Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
File: 6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa (raw, json)
Hash identifier: cIvD8iIrJ7vHdoMDfqH6uUgooNSdIGAXHxQqyTQqNwA=
Subject key identifier: 79:61:E5:4D:6A:C9:55:33:B3:02:3E:A5:79:4A:6E:A9:71:84:BD:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7AB3C1776DDE7D3EDD45EED3E2E4B913887B1104
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
Signing time: Tue 19 May 2026 05:01:09 +0000
ROA not before: Tue 19 May 2026 05:01:09 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:b3:c1:77:6d:de:7d:3e:dd:45:ee:d3:e2:e4:b9:13:88:7b:11:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:01:09 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=cd75ccfdaa8d45e817703155a41a1fca8ee3c84aa89077ba4b7cfb7ac35a818b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a5:14:14:6e:87:87:e3:ec:e7:30:a7:20:4b:
71:cc:31:35:08:fd:f1:78:5f:6c:cf:fa:b7:23:b0:
be:77:d8:4a:b3:0b:d9:b0:8b:f3:ea:2f:51:dd:f0:
7a:f6:92:99:89:65:59:f6:a2:df:76:f5:a2:b0:a4:
3a:1d:7a:b8:70:b5:2c:95:08:e0:1d:a3:f3:28:be:
63:23:ab:ec:85:c9:7b:a8:9b:bb:5d:78:54:81:c9:
5c:bb:20:87:76:31:8c:04:25:55:30:78:20:f9:ef:
49:5e:c6:4a:db:ca:c8:5e:cd:2f:e2:48:e3:53:c1:
b0:55:e8:c9:9b:b9:a7:c0:dd:7d:3f:ef:6a:e0:b6:
0c:05:95:09:a7:4b:45:13:6b:b6:9b:c1:54:c0:54:
ad:6b:15:53:8d:6d:88:37:3f:7e:04:66:99:79:b5:
60:b4:09:6e:0b:5c:b2:91:ba:f8:65:f2:3a:23:a3:
a4:6e:ed:a3:d8:40:7c:4d:1d:af:f3:1a:0d:8f:49:
4b:60:79:0f:d2:56:c3:69:70:37:bb:fc:24:e8:2c:
fe:57:37:d8:cf:cd:6f:e3:02:db:d9:45:87:1b:ee:
29:13:6c:e6:6a:03:71:28:fc:6c:9f:bc:5b:07:62:
df:b2:64:16:8a:95:74:09:6e:aa:ff:41:9b:b9:a9:
da:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:61:E5:4D:6A:C9:55:33:B3:02:3E:A5:79:4A:6E:A9:71:84:BD:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e4d9890-b4f4-4b9e-a734-b63f515360e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4040::/48
Signature Algorithm: sha256WithRSAEncryption
06:4f:51:92:c5:92:c4:1c:50:90:68:16:cc:ee:59:5b:99:62:
a6:ba:d0:7c:40:48:5a:35:13:85:04:39:6e:db:98:0a:35:f1:
0b:bf:d9:a9:3f:6b:8e:2e:01:60:49:8d:d1:55:2d:9b:c8:24:
95:8f:7f:2a:c4:6a:66:92:c2:e8:86:2c:c3:2c:24:09:da:1c:
2c:cc:37:ad:62:53:8b:17:b2:5f:9f:b1:7f:ef:b8:bf:32:96:
2d:49:03:63:05:d8:b4:29:65:0c:ac:1c:30:ac:b0:60:82:4d:
9c:38:9d:65:90:35:8c:b4:65:ed:f3:d1:b8:ba:a2:c5:cd:57:
d7:79:9f:97:c4:34:df:5c:bb:ee:64:b4:c0:9c:bf:dd:91:0c:
1b:c0:61:d1:ad:94:3b:dd:e3:8a:ea:07:ee:7f:68:4e:75:f4:
d0:df:4d:6e:27:b3:59:77:d7:9b:ec:ed:7f:16:8d:d1:a2:86:
22:ea:ce:ff:0a:0e:ed:c5:9d:a4:15:c6:da:b7:63:ae:1a:fc:
86:e9:22:a3:50:ef:59:4e:12:71:c1:ad:25:a5:23:47:54:e5:
71:c5:73:6a:2b:f9:d8:17:1c:10:c7:70:01:a6:38:61:cd:16:
6b:9e:cc:b5:55:2d:57:8a:7b:e7:7e:85:26:d1:f8:40:87:8d:
bb:00:84:ac
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUerPBd23efT7dRe7T4uS5E4h7EQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAxMDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkNzVjY2ZkYWE4ZDQ1ZTgxNzcwMzE1NWE0MWExZmNhOGVlM2M4NGFhODkw
NzdiYTRiN2NmYjdhYzM1YTgxOGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSlFBRuh4fj7OcwpyBLccwxNQj98XhfbM/6tyOwvnfYSrML2bCL8+ovUd3w
evaSmYllWfai33b1orCkOh16uHC1LJUI4B2j8yi+YyOr7IXJe6ibu114VIHJXLsg
h3YxjAQlVTB4IPnvSV7GStvKyF7NL+JI41PBsFXoyZu5p8DdfT/vauC2DAWVCadL
RRNrtpvBVMBUrWsVU41tiDc/fgRmmXm1YLQJbgtcspG6+GXyOiOjpG7to9hAfE0d
r/MaDY9JS2B5D9JWw2lwN7v8JOgs/lc32M/Nb+MC29lFhxvuKRNs5moDcSj8bJ+8
Wwdi37JkFoqVdAluqv9Bm7mp2lMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR5YeVN
aslVM7MCPqV5Sm6pcYS98DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU0ZDk4OTAtYjRmNC00YjllLWE3MzQtYjYzZjUxNTM2MGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
QDANBgkqhkiG9w0BAQsFAAOCAQEABk9RksWSxBxQkGgWzO5ZW5liprrQfEBIWjUT
hQQ5btuYCjXxC7/ZqT9rji4BYEmN0VUtm8gklY9/KsRqZpLC6IYswywkCdocLMw3
rWJTixeyX5+xf++4vzKWLUkDYwXYtCllDKwcMKywYIJNnDidZZA1jLRl7fPRuLqi
xc1X13mfl8Q031y77mS0wJy/3ZEMG8Bh0a2UO93jiuoH7n9oTnX00N9NbiezWXfX
m+ztfxaN0aKGIurO/woO7cWdpBXG2rdjrhr8hukio1DvWU4SccGtJaUjR1TlccVz
aiv52BccEMdwAaY4Yc0Wa57MtVUtV4p7536FJtH4QIeNuwCErA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:43:02 2026 by rpki-client