Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
File: 546828d4-9f43-44c2-bff8-aafeddca4e25.roa (raw, json)
Hash identifier: 55B3EFVdxBLqVijjpsqDDqQS6BdlYzt1eSNT1QL0+w8=
Subject key identifier: EB:C0:6E:60:CD:AC:98:7F:72:0D:6D:2A:6A:85:A0:3C:2F:CA:FF:2D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EA95CA66B9B31C55DD51D30CF1A4DCCEF7EEEEE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
Signing time: Sat 28 Feb 2026 06:21:05 +0000
ROA not before: Sat 28 Feb 2026 06:21:05 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:a9:5c:a6:6b:9b:31:c5:5d:d5:1d:30:cf:1a:4d:cc:ef:7e:ee:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:05 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=93e44ec7b07aa5f078ca86b94056f97d7b8749a56f7145f162771791e3f569d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:37:ac:4b:55:86:25:21:bc:53:e2:53:a6:dd:
37:6c:b4:b1:62:e6:72:3d:ff:cf:93:84:27:13:6d:
d6:f7:28:60:49:71:ec:ea:b3:c0:d6:3b:40:db:bc:
1c:dd:50:85:e0:72:4a:43:39:c1:fc:61:0b:73:96:
6c:3b:ab:31:68:b0:6c:d0:db:dc:3f:6e:0b:84:5b:
d0:1d:9e:2f:2e:f5:d6:f6:7e:b9:ad:00:64:fd:66:
d9:8f:90:f1:9f:91:c9:23:a3:a8:19:28:74:26:09:
95:d2:7d:8b:38:a0:47:ed:28:b2:10:56:ab:a1:ef:
68:22:c1:80:6f:85:f3:35:a9:f4:ef:8e:2a:3a:64:
8c:c3:12:d9:e7:56:b8:56:4c:27:52:62:ed:e7:14:
63:5e:ae:63:3d:fe:79:5f:53:dc:d3:dc:4b:86:db:
d1:31:3e:2f:f3:6f:38:30:71:23:53:8f:d9:c8:bc:
d0:04:87:45:16:19:31:99:f7:7d:99:fe:68:78:60:
8c:15:b1:28:a1:9a:f2:d0:8d:59:4a:3c:3d:d0:46:
3b:98:cc:ca:22:08:ff:bb:5e:b8:93:15:a5:6e:da:
82:ab:1e:c5:37:26:4a:54:e3:d3:bc:30:47:6c:2f:
da:e2:12:0d:1a:dd:1c:28:05:cd:89:bf:fd:16:6d:
54:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C0:6E:60:CD:AC:98:7F:72:0D:6D:2A:6A:85:A0:3C:2F:CA:FF:2D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e040::/48
Signature Algorithm: sha256WithRSAEncryption
80:12:1a:3b:ae:f0:d5:53:bf:51:0d:9d:30:84:10:2b:5d:1b:
9d:60:0f:cb:dc:de:1d:f0:56:68:8d:58:21:35:9a:03:60:50:
80:bd:94:0c:eb:d1:a7:7f:21:90:33:b3:95:93:5f:31:22:10:
3d:5f:27:27:76:d2:2f:79:35:25:a2:72:e2:66:e1:0b:f3:93:
0a:30:1b:40:82:2a:f5:e6:d6:93:f4:14:d7:d2:12:32:a8:20:
4c:8c:ce:98:58:eb:7e:b8:bd:2d:2a:e3:ac:1b:17:dc:57:08:
50:af:1f:3a:be:d4:ba:08:4c:ee:48:da:94:44:22:a9:5c:d0:
7e:91:51:e9:ed:5e:b5:1e:e1:75:02:f0:90:62:16:43:60:ce:
7e:99:ce:01:ac:21:52:92:61:cf:28:6a:48:68:4a:c8:57:0c:
69:cd:9a:95:c8:00:8d:f9:69:e4:7f:65:88:0f:85:d4:2e:4a:
84:f6:59:57:f1:3b:44:cc:c9:41:52:48:39:1b:d0:30:4c:0d:
85:07:e2:fd:57:80:e9:f5:84:fc:8c:c2:5c:0d:b3:f2:95:ec:
7e:91:03:43:3a:2c:d9:1f:1b:47:c3:c2:b9:1f:ab:81:43:7d:
8a:d2:f5:5c:b4:df:a4:24:99:28:49:2f:c7:e6:88:ae:67:fc:
6c:95:c0:3c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXqlcpmubMcVd1R0wzxpNzO9+7u4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMDVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzZTQ0ZWM3YjA3YWE1ZjA3OGNhODZiOTQwNTZmOTdkN2I4NzQ5YTU2Zjcx
NDVmMTYyNzcxNzkxZTNmNTY5ZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI03rEtVhiUhvFPiU6bdN2y0sWLmcj3/z5OEJxNt1vcoYElx7OqzwNY7QNu8
HN1QheBySkM5wfxhC3OWbDurMWiwbNDb3D9uC4Rb0B2eLy711vZ+ua0AZP1m2Y+Q
8Z+RySOjqBkodCYJldJ9izigR+0oshBWq6HvaCLBgG+F8zWp9O+OKjpkjMMS2edW
uFZMJ1Ji7ecUY16uYz3+eV9T3NPcS4bb0TE+L/NvODBxI1OP2ci80ASHRRYZMZn3
fZn+aHhgjBWxKKGa8tCNWUo8PdBGO5jMyiII/7teuJMVpW7agqsexTcmSlTj07ww
R2wv2uISDRrdHCgFzYm//RZtVF0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTrwG5g
zayYf3INbSpqhaA8L8r/LTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQ2ODI4ZDQtOWY0My00NGMyLWJmZjgtYWFmZWRkY2E0ZTI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
QDANBgkqhkiG9w0BAQsFAAOCAQEAgBIaO67w1VO/UQ2dMIQQK10bnWAPy9zeHfBW
aI1YITWaA2BQgL2UDOvRp38hkDOzlZNfMSIQPV8nJ3bSL3k1JaJy4mbhC/OTCjAb
QIIq9ebWk/QU19ISMqggTIzOmFjrfri9LSrjrBsX3FcIUK8fOr7UughM7kjalEQi
qVzQfpFR6e1etR7hdQLwkGIWQ2DOfpnOAawhUpJhzyhqSGhKyFcMac2alcgAjflp
5H9liA+F1C5KhPZZV/E7RMzJQVJIORvQMEwNhQfi/VeA6fWE/IzCXA2z8pXsfpED
Qzos2R8bR8PCuR+rgUN9itL1XLTfpCSZKEkvx+aIrmf8bJXAPA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:49:08 2026 by rpki-client