Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
File: 7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa (raw, json)
Hash identifier: Ca24ywDgeaHhYRupRKT8wMs9mrJLVPZSysOUg3P3API=
Subject key identifier: C7:02:DA:BA:B7:3B:0B:6D:A5:3D:83:61:FC:16:E8:7E:DD:16:4F:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41B9B58E4732BE7A85757D30130B3F58F2B36F73
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
Signing time: Sat 28 Feb 2026 06:20:12 +0000
ROA not before: Sat 28 Feb 2026 06:20:12 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:b9:b5:8e:47:32:be:7a:85:75:7d:30:13:0b:3f:58:f2:b3:6f:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:20:12 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=094efc13cfe6873efe7eb101e0c7c7a5bf79b85aba4d7823b77725e21982b062, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0d:4c:50:d0:64:ae:52:ce:ed:fa:11:3f:7a:
30:91:bd:7d:c0:40:77:57:85:d3:55:3e:9c:e7:ea:
fa:0a:64:c7:fb:eb:85:7f:84:23:18:16:99:31:df:
f9:3a:c8:db:62:d0:bb:c3:ec:1e:a7:59:9d:88:c0:
b6:93:a0:20:91:dc:66:c4:a9:55:00:63:86:7e:b6:
60:3b:d7:f8:e8:c1:88:69:c7:89:06:92:a2:1a:a0:
e6:36:cd:85:e9:d3:41:b3:90:f1:fb:aa:58:fa:f9:
cf:1f:68:60:2d:71:62:03:5e:59:59:a4:63:1c:8d:
9c:61:9d:cb:1b:66:2b:f0:c1:a0:02:e2:51:68:dc:
1d:c2:c0:51:5e:9e:a1:fe:8e:98:8e:35:a5:df:f1:
45:f4:60:26:77:20:4f:3a:84:dd:96:c0:d9:ab:ba:
c2:ca:48:8a:5d:01:ce:a9:8e:69:bc:d7:9e:8f:16:
fb:bc:fd:4d:35:e9:a8:a2:68:59:98:ac:4e:7d:ae:
1e:dc:b5:dd:33:37:f3:33:23:67:28:a2:ca:74:fc:
38:fa:df:43:71:75:10:50:0b:2e:cf:f4:fd:5a:09:
44:35:ef:61:83:16:79:d7:4a:38:bb:87:6a:0d:57:
af:00:59:be:73:98:0e:f0:6d:52:20:ea:7c:20:6b:
c3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:02:DA:BA:B7:3B:0B:6D:A5:3D:83:61:FC:16:E8:7E:DD:16:4F:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012::/36
Signature Algorithm: sha256WithRSAEncryption
4e:a7:e4:66:da:0f:4a:bc:4c:a3:09:2e:44:32:92:4c:66:cc:
0d:c4:c7:35:4d:dd:cc:c1:f9:68:02:3f:37:64:ca:8d:ea:cf:
ed:af:9c:a0:3d:53:5f:30:b5:21:aa:ec:39:70:18:4e:76:6c:
96:de:5b:7a:1b:5b:71:6e:e3:2f:93:66:08:04:b2:58:6e:da:
a9:91:c4:76:9b:6c:36:bf:1f:82:13:49:00:12:ac:92:6f:37:
83:c6:6b:17:0a:10:d1:26:d4:89:23:72:ef:91:6c:77:81:e2:
c5:b7:ef:c9:f2:b4:4f:12:4d:48:a1:42:08:35:c6:42:42:89:
83:ec:a2:73:fe:32:7e:75:bb:82:6f:45:13:30:e5:fb:80:6a:
4a:5f:53:b9:39:28:8c:b1:a6:94:b6:8e:21:c9:ae:18:8f:a8:
89:e5:81:a9:f0:38:05:61:21:cf:e3:ab:e3:ac:56:4e:cc:bf:
67:3b:da:67:e1:e5:b7:44:34:9d:2c:fd:2a:47:41:c4:d8:a8:
0f:47:23:07:cd:c4:6a:22:17:08:66:f8:b1:ef:3e:f6:e4:7a:
09:7a:b7:4f:37:f8:5b:80:ad:80:5b:8d:64:22:60:f8:06:f3:
c8:5c:06:38:1f:b8:1b:71:df:d6:52:28:f9:20:9b:2a:d9:05:
af:3f:95:ed
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQbm1jkcyvnqFdX0wEws/WPKzb3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIwMTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5NGVmYzEzY2ZlNjg3M2VmZTdlYjEwMWUwYzdjN2E1YmY3OWI4NWFiYTRk
NzgyM2I3NzcyNWUyMTk4MmIwNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQNTFDQZK5Szu36ET96MJG9fcBAd1eF01U+nOfq+gpkx/vrhX+EIxgWmTHf
+TrI22LQu8PsHqdZnYjAtpOgIJHcZsSpVQBjhn62YDvX+OjBiGnHiQaSohqg5jbN
henTQbOQ8fuqWPr5zx9oYC1xYgNeWVmkYxyNnGGdyxtmK/DBoALiUWjcHcLAUV6e
of6OmI41pd/xRfRgJncgTzqE3ZbA2au6wspIil0BzqmOabzXno8W+7z9TTXpqKJo
WZisTn2uHty13TM38zMjZyiiynT8OPrfQ3F1EFALLs/0/VoJRDXvYYMWeddKOLuH
ag1XrwBZvnOYDvBtUiDqfCBrwzECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTHAtq6
tzsLbaU9g2H8Fuh+3RZPzDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RmNzY2NDktZGNjMC00ZjhjLWJlNmItMTNmY2EyN2VjNGYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BIA
MA0GCSqGSIb3DQEBCwUAA4IBAQBOp+Rm2g9KvEyjCS5EMpJMZswNxMc1Td3Mwflo
Aj83ZMqN6s/tr5ygPVNfMLUhquw5cBhOdmyW3lt6G1txbuMvk2YIBLJYbtqpkcR2
m2w2vx+CE0kAEqySbzeDxmsXChDRJtSJI3LvkWx3geLFt+/J8rRPEk1IoUIINcZC
QomD7KJz/jJ+dbuCb0UTMOX7gGpKX1O5OSiMsaaUto4hya4Yj6iJ5YGp8DgFYSHP
46vjrFZOzL9nO9pn4eW3RDSdLP0qR0HE2KgPRyMHzcRqIhcIZvix7z725HoJerdP
N/hbgK2AW41kImD4BvPIXAY4H7gbcd/WUij5IJsq2QWvP5Xt
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:24:32 2026 by rpki-client