjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcCOwB6xCIPoP21dOq8so/BG1SFEJLy7qEFgN1bMX4NkqH0vncXmq59qyA3
3DjO3qRPFCOpJzjli+A7+bjoxrDNctBqpQCl5MwokdKjxBgMa3rbodBZ6PdKXVyj
yORIdxZaw76j6SQAEf62J0O8OEsO7MwU76cAqBrqlBsUNZYzSP5Vm8ZdUbKQO/5S
z+3V7DsQaMJ8DQ3LwYwYEjqz2RAgGtIcEWatX4it0GcyiNd3IbQbhi5907tnwg+o
S6b5QA/TL1rrcsMEiCw4W346dDD1iFIhATEzbdBXVfzLK3IkNDC8XMMEY7XQTJa3
83JdKHEYSK30t1qNegV8ob+57lMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRpFBuz
LlyQU0U+Nh2maWekzNqqWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI2YTdjMGEtM2U0YS00NzM3LWI5MmItZmFjMjJkZTg3NTdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
wDANBgkqhkiG9w0BAQsFAAOCAQEAhcVOpqIcoFK56tKw/hb0flJt+w30iqiwdzve
meM/IRlZoOJvy1qmSTQ2KlVCm592WDZhTxECG7cK1WQnHcu0jf+kAxruAxqjop2H
MfyE6gyl0kZA5XPe3io2mgWCSaD04v/mlXH7KGUoI7VFfI2aSwOXIcQ3l3FgPjpQ
ubMg3/HTbEt9TlWknzdCRF1KT+leEkP4+uvvEaGHsWNM+4PHBrA7iX8kLI3k8Atk
gL5jcnyvXL4fO92NjCYcwQV1MaJTYvJ35pRv3xL3ctls98mXIdhyuFlR8DH49qPa
UaJ6VCcT+TFADX5iJwjTiJrGjw5azIgU+PlvJdO/MXUBsdXXmw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:48:50 2026 by rpki-client