Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
File: 4e84f0a8-9d20-4219-b641-9a6905a033d9.roa (raw, json)
Hash identifier: H9uck4n0kPp/aGim/6XpX45OYy23vwep0M/x+l6Lgxg=
Subject key identifier: 35:DB:BD:7D:6D:E6:01:1D:AE:8C:A4:25:D5:3F:FB:13:B9:19:E2:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47650C35FFBDFF9ED5D3208A0703FE44EF7A7E60
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
Signing time: Tue 19 May 2026 04:40:08 +0000
ROA not before: Tue 19 May 2026 04:40:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:65:0c:35:ff:bd:ff:9e:d5:d3:20:8a:07:03:fe:44:ef:7a:7e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=9e9f569db5f41a9ba9f43a4e2f38b275eec92a53ea9fc5ae6c169e56b62b3521, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ea:65:d3:d8:06:71:a7:1b:54:f8:15:52:bb:
0b:11:be:8c:e0:19:75:26:a4:48:87:8c:41:07:d5:
af:eb:e1:9e:2f:ab:f9:09:21:7d:58:bd:32:44:1b:
31:e0:7d:89:d2:86:6a:60:9b:de:d7:5b:a3:dd:d3:
3e:df:1b:b3:dd:a3:6a:cc:66:e0:fe:d3:51:b2:af:
f7:b0:12:8d:c6:1c:21:09:47:2e:40:2e:ee:e0:30:
a6:17:62:62:b3:8d:9b:60:96:8b:70:39:c2:c3:30:
bb:2f:bb:3b:9a:ff:1d:87:a7:c7:ae:1f:6d:eb:1b:
39:35:e1:0d:fe:51:70:dd:90:1c:ca:2b:09:e3:ba:
f0:7f:32:9a:95:ca:7a:dc:ed:cb:7a:f7:ed:81:99:
24:bc:27:22:56:8c:97:66:11:b1:06:44:13:1d:89:
5d:64:c5:47:6e:3c:c7:7f:ab:e1:96:ec:29:22:83:
85:76:93:cc:9c:a1:54:32:aa:50:50:2b:e3:4c:63:
76:2f:49:62:e3:e3:6c:49:8c:f0:f6:2e:19:ea:a0:
4d:3c:37:69:74:b2:3d:58:35:6b:d1:f5:65:02:9d:
ac:42:69:cf:04:b0:4f:96:b5:ec:1e:58:96:e6:89:
3a:b9:70:a1:9a:f4:b3:30:fe:bc:f7:6b:00:4d:39:
ef:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DB:BD:7D:6D:E6:01:1D:AE:8C:A4:25:D5:3F:FB:13:B9:19:E2:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e84f0a8-9d20-4219-b641-9a6905a033d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a040::/48
Signature Algorithm: sha256WithRSAEncryption
7b:1d:a4:95:84:a3:61:96:db:25:cb:1f:a3:69:b0:cd:1b:25:
97:e2:06:23:65:ea:cb:3a:07:11:56:a5:b5:3e:c2:f0:e5:74:
9a:a8:23:8b:6b:68:19:7c:30:a3:2f:7d:87:93:6e:09:2d:20:
5c:2a:38:db:36:9f:d7:bf:b3:a0:fc:20:3f:19:a4:bc:2e:c9:
37:81:72:52:b3:a4:70:ff:b2:3b:3a:7f:cd:33:73:bc:1e:1d:
29:29:dc:97:d1:b1:58:16:c8:75:d6:58:45:c9:6f:d4:51:7b:
1f:19:e6:ad:69:95:a5:cc:5f:56:38:d3:08:cb:4a:42:da:2d:
f5:9c:4c:5d:a2:dc:9d:d6:6f:1f:75:4f:de:95:64:f7:58:0a:
2a:c4:93:91:98:ed:b2:6d:a1:c7:52:b6:d9:9e:03:79:ed:18:
ef:01:5c:b1:81:de:59:e8:df:f2:00:d3:d2:e3:52:7d:cf:d8:
3c:4c:2f:62:92:37:ae:a4:92:c9:83:8f:5e:4c:54:f6:35:af:
47:74:dd:8d:d9:d4:65:c6:af:3e:ef:7f:01:9f:de:f4:36:22:
bf:b2:70:68:f0:c1:01:b3:03:64:47:ec:1f:77:ee:1f:d2:9e:
52:41:34:d2:67:26:5a:33:4a:e3:76:18:03:58:5b:b7:3e:92:
b3:0c:b5:d1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUR2UMNf+9/57V0yCKBwP+RO96fmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDllOWY1NjlkYjVmNDFhOWJhOWY0M2E0ZTJmMzhiMjc1ZWVjOTJhNTNlYTlm
YzVhZTZjMTY5ZTU2YjYyYjM1MjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbqZdPYBnGnG1T4FVK7CxG+jOAZdSakSIeMQQfVr+vhni+r+QkhfVi9MkQb
MeB9idKGamCb3tdbo93TPt8bs92jasxm4P7TUbKv97ASjcYcIQlHLkAu7uAwphdi
YrONm2CWi3A5wsMwuy+7O5r/HYenx64fbesbOTXhDf5RcN2QHMorCeO68H8ympXK
etzty3r37YGZJLwnIlaMl2YRsQZEEx2JXWTFR248x3+r4ZbsKSKDhXaTzJyhVDKq
UFAr40xjdi9JYuPjbEmM8PYuGeqgTTw3aXSyPVg1a9H1ZQKdrEJpzwSwT5a17B5Y
luaJOrlwoZr0szD+vPdrAE0576UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ12719
beYBHa6MpCXVP/sTuRniMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGU4NGYwYTgtOWQyMC00MjE5LWI2NDEtOWE2OTA1YTAzM2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
QDANBgkqhkiG9w0BAQsFAAOCAQEAex2klYSjYZbbJcsfo2mwzRsll+IGI2XqyzoH
EValtT7C8OV0mqgji2toGXwwoy99h5NuCS0gXCo42zaf17+zoPwgPxmkvC7JN4Fy
UrOkcP+yOzp/zTNzvB4dKSncl9GxWBbIddZYRclv1FF7HxnmrWmVpcxfVjjTCMtK
Qtot9ZxMXaLcndZvH3VP3pVk91gKKsSTkZjtsm2hx1K22Z4Dee0Y7wFcsYHeWejf
8gDT0uNSfc/YPEwvYpI3rqSSyYOPXkxU9jWvR3TdjdnUZcavPu9/AZ/e9DYiv7Jw
aPDBAbMDZEfsH3fuH9KeUkE00mcmWjNK43YYA1hbtz6Sswy10Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:38 2026 by rpki-client