Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64684954-799f-46d7-8787-162c408d43e7.roa
File: 64684954-799f-46d7-8787-162c408d43e7.roa (raw, json)
Hash identifier: bHjJ4RxLrO7+QE2g0I3r3xNg4Nl8CzTti4/8dL10T1c=
Subject key identifier: 9B:06:F5:4A:3D:E4:47:FF:D0:40:5A:8C:D2:79:55:3F:D7:69:AF:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 31E897623E461E965C92E9C794A4D89AD0429899
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64684954-799f-46d7-8787-162c408d43e7.roa
Signing time: Sun 31 May 2026 01:00:05 +0000
ROA not before: Sun 31 May 2026 01:00:05 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:e8:97:62:3e:46:1e:96:5c:92:e9:c7:94:a4:d8:9a:d0:42:98:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:00:05 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=fc53be396c091ea14b46fee50f5a35d3e006265b88f23ede1b0ff1ee4887ac40, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5d:9b:0f:4c:80:94:b2:37:64:53:1e:69:3f:
9d:b7:6d:47:4b:e3:bc:f3:6a:1a:b9:14:66:a7:31:
55:0b:64:62:2c:ba:57:dd:0e:93:de:96:a7:55:bd:
4c:19:12:4e:33:e2:b4:62:db:fd:a5:4f:c2:cd:a5:
59:01:29:fc:2b:f0:00:bb:c0:5d:61:31:f2:c8:51:
6b:71:0e:86:63:6a:b6:48:4a:1a:c3:ea:3e:4b:43:
47:c1:d4:f3:53:d3:6e:6b:1f:d3:f5:f7:7f:5c:c3:
35:57:f0:ab:20:a5:cb:5d:41:0d:d0:7e:4f:09:02:
a9:d6:76:34:59:a4:91:7f:da:56:fd:da:e3:10:19:
ef:6c:12:5f:1d:12:ef:26:1a:59:eb:a3:4f:65:56:
09:29:e5:02:65:c7:ed:ec:77:04:6d:cd:83:49:1d:
13:af:df:4d:c7:8d:a3:f1:b6:7c:ba:e3:19:2f:ad:
92:aa:e9:98:6b:3b:1e:71:d3:f9:30:09:79:00:df:
10:94:6d:27:96:01:8d:68:6d:22:e6:5e:98:ac:e2:
23:a4:4b:46:a7:48:1b:f4:eb:91:17:29:e4:f0:d2:
01:26:0e:c1:1d:7a:d7:48:40:6e:52:47:2f:e6:55:
02:ae:db:eb:25:96:6e:62:96:b8:2a:5a:b9:66:47:
5c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:06:F5:4A:3D:E4:47:FF:D0:40:5A:8C:D2:79:55:3F:D7:69:AF:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/64684954-799f-46d7-8787-162c408d43e7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:5000::/40
Signature Algorithm: sha256WithRSAEncryption
18:6c:35:1b:3e:c9:11:c8:a2:e8:59:95:7b:8e:80:91:77:47:
ec:f5:a2:7e:50:6a:2a:3d:f1:9d:09:a5:66:6e:b9:6f:a9:cf:
d7:a4:a2:d3:12:97:41:ed:56:5a:9a:08:31:f1:54:26:08:b2:
6e:fc:c7:fa:58:6e:c0:03:98:75:20:c6:21:7f:fd:30:28:d0:
aa:b4:87:d5:9e:01:23:b5:a7:6c:57:cc:0c:dd:c7:62:67:b2:
c7:7d:d4:42:7c:d2:37:d0:3c:13:e6:37:65:c6:b6:7e:a4:dd:
ae:06:44:6b:a9:de:5e:37:5e:a9:ea:dc:be:7c:29:31:52:39:
45:55:d1:12:b2:cf:ac:e9:e6:66:5c:e0:7b:33:68:56:8b:36:
b4:4a:f8:3f:6a:5c:14:7c:fa:d6:ee:d3:27:c4:5b:b3:4f:8a:
6e:a6:3c:7a:e1:1b:a9:65:f6:e4:d0:90:29:15:d3:6c:b2:dc:
59:fb:c8:50:28:d7:56:23:d8:a7:0f:d5:21:27:7c:a9:6c:00:
4d:68:7f:5e:d4:f4:a4:27:cd:65:59:78:a2:83:98:cb:52:69:
b1:38:33:d4:50:50:92:24:a3:e1:37:42:4a:24:42:36:5d:f9:
20:a8:5f:f5:0f:f9:30:0f:1f:f5:a2:3f:e2:92:4d:a0:41:93:
94:ee:80:4d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMeiXYj5GHpZckunHlKTYmtBCmJkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTAwMDVaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjNTNiZTM5NmMwOTFlYTE0YjQ2ZmVlNTBmNWEzNWQzZTAwNjI2NWI4OGYy
M2VkZTFiMGZmMWVlNDg4N2FjNDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVdmw9MgJSyN2RTHmk/nbdtR0vjvPNqGrkUZqcxVQtkYiy6V90Ok96Wp1W9
TBkSTjPitGLb/aVPws2lWQEp/CvwALvAXWEx8shRa3EOhmNqtkhKGsPqPktDR8HU
81PTbmsf0/X3f1zDNVfwqyCly11BDdB+TwkCqdZ2NFmkkX/aVv3a4xAZ72wSXx0S
7yYaWeujT2VWCSnlAmXH7ex3BG3Ng0kdE6/fTceNo/G2fLrjGS+tkqrpmGs7HnHT
+TAJeQDfEJRtJ5YBjWhtIuZemKziI6RLRqdIG/TrkRcp5PDSASYOwR1610hAblJH
L+ZVAq7b6yWWbmKWuCpauWZHXM0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSbBvVK
PeRH/9BAWozSeVU/12mvFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjQ2ODQ5NTQtNzk5Zi00NmQ3LTg3ODctMTYyYzQwOGQ0M2U3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FpQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAYbDUbPskRyKLoWZV7joCRd0fs9aJ+UGoqPfGd
CaVmbrlvqc/XpKLTEpdB7VZamggx8VQmCLJu/Mf6WG7AA5h1IMYhf/0wKNCqtIfV
ngEjtadsV8wM3cdiZ7LHfdRCfNI30DwT5jdlxrZ+pN2uBkRrqd5eN16p6ty+fCkx
UjlFVdESss+s6eZmXOB7M2hWiza0Svg/alwUfPrW7tMnxFuzT4pupjx64RupZfbk
0JApFdNsstxZ+8hQKNdWI9inD9UhJ3ypbABNaH9e1PSkJ81lWXiig5jLUmmxODPU
UFCSJKPhN0JKJEI2XfkgqF/1D/kwDx/1oj/ikk2gQZOU7oBN
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:58 2026 by rpki-client