Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
File: 5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa (raw, json)
Hash identifier: UP8+CEPt3DKxCqsAVylmGzQghXcjNdcWK/a6UqNYa8E=
Subject key identifier: B8:F0:2A:F0:21:0B:23:AD:93:EA:AA:8E:A7:3C:E4:15:34:A1:37:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3CD377017CC7761BE09D9D3014F2137446FF56C2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
Signing time: Tue 19 May 2026 05:31:22 +0000
ROA not before: Tue 19 May 2026 05:31:22 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:d3:77:01:7c:c7:76:1b:e0:9d:9d:30:14:f2:13:74:46:ff:56:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:31:22 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=cd56ea0f00a650be6ef829faaf4053a509eee6c5bc494a678dcb921a3e12b12d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:76:ca:9e:ea:5d:1f:e9:58:3c:24:85:8d:22:
73:80:b7:9a:c2:51:f8:de:35:a0:ec:04:30:e4:4d:
eb:a0:1b:7f:48:53:60:f5:3a:5f:8d:4b:0d:0e:f2:
80:bc:3f:21:84:85:52:99:49:38:1b:b9:2d:9b:0c:
46:f3:43:1d:05:6f:a7:80:f8:3a:78:06:a7:ba:0d:
e8:25:bc:36:48:0e:57:2b:0c:1b:ee:b3:44:a2:00:
de:99:ff:98:dc:2c:eb:2b:37:49:bd:0b:22:f5:c1:
47:19:b7:cf:96:61:6f:7b:c7:e0:06:06:fa:01:1d:
58:04:89:76:f5:7d:41:7f:c3:37:d4:f4:aa:62:8a:
7c:19:58:6f:30:ae:d9:a6:b3:3b:5c:b0:04:cb:3f:
5e:61:40:20:e9:f9:07:df:d1:26:67:fb:0e:78:f7:
c5:3e:18:27:87:e1:fe:3f:84:f8:28:2e:a1:8a:60:
6d:d4:3f:14:64:c3:89:cf:c5:04:11:e1:fe:9d:6e:
dc:ea:16:a9:77:f6:47:d5:08:e5:d3:c0:91:86:ff:
b9:09:7e:ec:e8:cd:b3:29:0f:97:8d:73:fe:6c:ea:
a6:1e:6e:16:b7:66:a7:cf:68:29:42:7f:16:ca:28:
bb:4a:9a:8d:ff:a9:b3:76:2f:73:68:fb:22:57:d7:
d3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F0:2A:F0:21:0B:23:AD:93:EA:AA:8E:A7:3C:E4:15:34:A1:37:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025:1000::/36
Signature Algorithm: sha256WithRSAEncryption
14:a5:00:79:59:e9:66:d8:7b:e2:4e:bb:f5:f3:8b:70:73:46:
80:fb:aa:1e:ae:ba:03:69:fb:ab:5b:40:d3:66:fe:61:a3:c9:
63:7f:46:18:c7:f7:2c:85:59:32:dd:eb:b8:77:98:db:44:3b:
bf:f0:1e:75:8c:8a:c6:23:7b:65:b3:b4:2d:13:36:e7:4a:f6:
51:e8:85:d3:4a:13:75:0e:3b:90:34:f6:4d:9f:3f:fc:dd:c4:
68:a7:9e:95:0f:4a:9f:b8:36:b9:5a:a2:23:8b:32:b7:08:4a:
dd:b3:65:78:af:a8:53:06:ae:fa:18:4f:2f:d6:6b:94:68:69:
94:a7:1c:de:cd:b7:70:d6:03:01:95:39:25:de:e4:68:41:e4:
a2:29:fc:b4:58:bb:d1:18:de:b3:e0:0a:fa:3d:20:8f:2b:56:
35:75:f5:5e:25:d1:e3:db:19:1f:fa:aa:21:42:f7:ea:8c:b4:
67:b9:1c:ad:3c:6b:41:09:e4:9b:e1:c4:6d:2c:5c:a3:fb:19:
2d:08:0c:72:56:41:43:8a:b1:74:ba:23:5b:29:0f:86:7d:3c:
0c:a3:bd:c7:ca:55:d5:a0:50:62:64:7f:46:f6:40:9a:ef:14:
e3:9d:21:06:02:fa:d4:e3:f0:f3:6c:f2:14:cd:a6:17:b6:ef:
02:cf:e3:ec
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPNN3AXzHdhvgnZ0wFPITdEb/VsIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMxMjJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkNTZlYTBmMDBhNjUwYmU2ZWY4MjlmYWFmNDA1M2E1MDllZWU2YzViYzQ5
NGE2NzhkY2I5MjFhM2UxMmIxMmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMR2yp7qXR/pWDwkhY0ic4C3msJR+N41oOwEMORN66Abf0hTYPU6X41LDQ7y
gLw/IYSFUplJOBu5LZsMRvNDHQVvp4D4OngGp7oN6CW8NkgOVysMG+6zRKIA3pn/
mNws6ys3Sb0LIvXBRxm3z5Zhb3vH4AYG+gEdWASJdvV9QX/DN9T0qmKKfBlYbzCu
2aazO1ywBMs/XmFAIOn5B9/RJmf7Dnj3xT4YJ4fh/j+E+CguoYpgbdQ/FGTDic/F
BBHh/p1u3OoWqXf2R9UI5dPAkYb/uQl+7OjNsykPl41z/mzqph5uFrdmp89oKUJ/
Fsoou0qajf+ps3Yvc2j7IlfX0/ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS48Crw
IQsjrZPqqo6nPOQVNKE3WTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWE1ODVlOWQtOGJmMC00YmMxLWFkN2ItYjZjM2UwYmY5YjkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAUpQB5Welm2HviTrv184twc0aA+6oerroDafur
W0DTZv5ho8ljf0YYx/cshVky3eu4d5jbRDu/8B51jIrGI3tls7QtEzbnSvZR6IXT
ShN1DjuQNPZNnz/83cRop56VD0qfuDa5WqIjizK3CErds2V4r6hTBq76GE8v1muU
aGmUpxzezbdw1gMBlTkl3uRoQeSiKfy0WLvRGN6z4Ar6PSCPK1Y1dfVeJdHj2xkf
+qohQvfqjLRnuRytPGtBCeSb4cRtLFyj+xktCAxyVkFDirF0uiNbKQ+GfTwMo73H
ylXVoFBiZH9G9kCa7xTjnSEGAvrU4/DzbPIUzaYXtu8Cz+Ps
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:45:01 2026 by rpki-client