Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
File: 6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa (raw, json)
Hash identifier: TpP97lUueCw+NuRBXwICW/zsRHB42UtiQid+r/9lIHA=
Subject key identifier: E8:46:85:6D:79:AF:73:5D:0B:48:ED:37:3A:C7:BE:7F:7D:77:D5:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 9D0DEF257C43F3FAB1AFAA4BBBD59FDD664D2D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
Signing time: Sat 28 Feb 2026 06:21:26 +0000
ROA not before: Sat 28 Feb 2026 06:21:26 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
9d:0d:ef:25:7c:43:f3:fa:b1:af:aa:4b:bb:d5:9f:dd:66:4d:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:26 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c17ca509a44e0b84c99e562ee09a1d7760cecf216042c954de4fd325a413c3c5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:2e:ee:fd:2b:7f:79:4b:59:52:b7:13:59:e7:
27:9a:c1:ef:bb:de:68:3f:41:49:37:ed:0a:9a:f1:
63:0e:b5:c4:30:01:f3:c4:53:85:3d:91:2d:19:37:
d5:98:67:ba:01:b5:88:37:55:49:fe:c7:a0:9a:34:
13:0a:e4:56:24:3a:7c:c0:13:73:7d:d4:e2:08:51:
50:37:fd:32:dc:11:48:15:97:33:9c:6e:bf:d5:40:
ec:55:da:ac:52:1a:d0:1a:ac:3d:fa:24:e1:e9:14:
c1:39:4b:a9:12:9e:fd:e8:2c:17:8f:64:2b:0c:95:
e3:25:93:93:32:7d:6c:d9:39:97:21:37:b4:e7:07:
a4:10:10:ee:d4:eb:e8:98:93:89:88:49:08:bf:a0:
82:d2:b9:d1:d9:40:63:fb:4e:79:63:f3:fe:60:0c:
5d:da:a7:4e:dd:7a:e2:52:2c:9d:b0:d8:f0:1f:21:
02:5b:2c:55:36:60:1f:05:7a:c0:f5:1d:08:c0:4a:
9f:dc:ab:6c:ca:28:74:c9:c6:1a:65:83:69:12:70:
81:08:e9:9c:cf:39:c0:b5:1b:e3:92:9d:65:5d:21:
97:6d:0b:6e:80:39:94:79:4a:8b:ec:cb:03:0f:be:
ea:be:7d:79:a9:4e:1c:de:3d:16:2c:86:45:3a:df:
17:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:46:85:6D:79:AF:73:5D:0B:48:ED:37:3A:C7:BE:7F:7D:77:D5:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e58fa17-0cfc-4a06-8d48-47d96c0d49af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/36
Signature Algorithm: sha256WithRSAEncryption
2e:32:fc:dc:a3:2c:af:a7:a1:11:f3:9d:4b:b3:85:52:c7:8c:
7d:68:05:22:a0:0e:86:89:0c:28:66:f0:db:a4:af:43:4f:82:
72:1d:8a:dd:36:75:37:f7:42:93:fa:02:4d:03:2a:4d:63:52:
49:ff:1b:b8:48:a2:78:9c:84:cc:63:70:78:b3:85:1d:e1:ca:
a3:c0:4a:26:e2:52:4d:e4:73:c8:81:c1:58:a0:d5:e0:98:dd:
eb:05:72:44:d5:0a:92:b0:ad:7f:a2:86:2d:cd:b8:c1:03:74:
31:3f:85:01:76:40:69:70:93:fc:3f:de:3e:35:12:66:02:68:
99:ee:f6:18:18:92:a1:1f:49:f5:b0:80:ad:b0:0f:8e:01:f9:
e0:29:ce:6a:3f:a1:28:d6:14:3c:ba:19:44:51:0c:36:22:fb:
72:e5:6e:75:4b:80:77:c4:af:d7:d2:42:1b:ee:c8:a4:dd:1b:
f3:95:32:10:29:2d:02:90:e4:f3:8d:dd:44:2c:6f:fb:07:d3:
a2:83:24:2e:3d:d8:3e:4f:f1:d7:8c:2d:68:a6:75:c2:19:c0:
a8:6c:93:19:17:19:dc:48:e6:17:57:76:dd:f4:2a:11:d8:d5:
a6:70:fb:e0:6a:cf:7d:a6:61:ae:6d:6b:8e:a8:0a:4f:ef:a5:
a9:80:86:58
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAJ0N7yV8Q/P6sa+qS7vVn91mTS0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMjZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxN2NhNTA5YTQ0ZTBiODRjOTllNTYyZWUwOWExZDc3NjBjZWNmMjE2MDQy
Yzk1NGRlNGZkMzI1YTQxM2MzYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPku7v0rf3lLWVK3E1nnJ5rB77veaD9BSTftCprxYw61xDAB88RThT2RLRk3
1ZhnugG1iDdVSf7HoJo0EwrkViQ6fMATc33U4ghRUDf9MtwRSBWXM5xuv9VA7FXa
rFIa0BqsPfok4ekUwTlLqRKe/egsF49kKwyV4yWTkzJ9bNk5lyE3tOcHpBAQ7tTr
6JiTiYhJCL+ggtK50dlAY/tOeWPz/mAMXdqnTt164lIsnbDY8B8hAlssVTZgHwV6
wPUdCMBKn9yrbMoodMnGGmWDaRJwgQjpnM85wLUb45KdZV0hl20LboA5lHlKi+zL
Aw++6r59ealOHN49FiyGRTrfF0ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBToRoVt
ea9zXQtI7Tc6x75/fXfVODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmU1OGZhMTctMGNmYy00YTA2LThkNDgtNDdkOTZjMGQ0OWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQAuMvzcoyyvp6ER851Ls4VSx4x9aAUioA6GiQwo
ZvDbpK9DT4JyHYrdNnU390KT+gJNAypNY1JJ/xu4SKJ4nITMY3B4s4Ud4cqjwEom
4lJN5HPIgcFYoNXgmN3rBXJE1QqSsK1/ooYtzbjBA3QxP4UBdkBpcJP8P94+NRJm
AmiZ7vYYGJKhH0n1sICtsA+OAfngKc5qP6Eo1hQ8uhlEUQw2Ivty5W51S4B3xK/X
0kIb7sik3RvzlTIQKS0CkOTzjd1ELG/7B9OigyQuPdg+T/HXjC1opnXCGcCobJMZ
FxncSOYXV3bd9CoR2NWmcPvgas99pmGubWuOqApP76WpgIZY
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:05:27 2026 by rpki-client