Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
File: 8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa (raw, json)
Hash identifier: pm7W2wLlOebE183L9pHA95Ob+v778tqyxRhLkkLXD0w=
Subject key identifier: 0C:09:32:CF:70:83:BB:26:14:83:18:3F:CE:54:19:D2:AF:55:16:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FDBD292F6A4F95288653A7E768B4D5333672F7A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
Signing time: Sat 28 Feb 2026 05:50:42 +0000
ROA not before: Sat 28 Feb 2026 05:50:42 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:db:d2:92:f6:a4:f9:52:88:65:3a:7e:76:8b:4d:53:33:67:2f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:42 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=21d41068987e1726918f91d127832a8c2866451ffe84bd8fe4c6783cecbeaf3e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e4:86:a3:53:36:f4:bd:76:67:36:15:44:f2:
fd:2e:ff:da:0c:21:c8:4e:1d:72:0e:5c:74:8f:1e:
c5:59:31:17:59:43:63:eb:a1:14:c7:f2:0e:df:2c:
37:9e:2b:ae:73:21:ee:d9:df:61:7e:b2:54:0d:cf:
68:35:a6:aa:06:37:a2:a0:d0:9a:d8:57:ec:33:b5:
88:22:c4:fa:3d:a0:c9:da:10:6b:7c:26:39:bb:f9:
81:7d:bb:53:29:7a:79:eb:50:1a:0f:b7:0a:f9:3d:
ce:65:8f:b2:89:80:b2:79:74:63:e3:e9:9b:45:ae:
f6:15:15:84:5c:92:11:98:e9:56:8f:b8:1d:04:f7:
f5:9a:4c:ef:2b:09:1b:a9:1e:ce:4d:ce:44:21:2e:
1d:c4:2d:b7:55:0d:dd:e2:75:a5:68:5f:4e:73:d3:
da:52:2a:8e:e9:94:c5:50:d8:49:c4:09:a3:6a:14:
4c:d0:e3:92:22:77:e7:7b:1a:f2:4f:69:96:d4:95:
a1:87:a3:fa:59:49:f9:53:90:26:a7:5c:10:66:03:
ad:1e:94:c1:3c:d9:ab:ef:19:ab:20:8b:bc:58:57:
1e:dc:0b:18:58:50:76:8b:7e:ed:8b:45:eb:eb:36:
cd:7c:49:08:5e:52:6b:e4:74:bb:ad:7b:2a:98:3c:
5e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:09:32:CF:70:83:BB:26:14:83:18:3F:CE:54:19:D2:AF:55:16:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028::/36
Signature Algorithm: sha256WithRSAEncryption
8d:aa:34:39:88:e0:18:19:b2:7d:2f:b7:60:38:5d:7b:ac:bc:
21:e4:3a:25:6c:cc:e3:e5:f6:2b:82:01:f0:26:ea:15:a1:b5:
f6:1a:95:f8:d9:95:35:b7:25:50:5a:d3:52:97:fa:1e:28:6f:
15:14:ac:ec:b5:36:9b:34:df:32:a2:0e:9f:e2:86:c6:d9:72:
8c:8f:3c:47:8e:20:06:ea:09:87:a3:d7:23:77:f6:a9:11:86:
8d:29:ac:37:9c:78:d9:95:63:9c:52:44:dd:8c:5e:88:6a:67:
47:eb:a7:01:ef:ec:62:59:8d:f4:62:7c:f6:82:a4:0e:75:9d:
16:5b:37:ef:f1:55:61:9e:c2:d4:ea:bf:d4:e4:e7:f8:65:3b:
75:19:99:91:c4:4f:c1:e5:70:5f:d3:7c:68:70:93:21:c3:b5:
9e:76:4a:03:60:38:3d:68:a6:94:01:f6:31:a9:b2:09:f0:d9:
f8:4f:c0:60:26:fa:d1:6d:40:c9:90:c5:bc:1d:4f:bf:98:e4:
02:ab:35:3e:f6:b8:46:34:93:a8:bb:df:0c:37:0f:97:44:fd:
da:f9:8b:5c:20:f7:9c:90:bd:b9:81:7c:95:71:d4:86:ab:4c:
5a:42:59:65:6d:c6:48:c0:8b:fe:71:f8:6f:65:2d:3b:f9:74:
8e:e7:16:4f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb9vSkvak+VKIZTp+dotNUzNnL3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwNDJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxZDQxMDY4OTg3ZTE3MjY5MThmOTFkMTI3ODMyYThjMjg2NjQ1MWZmZTg0
YmQ4ZmU0YzY3ODNjZWNiZWFmM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/khqNTNvS9dmc2FUTy/S7/2gwhyE4dcg5cdI8exVkxF1lDY+uhFMfyDt8s
N54rrnMh7tnfYX6yVA3PaDWmqgY3oqDQmthX7DO1iCLE+j2gydoQa3wmObv5gX27
Uyl6eetQGg+3Cvk9zmWPsomAsnl0Y+Ppm0Wu9hUVhFySEZjpVo+4HQT39ZpM7ysJ
G6kezk3ORCEuHcQtt1UN3eJ1pWhfTnPT2lIqjumUxVDYScQJo2oUTNDjkiJ353sa
8k9pltSVoYej+llJ+VOQJqdcEGYDrR6UwTzZq+8ZqyCLvFhXHtwLGFhQdot+7YtF
6+s2zXxJCF5Sa+R0u617Kpg8Xu8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQMCTLP
cIO7JhSDGD/OVBnSr1UWwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODAxNWZkYzQtZTc5ZC00NDAwLWE3ODYtYzcwYWIzZjEwZDJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CgA
MA0GCSqGSIb3DQEBCwUAA4IBAQCNqjQ5iOAYGbJ9L7dgOF17rLwh5DolbMzj5fYr
ggHwJuoVobX2GpX42ZU1tyVQWtNSl/oeKG8VFKzstTabNN8yog6f4obG2XKMjzxH
jiAG6gmHo9cjd/apEYaNKaw3nHjZlWOcUkTdjF6IamdH66cB7+xiWY30Ynz2gqQO
dZ0WWzfv8VVhnsLU6r/U5Of4ZTt1GZmRxE/B5XBf03xocJMhw7WedkoDYDg9aKaU
AfYxqbIJ8Nn4T8BgJvrRbUDJkMW8HU+/mOQCqzU+9rhGNJOou98MNw+XRP3a+Ytc
IPeckL25gXyVcdSGq0xaQlllbcZIwIv+cfhvZS07+XSO5xZP
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:38:06 2026 by rpki-client