Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51b3d4ec-2ade-4aaa-b3ce-e1eb7028fdb7.roa
File: 51b3d4ec-2ade-4aaa-b3ce-e1eb7028fdb7.roa (raw, json)
Hash identifier: KI6MZsyyyPPbS6AiXDLmrNSeEXm/ZtNi2KnLdU8QZic=
Subject key identifier: 21:65:EE:BC:C9:AB:1C:A6:F2:22:07:7F:3A:0C:BA:E5:03:18:BB:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B72DA3B22845C269D4AD022611FF5774A4579C0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51b3d4ec-2ade-4aaa-b3ce-e1eb7028fdb7.roa
Signing time: Fri 15 May 2026 03:50:08 +0000
ROA not before: Fri 15 May 2026 03:50:08 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:72:da:3b:22:84:5c:26:9d:4a:d0:22:61:1f:f5:77:4a:45:79:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 03:50:08 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=d80566ad21e9d75525cb41a8577d68e3ecf7832c3e4940274fa45851fc449a2c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ed:06:01:33:26:27:5b:df:86:eb:3f:ec:87:
ed:03:ae:ef:00:8f:98:40:ac:98:b8:e4:dd:24:5d:
54:a7:95:8c:87:54:31:2e:b8:3f:d2:9f:78:d0:23:
e5:a5:e2:8f:d0:a2:1d:a6:b5:c9:86:81:63:b1:2a:
df:a4:28:20:4c:14:e6:84:45:10:f0:6d:eb:16:c2:
14:17:1c:60:7b:51:9c:e8:cb:b8:ee:26:fc:26:0a:
84:ed:9f:2e:6a:90:17:3f:56:89:19:05:5b:d4:29:
93:7e:32:66:05:d7:c3:78:9f:76:7a:37:a1:7f:f2:
36:31:e5:ae:69:4b:6d:c9:b0:69:14:e8:9b:a4:34:
d9:bf:96:5b:b0:f1:a2:b0:11:a9:56:2a:e8:57:c8:
c1:c6:fa:13:43:0e:2d:c3:4c:07:60:8c:6a:30:26:
eb:24:ad:df:a6:a2:2f:95:37:05:73:64:54:09:28:
95:b2:eb:5e:0c:6e:fb:b9:5d:50:22:27:df:33:c5:
3d:d8:7f:ad:7a:6d:29:46:a2:c9:fa:3f:8c:ad:7f:
21:79:2f:1c:5e:c3:34:33:3b:df:f9:4a:36:94:bc:
38:79:18:bf:f6:ea:9a:d7:bc:85:14:c8:f4:2e:90:
2a:09:74:71:a1:1a:14:54:4b:52:30:15:f7:0e:52:
e4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:65:EE:BC:C9:AB:1C:A6:F2:22:07:7F:3A:0C:BA:E5:03:18:BB:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51b3d4ec-2ade-4aaa-b3ce-e1eb7028fdb7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:2000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:f8:19:92:ee:ca:8f:35:30:f2:08:67:a7:1e:d3:c2:29:0b:
4a:9f:db:d9:14:80:1c:db:dd:64:81:22:a6:2f:da:17:fc:64:
bf:32:16:36:63:60:df:95:80:04:ee:2b:6f:3a:89:34:17:37:
e7:c3:2a:b5:1d:ed:e3:da:b8:e5:a5:de:3f:3f:76:26:aa:e8:
a1:15:02:6d:8d:65:bf:e6:de:a7:0f:d7:2a:58:af:8f:89:f8:
ae:2b:fa:d1:fe:75:69:e3:7a:75:7b:5b:6e:27:8a:e1:08:04:
95:fd:cf:0e:40:01:a6:e0:48:68:e2:8e:6c:76:fe:ba:d8:30:
41:4b:0b:90:d7:dd:f3:f1:a7:91:3d:2c:19:5f:98:ab:55:61:
a2:8a:30:36:1b:92:81:7c:c5:ee:83:18:e3:88:83:b0:42:16:
39:16:a9:f8:68:99:b4:48:f9:e9:12:07:78:32:b8:e9:e4:c1:
15:8d:fd:40:ca:a4:bb:73:8a:17:6c:a4:70:c2:ae:c2:ef:53:
a4:47:07:4f:b6:18:68:5e:d3:95:fa:58:96:e4:25:58:48:af:
6b:1b:d6:b6:6a:f4:a0:a4:bf:57:eb:78:20:44:0e:e3:f7:7e:
8e:bc:1f:67:c6:97:fe:f7:c4:25:ba:da:1a:0a:79:7a:5b:89:
50:08:ee:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC3LaOyKEXCadStAiYR/1d0pFecAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMzUwMDhaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4MDU2NmFkMjFlOWQ3NTUyNWNiNDFhODU3N2Q2OGUzZWNmNzgzMmMzZTQ5
NDAyNzRmYTQ1ODUxZmM0NDlhMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKDtBgEzJidb34brP+yH7QOu7wCPmECsmLjk3SRdVKeVjIdUMS64P9KfeNAj
5aXij9CiHaa1yYaBY7Eq36QoIEwU5oRFEPBt6xbCFBccYHtRnOjLuO4m/CYKhO2f
LmqQFz9WiRkFW9Qpk34yZgXXw3ifdno3oX/yNjHlrmlLbcmwaRTom6Q02b+WW7Dx
orARqVYq6FfIwcb6E0MOLcNMB2CMajAm6ySt36aiL5U3BXNkVAkolbLrXgxu+7ld
UCIn3zPFPdh/rXptKUaiyfo/jK1/IXkvHF7DNDM73/lKNpS8OHkYv/bqmte8hRTI
9C6QKgl0caEaFFRLUjAV9w5S5JkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQhZe68
yascpvIiB386DLrlAxi7ZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTFiM2Q0ZWMtMmFkZS00YWFhLWIzY2UtZTFlYjcwMjhmZGI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hsg
MA0GCSqGSIb3DQEBCwUAA4IBAQA8+BmS7sqPNTDyCGenHtPCKQtKn9vZFIAc291k
gSKmL9oX/GS/MhY2Y2DflYAE7itvOok0Fzfnwyq1He3j2rjlpd4/P3YmquihFQJt
jWW/5t6nD9cqWK+PifiuK/rR/nVp43p1e1tuJ4rhCASV/c8OQAGm4Eho4o5sdv66
2DBBSwuQ193z8aeRPSwZX5irVWGiijA2G5KBfMXugxjjiIOwQhY5Fqn4aJm0SPnp
Egd4Mrjp5MEVjf1AyqS7c4oXbKRwwq7C71OkRwdPthhoXtOV+liW5CVYSK9rG9a2
avSgpL9X63ggRA7j936OvB9nxpf+98QlutoaCnl6W4lQCO7X
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:19 2026 by rpki-client