Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5cf2d254-ab7b-4496-b552-7f078de84e21.roa
File: 5cf2d254-ab7b-4496-b552-7f078de84e21.roa (raw, json)
Hash identifier: g19mtjT56qoyIIgu3gYACnjTPuRvM+3zSDc0twEFup0=
Subject key identifier: 56:0A:FA:17:60:A0:72:47:77:F3:53:C5:5A:6E:C5:9B:56:15:E4:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 194336171AE1B74D4B707E2DDEE2569B8C231A5F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5cf2d254-ab7b-4496-b552-7f078de84e21.roa
Signing time: Sun 31 May 2026 01:10:08 +0000
ROA not before: Sun 31 May 2026 01:10:08 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:43:36:17:1a:e1:b7:4d:4b:70:7e:2d:de:e2:56:9b:8c:23:1a:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:10:08 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=af630796300f6bd343702e5764242d4aeccc5fd94443117280e9a5536c7406ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3e:bf:7b:49:23:f0:d7:0f:eb:d6:17:9c:50:
4e:51:c8:bd:b3:6a:b1:ce:ed:37:4f:08:d1:fc:e7:
f4:d9:a0:78:4c:37:5d:f9:7f:7d:44:1d:d3:73:2b:
f8:90:07:14:43:a4:86:43:fa:b6:c7:c7:e0:ce:7c:
9a:b6:9f:a7:e9:0f:78:62:fb:c7:ab:b1:d9:d3:ba:
d2:b3:41:2e:ec:6e:19:76:61:de:08:19:07:2e:7d:
78:11:94:b7:26:cd:02:de:ea:05:c3:16:82:bd:24:
83:65:1a:b5:ad:78:9f:82:be:e7:65:97:48:c7:46:
57:44:38:ad:b1:2d:70:47:e7:86:cc:7e:c4:4b:a2:
ec:27:41:29:06:50:d4:5a:60:08:eb:e4:9f:8b:52:
92:a6:d8:fb:1a:5e:38:88:c2:37:ce:c6:f9:ca:0a:
cd:9b:dc:8b:85:49:62:97:92:f1:67:53:8a:1d:87:
10:1f:c4:5c:69:32:fa:8d:5b:ac:40:ca:91:44:51:
82:fb:b7:5e:93:e6:8a:a3:aa:97:79:ab:7a:ab:5b:
31:bd:c1:d5:ed:2f:3f:8e:28:4e:79:b5:af:0b:f0:
65:01:b9:1f:ac:55:a7:af:63:42:70:0a:e0:46:b5:
31:42:19:6c:02:5a:55:0c:03:5f:6e:72:17:15:86:
18:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:0A:FA:17:60:A0:72:47:77:F3:53:C5:5A:6E:C5:9B:56:15:E4:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5cf2d254-ab7b-4496-b552-7f078de84e21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:9000::/40
Signature Algorithm: sha256WithRSAEncryption
90:ba:43:c2:f5:fa:ff:5c:a6:05:df:25:22:8d:37:43:4d:70:
1b:84:d6:9c:d7:69:82:ef:89:18:8d:12:60:57:2f:e9:e2:54:
97:33:cd:2d:9a:83:3b:5f:38:eb:ef:59:36:4b:3e:63:13:60:
92:23:77:9f:1f:dc:a0:8e:c5:a1:a9:4f:22:e6:27:e9:86:f7:
a7:b8:fc:c0:40:da:4f:66:04:cc:f1:56:ba:42:69:1b:08:26:
2b:12:8b:05:5a:ed:0e:f8:4f:c3:7e:83:a4:e9:28:9b:37:14:
c4:6b:01:8c:4f:4c:55:48:71:01:4d:d9:a3:64:25:51:9a:3c:
fd:c8:f0:f5:97:d9:8b:ab:7a:1c:e8:7d:77:b3:f2:87:17:3e:
42:e6:97:03:14:91:7f:b1:f7:9a:53:64:37:67:a6:0b:80:85:
32:40:2e:aa:38:4e:a1:3b:3d:aa:48:41:1b:50:ab:08:b8:b6:
70:7d:99:0a:c0:09:fd:ed:a1:23:cc:fb:a3:16:67:b7:a0:46:
c4:16:50:ad:7c:76:9b:de:68:bf:70:ad:0f:bf:48:22:0c:6f:
e0:bb:7c:0f:d3:76:f8:f2:66:c3:d2:2a:23:db:21:f2:43:89:
a8:a6:a5:d3:b9:2a:52:b2:2d:9b:e7:f7:07:b1:f0:02:0a:9e:
fb:bc:7f:ea
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGUM2Fxrht01LcH4t3uJWm4wjGl8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTEwMDhaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmNjMwNzk2MzAwZjZiZDM0MzcwMmU1NzY0MjQyZDRhZWNjYzVmZDk0NDQz
MTE3MjgwZTlhNTUzNmM3NDA2YWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8+v3tJI/DXD+vWF5xQTlHIvbNqsc7tN08I0fzn9NmgeEw3Xfl/fUQd03Mr
+JAHFEOkhkP6tsfH4M58mrafp+kPeGL7x6ux2dO60rNBLuxuGXZh3ggZBy59eBGU
tybNAt7qBcMWgr0kg2Uata14n4K+52WXSMdGV0Q4rbEtcEfnhsx+xEui7CdBKQZQ
1FpgCOvkn4tSkqbY+xpeOIjCN87G+coKzZvci4VJYpeS8WdTih2HEB/EXGky+o1b
rEDKkURRgvu3XpPmiqOql3mreqtbMb3B1e0vP44oTnm1rwvwZQG5H6xVp69jQnAK
4Ea1MUIZbAJaVQwDX25yFxWGGDkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRWCvoX
YKByR3fzU8VabsWbVhXkPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWNmMmQyNTQtYWI3Yi00NDk2LWI1NTItN2YwNzhkZTg0ZTIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H2Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCQukPC9fr/XKYF3yUijTdDTXAbhNac12mC74kY
jRJgVy/p4lSXM80tmoM7Xzjr71k2Sz5jE2CSI3efH9ygjsWhqU8i5ifphvenuPzA
QNpPZgTM8Va6QmkbCCYrEosFWu0O+E/DfoOk6SibNxTEawGMT0xVSHEBTdmjZCVR
mjz9yPD1l9mLq3oc6H13s/KHFz5C5pcDFJF/sfeaU2Q3Z6YLgIUyQC6qOE6hOz2q
SEEbUKsIuLZwfZkKwAn97aEjzPujFme3oEbEFlCtfHab3mi/cK0Pv0giDG/gu3wP
03b48mbD0ioj2yHyQ4mopqXTuSpSsi2b5/cHsfACCp77vH/q
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:47 2026 by rpki-client