Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
File: 7e690adc-099c-4d58-ad1b-856f693d90b3.roa (raw, json)
Hash identifier: niRghL8ttTiD5CUPf9xPxmxnbP9MWYKw0UsSDfWwjs0=
Subject key identifier: 24:0F:B2:57:F4:FF:10:74:31:28:CF:0F:5A:D0:94:B7:3F:6E:94:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5658D4ABBA270B110D241A39C2609F772B3451BA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
Signing time: Fri 20 Feb 2026 01:50:31 +0000
ROA not before: Fri 20 Feb 2026 01:50:31 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:58:d4:ab:ba:27:0b:11:0d:24:1a:39:c2:60:9f:77:2b:34:51:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:31 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=3c028606938065c70f6300044eda370305e94b1448cb334aaf487d7b4570d92a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:65:d5:d6:8c:8a:00:37:15:f1:ea:fa:3e:08:
9f:ea:b4:88:c0:62:95:01:cd:e7:02:13:4c:55:1d:
53:af:25:31:ab:69:9a:e0:fc:2e:4b:21:14:9a:d2:
4e:7a:8d:9b:ac:41:90:ff:db:06:30:6b:65:ea:f7:
59:87:35:12:84:2d:71:83:af:f4:f1:3a:c1:7c:bd:
35:d2:34:bc:80:ef:eb:8a:10:13:de:a9:06:e9:f7:
75:7e:76:d0:59:0c:fb:3f:ec:4f:4b:03:cc:43:fb:
16:6e:95:93:64:87:a1:b4:75:83:cb:6f:91:82:1a:
aa:b9:5a:ad:27:6a:6e:ec:1b:c4:63:23:a0:6b:9a:
41:07:33:91:15:d7:55:10:ab:91:1f:e3:ea:8f:19:
78:d2:49:33:37:b9:2b:72:5e:0f:3d:d3:cf:32:5c:
a6:58:e8:bb:df:c4:49:4b:b4:d7:c3:be:9e:80:38:
85:2f:67:44:c9:fb:2a:0e:17:58:4d:fe:cf:63:91:
f5:56:aa:eb:cb:4d:f7:33:fb:24:ab:8e:d7:48:82:
36:1d:ae:a7:a6:92:10:fe:f8:ac:1b:78:fb:bd:2a:
9d:cd:a2:bf:62:cc:00:27:40:63:dc:92:e8:11:81:
14:05:7b:ba:71:f0:28:e3:6b:bb:8e:3f:44:24:51:
bd:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0F:B2:57:F4:FF:10:74:31:28:CF:0F:5A:D0:94:B7:3F:6E:94:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
a4:50:75:d8:7c:9b:8f:6b:e8:2d:11:bc:cd:b0:8f:42:c7:97:
48:e2:9f:46:e4:17:3e:6e:49:b7:c7:b3:fe:2a:18:94:81:77:
12:84:f1:74:24:95:67:84:d5:90:43:91:ca:ba:8d:22:2b:29:
a7:89:ba:2c:c0:38:ec:fd:8c:fb:57:64:30:53:19:6a:40:06:
22:b3:7d:78:7b:39:43:33:28:09:c1:df:8e:c8:8f:f4:ab:d4:
ea:ff:86:eb:77:70:ab:fa:0a:a6:74:2b:00:75:4e:0e:57:17:
bf:14:5d:7a:05:dd:3a:54:f8:fe:6d:a0:08:40:9e:e2:14:03:
f3:46:88:00:56:7b:e5:5c:93:7d:d2:ae:85:10:10:53:5a:7b:
00:6d:09:cd:f7:c3:d4:47:53:bb:89:35:8e:f1:32:72:eb:1f:
3e:8b:73:de:bc:92:5d:2e:66:6c:cc:6a:dd:19:c5:12:97:98:
91:31:2a:78:90:16:05:44:7e:8c:41:be:35:eb:02:47:16:eb:
e2:fb:07:dc:f1:b0:b0:90:36:b3:41:c2:a7:fd:31:e9:db:d8:
7f:bd:4a:5f:d6:7a:35:fa:6b:4a:86:f3:f9:e6:83:33:3a:a7:
c9:55:7d:70:50:21:2b:86:18:a1:60:20:a4:40:09:5e:78:bd:
0c:6b:a0:7b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVljUq7onCxENJBo5wmCfdys0UbowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMzFaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjMDI4NjA2OTM4MDY1YzcwZjYzMDAwNDRlZGEzNzAzMDVlOTRiMTQ0OGNi
MzM0YWFmNDg3ZDdiNDU3MGQ5MmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFl1daMigA3FfHq+j4In+q0iMBilQHN5wITTFUdU68lMatpmuD8LkshFJrS
TnqNm6xBkP/bBjBrZer3WYc1EoQtcYOv9PE6wXy9NdI0vIDv64oQE96pBun3dX52
0FkM+z/sT0sDzEP7Fm6Vk2SHobR1g8tvkYIaqrlarSdqbuwbxGMjoGuaQQczkRXX
VRCrkR/j6o8ZeNJJMze5K3JeDz3TzzJcpljou9/ESUu018O+noA4hS9nRMn7Kg4X
WE3+z2OR9Vaq68tN9zP7JKuO10iCNh2up6aSEP74rBt4+70qnc2iv2LMACdAY9yS
6BGBFAV7unHwKONru44/RCRRvbcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQkD7JX
9P8QdDEozw9a0JS3P26U9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2U2OTBhZGMtMDk5Yy00ZDU4LWFkMWItODU2ZjY5M2Q5MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQCkUHXYfJuPa+gtEbzNsI9Cx5dI4p9G5Bc+bkm3
x7P+KhiUgXcShPF0JJVnhNWQQ5HKuo0iKymniboswDjs/Yz7V2QwUxlqQAYis314
ezlDMygJwd+OyI/0q9Tq/4brd3Cr+gqmdCsAdU4OVxe/FF16Bd06VPj+baAIQJ7i
FAPzRogAVnvlXJN90q6FEBBTWnsAbQnN98PUR1O7iTWO8TJy6x8+i3PevJJdLmZs
zGrdGcUSl5iRMSp4kBYFRH6MQb416wJHFuvi+wfc8bCwkDazQcKn/THp29h/vUpf
1no1+mtKhvP55oMzOqfJVX1wUCErhhihYCCkQAleeL0Ma6B7
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:28:15 2026 by rpki-client