Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
File: 6a2f7401-8559-4633-8579-cca77d6fa971.roa (raw, json)
Hash identifier: 7gHZ6cPxhgAzl1aBi3fyDz29kb/qw7M1orVC7oJKMwQ=
Subject key identifier: 00:7B:5B:FA:F8:62:AF:DF:8D:4F:2D:53:1C:D7:DB:58:0A:50:D3:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 70AD4131B31E68CCDDBAE7EAB5C7100376941CC9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
Signing time: Tue 19 May 2026 04:40:56 +0000
ROA not before: Tue 19 May 2026 04:40:56 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:ad:41:31:b3:1e:68:cc:dd:ba:e7:ea:b5:c7:10:03:76:94:1c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:56 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=5b0dfaeab5142332530be95bcb94d07fd6ea6fc93e79f523c9d6af9ac1907304, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f8:18:db:60:de:2b:ec:1d:a2:18:e6:e2:f3:
e9:46:f6:5e:74:7e:44:39:75:67:44:e9:d6:d9:32:
35:41:91:03:80:6a:29:0a:59:f8:5b:c8:a6:fc:87:
2c:fc:3e:7f:46:24:95:a3:7a:22:32:da:03:1c:17:
39:9d:c9:e2:a3:11:40:8e:f0:bf:6a:b0:0e:14:30:
c3:32:1a:3c:1a:1d:80:b4:bd:98:95:e1:28:ef:cc:
3b:e9:e4:af:87:fd:51:b1:37:e6:58:4d:b6:1d:ff:
35:74:2f:d0:28:36:37:1d:92:0b:47:cd:77:ea:77:
00:a7:d7:28:17:e6:1b:22:d0:19:66:f3:a0:30:39:
84:c9:14:0b:60:fc:f1:75:cb:45:f1:4c:1e:12:26:
45:2d:7d:40:38:46:1a:b3:f1:ae:75:1b:f9:ab:7c:
ea:e6:3f:4f:6d:c5:b7:48:2b:30:37:1a:a2:21:55:
b9:4c:7c:47:5d:87:8a:39:15:dd:5d:9f:0b:b7:44:
d2:a8:07:14:6a:18:eb:6d:df:29:25:27:9d:ad:55:
3f:d1:36:52:af:b7:84:ec:79:9f:c8:90:62:8f:75:
f2:99:2f:5c:ab:c8:64:5e:e5:87:79:04:60:dd:ec:
c4:0c:c2:5b:9a:6c:99:70:03:3f:9a:08:00:99:13:
7f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:7B:5B:FA:F8:62:AF:DF:8D:4F:2D:53:1C:D7:DB:58:0A:50:D3:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a2f7401-8559-4633-8579-cca77d6fa971.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a::/36
Signature Algorithm: sha256WithRSAEncryption
b5:aa:e4:b4:63:51:a0:47:97:9c:a9:8e:4b:63:61:e7:b4:c4:
9b:05:69:90:43:72:d3:d8:6d:b6:6b:70:05:c9:55:1e:e9:0f:
e5:e7:28:8e:6e:7e:58:29:61:bb:10:96:8f:06:23:38:b1:3e:
c4:3d:a4:cd:19:c4:a7:e2:c9:84:91:0d:f1:b2:75:b1:77:b3:
5a:ba:9a:d8:1a:b2:0a:8b:62:23:09:a1:1e:02:0a:1f:ae:83:
4d:0b:ad:23:3c:44:d6:55:5f:97:be:f4:89:6d:d0:68:06:41:
13:05:6c:74:1f:1b:bb:ee:09:ed:5e:02:4b:06:af:85:f1:cc:
2d:07:be:97:3b:58:e3:ff:2e:86:c0:dc:91:26:99:3d:1f:0c:
46:74:19:41:52:3c:b9:00:b3:8c:32:37:d9:16:82:27:9d:c3:
eb:70:b2:6e:6f:f8:a4:98:68:42:c1:2a:f5:75:56:a7:95:af:
92:c5:bf:1d:1d:76:56:a4:32:d8:3b:c5:77:db:98:26:b4:1b:
32:87:16:18:7f:29:26:72:1d:0b:a8:71:59:b9:59:4f:61:74:
f0:10:c0:c7:c2:e9:7e:20:d1:68:26:66:b4:37:de:6c:62:96:
5d:66:9a:57:66:ca:57:b0:a8:77:01:92:5f:96:f2:ae:06:d7:
e9:e5:73:ae
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcK1BMbMeaMzduufqtccQA3aUHMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwNTZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDViMGRmYWVhYjUxNDIzMzI1MzBiZTk1YmNiOTRkMDdmZDZlYTZmYzkzZTc5
ZjUyM2M5ZDZhZjlhYzE5MDczMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANT4GNtg3ivsHaIY5uLz6Ub2XnR+RDl1Z0Tp1tkyNUGRA4BqKQpZ+FvIpvyH
LPw+f0YklaN6IjLaAxwXOZ3J4qMRQI7wv2qwDhQwwzIaPBodgLS9mJXhKO/MO+nk
r4f9UbE35lhNth3/NXQv0Cg2Nx2SC0fNd+p3AKfXKBfmGyLQGWbzoDA5hMkUC2D8
8XXLRfFMHhImRS19QDhGGrPxrnUb+at86uY/T23Ft0grMDcaoiFVuUx8R12HijkV
3V2fC7dE0qgHFGoY623fKSUnna1VP9E2Uq+3hOx5n8iQYo918pkvXKvIZF7lh3kE
YN3sxAzCW5psmXADP5oIAJkTf20CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQAe1v6
+GKv341PLVMc19tYClDTJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmEyZjc0MDEtODU1OS00NjMzLTg1NzktY2NhNzdkNmZhOTcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BoA
MA0GCSqGSIb3DQEBCwUAA4IBAQC1quS0Y1GgR5ecqY5LY2HntMSbBWmQQ3LT2G22
a3AFyVUe6Q/l5yiObn5YKWG7EJaPBiM4sT7EPaTNGcSn4smEkQ3xsnWxd7NauprY
GrIKi2IjCaEeAgofroNNC60jPETWVV+XvvSJbdBoBkETBWx0Hxu77gntXgJLBq+F
8cwtB76XO1jj/y6GwNyRJpk9HwxGdBlBUjy5ALOMMjfZFoInncPrcLJub/ikmGhC
wSr1dVanla+Sxb8dHXZWpDLYO8V325gmtBsyhxYYfykmch0LqHFZuVlPYXTwEMDH
wul+INFoJma0N95sYpZdZppXZspXsKh3AZJflvKuBtfp5XOu
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:10 2026 by rpki-client