Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
File: 5767e356-231b-4b87-98ab-c496dcc2d53f.roa (raw, json)
Hash identifier: dOsiPoNfCrj2DLRAxQKiJUqnEc3aoxta3J/065eU8po=
Subject key identifier: 00:08:4B:78:30:E4:11:33:66:34:29:3D:8F:8E:72:F3:BE:2C:11:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5AD0B9AF72C786D858215B77BE82315195AA300E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
Signing time: Sat 28 Feb 2026 05:40:07 +0000
ROA not before: Sat 28 Feb 2026 05:40:07 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:d0:b9:af:72:c7:86:d8:58:21:5b:77:be:82:31:51:95:aa:30:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:07 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f8d0e4d773169d103c6669ac29facf7d70b94e2b8bf2a4d858bc487dfae565af, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e3:9d:f9:46:1d:30:77:e0:ff:39:21:d5:09:
4a:62:cf:62:27:8c:f0:c8:47:35:d1:6e:72:c2:53:
76:1b:89:b7:3b:6c:c5:87:fc:4c:ac:1c:10:69:35:
22:c6:ec:d9:cd:ae:ab:3d:26:32:09:be:70:8e:24:
30:c3:49:07:c7:09:91:40:62:cf:e2:ea:bb:a2:f6:
2a:ac:80:2a:32:fd:e1:31:10:cc:82:df:fa:35:78:
94:01:27:9e:d0:3b:a4:09:9a:d9:ad:3f:39:06:c1:
8e:8a:f6:43:59:db:d0:ff:f9:58:68:b0:2b:21:85:
9c:4c:5a:01:d8:5b:d6:0b:5b:96:9e:41:bc:94:ae:
38:2b:e9:90:cb:3e:fe:fe:5a:a9:38:87:0c:82:29:
2a:a6:1b:42:87:fe:5e:70:4a:8c:74:fe:0b:c2:10:
80:ab:b1:c2:df:83:ef:00:7f:23:7a:91:02:ff:ca:
ce:a9:25:ff:ca:cb:80:1c:77:c4:27:8f:f5:ff:89:
2c:f6:fc:54:4e:cb:b5:88:21:4a:b8:e6:94:3c:f4:
36:a1:9e:61:25:53:96:de:19:90:21:d2:2d:a1:1a:
72:af:47:21:d3:ee:00:34:56:35:88:70:5e:d4:5c:
bd:6e:55:43:57:92:38:3d:15:4f:75:d9:78:4f:03:
1d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:08:4B:78:30:E4:11:33:66:34:29:3D:8F:8E:72:F3:BE:2C:11:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5767e356-231b-4b87-98ab-c496dcc2d53f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:c000::/40
Signature Algorithm: sha256WithRSAEncryption
87:81:1b:0a:25:d3:12:9c:2b:9e:68:86:eb:ba:77:ca:7d:fa:
15:7b:19:48:82:4d:e4:6a:21:b8:69:48:c7:c6:e9:b9:f9:16:
c6:e6:a8:d1:a9:1d:57:c1:34:68:d4:5f:1f:da:6a:2d:7d:15:
bd:e0:7c:53:d2:f0:12:12:d9:0f:bf:fa:36:b9:41:64:0f:0d:
41:62:e0:63:f4:fe:b0:57:a8:63:17:0a:55:8e:82:70:0a:d1:
2f:0a:ed:76:d7:54:1e:bb:63:bb:59:ea:2b:57:fa:d0:4c:f1:
4e:ef:56:77:ef:31:97:e2:8b:5b:dd:61:d6:7c:ba:2a:0a:50:
2d:f1:90:84:2e:ce:e5:4a:67:76:b0:ef:ca:d5:99:f3:e7:a6:
b3:d2:95:fa:ca:58:df:17:00:c5:55:2e:56:8c:c8:10:9a:b4:
0d:5d:f1:6d:27:34:6b:6f:04:8b:14:3a:fe:73:ff:23:77:71:
ae:75:89:8e:c6:29:84:a6:fa:aa:cc:a6:0d:e6:a0:95:6d:f5:
23:bf:49:e3:c3:51:09:7c:8e:26:f4:7e:0f:af:69:38:e9:8d:
f4:4a:14:d9:d0:70:b5:5c:ab:5e:2e:11:9e:2b:8a:ff:26:50:
cf:f6:ce:51:9f:dc:98:62:7a:f6:1c:ef:ec:13:9b:58:1b:19:
d9:46:88:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWtC5r3LHhthYIVt3voIxUZWqMA4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwMDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4ZDBlNGQ3NzMxNjlkMTAzYzY2NjlhYzI5ZmFjZjdkNzBiOTRlMmI4YmYy
YTRkODU4YmM0ODdkZmFlNTY1YWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbjnflGHTB34P85IdUJSmLPYieM8MhHNdFucsJTdhuJtztsxYf8TKwcEGk1
Isbs2c2uqz0mMgm+cI4kMMNJB8cJkUBiz+Lqu6L2KqyAKjL94TEQzILf+jV4lAEn
ntA7pAma2a0/OQbBjor2Q1nb0P/5WGiwKyGFnExaAdhb1gtblp5BvJSuOCvpkMs+
/v5aqTiHDIIpKqYbQof+XnBKjHT+C8IQgKuxwt+D7wB/I3qRAv/Kzqkl/8rLgBx3
xCeP9f+JLPb8VE7LtYghSrjmlDz0NqGeYSVTlt4ZkCHSLaEacq9HIdPuADRWNYhw
XtRcvW5VQ1eSOD0VT3XZeE8DHVcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQACEt4
MOQRM2Y0KT2PjnLzviwRfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTc2N2UzNTYtMjMxYi00Yjg3LTk4YWItYzQ5NmRjYzJkNTNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DbA
MA0GCSqGSIb3DQEBCwUAA4IBAQCHgRsKJdMSnCueaIbrunfKffoVexlIgk3kaiG4
aUjHxum5+RbG5qjRqR1XwTRo1F8f2motfRW94HxT0vASEtkPv/o2uUFkDw1BYuBj
9P6wV6hjFwpVjoJwCtEvCu1211Qeu2O7WeorV/rQTPFO71Z37zGX4otb3WHWfLoq
ClAt8ZCELs7lSmd2sO/K1Znz56az0pX6yljfFwDFVS5WjMgQmrQNXfFtJzRrbwSL
FDr+c/8jd3GudYmOximEpvqqzKYN5qCVbfUjv0njw1EJfI4m9H4Pr2k46Y30ShTZ
0HC1XKteLhGeK4r/JlDP9s5Rn9yYYnr2HO/sE5tYGxnZRoiO
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:02 2026 by rpki-client