Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73745b45-c65b-482b-9e7a-25a90d279147.roa
File: 73745b45-c65b-482b-9e7a-25a90d279147.roa (raw, json)
Hash identifier: ScazEkas2ZQZmgDsK1I3e9rSW6aysFf/fmiLcupFg/0=
Subject key identifier: B3:0F:F6:84:CB:F8:2E:82:5D:22:82:61:04:F2:A1:D1:3E:32:C6:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 104C2159D4666ED8AE1BF1BBD61B592738222445
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73745b45-c65b-482b-9e7a-25a90d279147.roa
Signing time: Tue 24 Feb 2026 00:40:08 +0000
ROA not before: Tue 24 Feb 2026 00:40:08 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:4c:21:59:d4:66:6e:d8:ae:1b:f1:bb:d6:1b:59:27:38:22:24:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 00:40:08 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=d57e5aee12df68e02c15ef6b331142302f627f8867d72f7e734e258329e1b6c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b1:f4:84:6e:b9:81:7c:a3:47:d3:19:ed:07:
52:42:94:d6:bb:2b:e7:2a:6b:44:8d:9e:86:40:f3:
d5:34:55:1f:49:e3:c4:4f:28:99:97:83:4a:1a:53:
a4:84:c4:c2:ed:a5:a3:5b:7a:4d:aa:3d:9a:bf:62:
b2:a1:0c:b7:e2:d6:0a:a6:cb:90:8e:1e:9d:8f:99:
dc:d1:87:17:54:ac:73:7b:b8:61:e7:59:54:9e:70:
9f:0a:b2:31:c6:32:e4:9a:62:b0:4b:a6:22:55:f3:
fe:37:60:9e:6a:18:75:fd:82:70:b1:e4:35:0d:8a:
6c:1a:1f:28:56:46:e3:7d:3f:e6:f8:5b:c0:4f:bd:
bc:92:bb:cc:8f:68:39:45:b9:1a:5f:95:ac:be:e2:
a8:29:48:b3:3e:08:65:d6:21:3e:4f:cc:91:ed:2f:
e5:47:5b:24:e0:08:07:10:0d:70:d4:15:a0:88:1c:
d4:01:34:91:8f:22:6e:8e:56:50:10:4b:77:9e:85:
f6:1d:e0:d8:a1:db:b7:f6:2f:bc:34:a2:27:18:a9:
b2:03:45:94:7c:8f:82:86:e6:6e:52:0a:39:a7:9d:
de:bb:a2:b6:24:15:c3:e7:cd:80:34:2a:ae:f7:af:
31:c1:40:11:4b:d3:fb:08:af:d9:3e:1a:6a:d9:53:
bd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:0F:F6:84:CB:F8:2E:82:5D:22:82:61:04:F2:A1:D1:3E:32:C6:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/73745b45-c65b-482b-9e7a-25a90d279147.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:4000::/40
Signature Algorithm: sha256WithRSAEncryption
84:43:7e:b0:8b:33:86:dc:4b:16:81:f0:ea:66:8c:77:76:a8:
6a:56:97:e6:bb:a1:df:5f:fa:70:af:54:86:76:ea:fd:41:e0:
45:2d:42:57:b8:47:57:b2:8c:04:49:f0:d1:8b:04:42:c4:47:
82:7e:4f:71:c2:de:86:10:5a:c3:13:a1:dd:06:2f:3f:fb:9c:
4d:21:27:de:e8:7f:6b:49:92:09:09:d6:23:18:cb:60:e3:48:
c2:7b:3a:5d:01:ab:d7:72:61:48:cf:62:38:2c:d0:35:5a:6b:
7e:71:15:47:49:e0:74:1d:4b:c1:68:b0:67:a8:84:b4:2a:43:
ac:4d:21:e0:70:06:62:2e:a0:1b:16:ca:7b:e3:b9:fc:af:fd:
03:87:31:6e:b9:d3:ab:f7:40:18:04:9e:ac:47:43:97:96:ae:
25:33:78:df:dc:85:92:05:f5:5f:eb:30:66:b8:98:bc:b7:81:
f9:f8:2e:ec:5c:42:eb:de:02:14:36:b9:64:3d:70:7a:df:2e:
b9:ba:85:f8:f4:f4:d7:cc:d9:7b:52:6a:60:cc:3e:39:95:7b:
9c:5b:c6:40:0e:e6:39:1e:89:e9:1c:08:22:de:7e:fd:e7:7f:
f2:6b:a1:2d:73:72:19:54:3d:08:1d:98:21:47:bf:8b:02:46:
fc:61:d3:09
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEEwhWdRmbtiuG/G71htZJzgiJEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjQwMDQwMDhaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1N2U1YWVlMTJkZjY4ZTAyYzE1ZWY2YjMzMTE0MjMwMmY2MjdmODg2N2Q3
MmY3ZTczNGUyNTgzMjllMWI2YzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOx9IRuuYF8o0fTGe0HUkKU1rsr5yprRI2ehkDz1TRVH0njxE8omZeDShpT
pITEwu2lo1t6Tao9mr9isqEMt+LWCqbLkI4enY+Z3NGHF1Ssc3u4YedZVJ5wnwqy
McYy5JpisEumIlXz/jdgnmoYdf2CcLHkNQ2KbBofKFZG430/5vhbwE+9vJK7zI9o
OUW5Gl+VrL7iqClIsz4IZdYhPk/Mke0v5UdbJOAIBxANcNQVoIgc1AE0kY8ibo5W
UBBLd56F9h3g2KHbt/YvvDSiJxipsgNFlHyPgobmblIKOaed3ruitiQVw+fNgDQq
rvevMcFAEUvT+wiv2T4aatlTvUMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSzD/aE
y/gugl0igmEE8qHRPjLGkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM3NDViNDUtYzY1Yi00ODJiLTllN2EtMjVhOTBkMjc5MTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HtA
MA0GCSqGSIb3DQEBCwUAA4IBAQCEQ36wizOG3EsWgfDqZox3dqhqVpfmu6HfX/pw
r1SGdur9QeBFLUJXuEdXsowESfDRiwRCxEeCfk9xwt6GEFrDE6HdBi8/+5xNISfe
6H9rSZIJCdYjGMtg40jCezpdAavXcmFIz2I4LNA1Wmt+cRVHSeB0HUvBaLBnqIS0
KkOsTSHgcAZiLqAbFsp747n8r/0DhzFuudOr90AYBJ6sR0OXlq4lM3jf3IWSBfVf
6zBmuJi8t4H5+C7sXELr3gIUNrlkPXB63y65uoX49PTXzNl7UmpgzD45lXucW8ZA
DuY5HonpHAgi3n7953/ya6Etc3IZVD0IHZghR7+LAkb8YdMJ
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:45:27 2026 by rpki-client