Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
File: 7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa (raw, json)
Hash identifier: uOCA+4jqON9i5GtwDTLYbXMuishu5k/Sb8jVYh7uqos=
Subject key identifier: F1:D6:A4:52:D7:3E:A8:18:34:EE:6B:32:62:7B:B6:20:7A:25:B1:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 464DA0A1C31DDB0742EF99EF7FC5448DB0149FB1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
Signing time: Sat 28 Feb 2026 05:31:09 +0000
ROA not before: Sat 28 Feb 2026 05:31:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:4d:a0:a1:c3:1d:db:07:42:ef:99:ef:7f:c5:44:8d:b0:14:9f:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:31:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=9e628893f3afa21f8b5f5db01cbff1abba155608b0e2292ef0b503817313bbdf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:22:85:93:ed:2b:5d:04:cb:66:ca:4a:f5:f3:
e8:b0:5d:74:f0:bc:66:3e:67:d5:69:23:aa:ff:aa:
1d:f8:15:96:f5:9b:16:62:18:85:ae:1d:d9:3e:de:
58:66:90:b5:59:54:b0:dd:00:48:ae:72:7a:d1:31:
a3:8d:52:1f:35:01:f2:4b:47:9e:74:50:ae:cd:7b:
7a:9f:7e:18:e9:89:b3:2d:d6:13:2c:22:89:79:fa:
b4:e9:f8:53:f9:6a:0a:17:35:30:d0:86:0c:ec:0f:
8b:71:f2:7c:a3:36:a5:83:88:77:0f:bf:0f:63:9e:
1f:70:06:2b:17:7e:c5:8b:8c:59:25:b4:38:ea:4b:
d3:f9:f9:27:48:70:99:03:4f:f4:7e:ff:0f:dc:1a:
c8:f8:e1:00:b8:24:d7:1a:fe:86:41:6b:92:8a:ab:
d5:0d:7e:5c:97:f2:04:9f:2a:86:b8:21:68:51:71:
89:f4:4d:eb:e2:de:c8:19:50:8e:99:a8:b1:e3:b1:
fe:3c:42:75:99:38:f1:dd:bc:eb:d3:fa:75:68:d2:
4e:b8:7d:61:5f:91:fd:53:da:1e:8e:0a:d9:8e:80:
32:c9:df:d0:1f:51:70:d8:c9:7d:ed:98:8e:97:fb:
20:83:8c:9c:e8:36:f3:cf:70:27:ea:d7:ca:4f:1b:
eb:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D6:A4:52:D7:3E:A8:18:34:EE:6B:32:62:7B:B6:20:7A:25:B1:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038::/32
Signature Algorithm: sha256WithRSAEncryption
98:10:de:fd:98:f6:a0:e9:7c:6a:31:48:4e:e4:9f:4f:a9:05:
45:e5:aa:a9:c9:9e:f1:e7:c2:10:48:c3:02:00:45:7d:91:ae:
0f:05:1c:3f:70:6b:a6:eb:6c:4e:12:63:25:50:41:64:45:9a:
a5:ee:09:4c:a3:db:3c:3d:69:d8:a9:fe:e0:43:b4:7b:2a:97:
1b:c4:e1:41:be:36:ea:67:45:ab:d7:f3:4d:6c:6e:4c:8b:b3:
2c:95:c4:49:39:1e:33:c6:b6:26:63:25:6a:e2:34:b0:63:1a:
6c:9e:5e:59:2b:bc:bd:0c:73:eb:f1:23:2b:d8:6c:c2:0a:16:
27:b2:9f:92:f9:f5:e1:43:b3:4e:cc:80:dc:e7:ef:ff:72:3d:
7f:ff:10:50:70:57:b7:9e:cc:b2:e7:49:49:50:3f:0b:5b:80:
c0:48:21:8f:ed:b6:b3:c1:24:1f:b5:38:c7:7f:7e:1e:b3:4c:
2d:52:f6:90:8a:db:43:a7:ee:d7:31:5c:af:c5:77:a4:8d:c1:
44:40:fa:11:48:9b:0f:69:76:49:77:25:85:d8:3e:4b:97:f6:
d2:41:6b:46:1c:17:d7:4b:f9:00:0b:9c:63:1d:ba:ee:e7:3e:
e7:20:ce:6b:91:58:73:99:25:94:df:b2:49:9e:49:f7:e9:56:
e9:1f:c9:97
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIURk2gocMd2wdC75nvf8VEjbAUn7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMxMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDllNjI4ODkzZjNhZmEyMWY4YjVmNWRiMDFjYmZmMWFiYmExNTU2MDhiMGUy
MjkyZWYwYjUwMzgxNzMxM2JiZGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwihZPtK10Ey2bKSvXz6LBddPC8Zj5n1Wkjqv+qHfgVlvWbFmIYha4d2T7e
WGaQtVlUsN0ASK5yetExo41SHzUB8ktHnnRQrs17ep9+GOmJsy3WEywiiXn6tOn4
U/lqChc1MNCGDOwPi3HyfKM2pYOIdw+/D2OeH3AGKxd+xYuMWSW0OOpL0/n5J0hw
mQNP9H7/D9wayPjhALgk1xr+hkFrkoqr1Q1+XJfyBJ8qhrghaFFxifRN6+LeyBlQ
jpmoseOx/jxCdZk48d2869P6dWjSTrh9YV+R/VPaHo4K2Y6AMsnf0B9RcNjJfe2Y
jpf7IIOMnOg2889wJ+rXyk8b63MCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTx1qRS
1z6oGDTuazJie7YgeiWxDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RjZjAxNGYtYWY4OC00YWI5LTk5NzYtNzQ2ZWQ4ZGVjMWE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Dgw
DQYJKoZIhvcNAQELBQADggEBAJgQ3v2Y9qDpfGoxSE7kn0+pBUXlqqnJnvHnwhBI
wwIARX2Rrg8FHD9wa6brbE4SYyVQQWRFmqXuCUyj2zw9adip/uBDtHsqlxvE4UG+
NupnRavX801sbkyLsyyVxEk5HjPGtiZjJWriNLBjGmyeXlkrvL0Mc+vxIyvYbMIK
Fieyn5L59eFDs07MgNzn7/9yPX//EFBwV7eezLLnSUlQPwtbgMBIIY/ttrPBJB+1
OMd/fh6zTC1S9pCK20On7tcxXK/Fd6SNwURA+hFImw9pdkl3JYXYPkuX9tJBa0Yc
F9dL+QALnGMduu7nPucgzmuRWHOZJZTfskmeSffpVukfyZc=
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:26:21 2026 by rpki-client