Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8fa5442d-f7b6-4531-9d3e-f61e3e8920e5.roa
File: 8fa5442d-f7b6-4531-9d3e-f61e3e8920e5.roa (raw, json)
Hash identifier: nhpRU2IvdsGvgbEExvTcyN4Ep7ur0surUOfJQ5F9p4g=
Subject key identifier: 2D:BC:7C:1A:1A:2B:36:80:D1:B1:30:4F:A8:61:0E:A2:B1:79:86:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2839E38740BCB1A024AA8F7C8D19E47D3E3C4054
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8fa5442d-f7b6-4531-9d3e-f61e3e8920e5.roa
Signing time: Fri 20 Feb 2026 01:51:06 +0000
ROA not before: Fri 20 Feb 2026 01:51:06 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:39:e3:87:40:bc:b1:a0:24:aa:8f:7c:8d:19:e4:7d:3e:3c:40:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:51:06 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=0599a62117395393f4dcd5306bbd2787838b5e82a194a2ce9f1bdeefa13e3ff6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:da:9c:b8:f7:c9:d1:99:17:6d:f3:39:fa:37:
dc:9b:87:38:56:55:51:fc:d1:be:04:e0:3a:73:b7:
ba:e2:ef:77:0e:54:25:ce:a3:2a:4f:f5:62:0e:02:
5c:39:58:79:73:c9:44:cc:59:86:04:ef:50:1c:15:
22:56:84:23:5c:92:1a:49:3e:33:68:11:19:25:f7:
8e:6f:7e:71:2c:f2:7e:e2:b1:4d:59:3d:59:e4:e0:
3a:92:2b:e5:35:b9:7b:4e:90:03:1a:0b:82:73:bf:
c1:09:2c:c4:1c:67:a9:d1:13:e9:9d:5e:a0:b5:cb:
74:22:1e:0c:72:93:c5:2d:5c:c7:c2:d5:f0:48:dc:
1f:a3:39:41:3d:2a:c5:67:da:a5:12:4d:b5:70:f9:
5f:97:80:bb:f3:da:e1:1c:36:98:b4:a6:d0:ad:4f:
c2:11:6d:0c:03:3b:21:ee:09:2d:e2:47:b3:af:cf:
39:df:d9:23:a7:cd:79:e5:83:ee:30:b4:c6:df:ab:
45:05:dc:63:0a:70:6c:eb:fe:6b:cd:74:bf:9f:a7:
e7:70:0d:cc:f7:ef:49:92:00:55:89:ab:6f:18:47:
6c:d1:c0:f5:4b:63:60:bd:22:7b:fb:f0:4e:bd:6d:
64:30:67:b1:f4:23:05:8a:45:af:f1:d6:78:81:18:
fe:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:BC:7C:1A:1A:2B:36:80:D1:B1:30:4F:A8:61:0E:A2:B1:79:86:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8fa5442d-f7b6-4531-9d3e-f61e3e8920e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:1000::/40
Signature Algorithm: sha256WithRSAEncryption
00:95:7b:dd:0d:9e:f1:b7:62:c3:84:76:e0:ac:12:f2:d3:05:
30:f1:12:ec:87:e5:43:11:9a:a0:6b:26:41:fb:d0:fc:11:62:
73:a6:e7:d3:af:b3:8e:88:04:61:42:36:26:f0:42:df:f9:d2:
f7:3b:e6:07:3a:f0:4d:01:69:22:6e:1e:b7:81:2a:d1:d1:16:
31:7d:ef:d6:62:77:18:4a:d6:8e:77:f5:4d:fc:fd:07:7b:92:
98:00:9c:13:ce:50:17:76:7e:a6:3e:f4:6e:9b:9f:b2:f1:1d:
12:13:26:ca:e8:ef:5b:e0:98:40:3b:3a:e9:db:ee:06:54:44:
78:34:10:09:24:8f:ea:7a:7c:56:fb:b1:55:f7:b9:e0:ac:d6:
b7:33:c7:a0:fb:34:ea:ac:1c:e8:35:90:16:db:42:5a:b3:57:
dc:26:46:6c:e3:87:1d:33:34:97:2a:03:75:ef:ba:96:eb:ae:
bc:a2:06:9e:1c:9b:dd:3a:4f:62:ad:40:e0:6a:3a:d8:97:31:
48:c1:16:3d:1f:0a:e6:53:67:9b:6b:e5:67:13:43:fa:12:92:
41:0f:d6:95:6c:ba:b3:e7:85:ba:a0:07:6f:fb:3f:09:5a:d3:
23:e2:dd:47:7b:c8:0b:4d:05:bc:b4:7a:b8:c8:b7:52:e3:2a:
c7:a9:a8:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKDnjh0C8saAkqo98jRnkfT48QFQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUxMDZaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1OTlhNjIxMTczOTUzOTNmNGRjZDUzMDZiYmQyNzg3ODM4YjVlODJhMTk0
YTJjZTlmMWJkZWVmYTEzZTNmZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDanLj3ydGZF23zOfo33JuHOFZVUfzRvgTgOnO3uuLvdw5UJc6jKk/1Yg4C
XDlYeXPJRMxZhgTvUBwVIlaEI1ySGkk+M2gRGSX3jm9+cSzyfuKxTVk9WeTgOpIr
5TW5e06QAxoLgnO/wQksxBxnqdET6Z1eoLXLdCIeDHKTxS1cx8LV8EjcH6M5QT0q
xWfapRJNtXD5X5eAu/Pa4Rw2mLSm0K1PwhFtDAM7Ie4JLeJHs6/POd/ZI6fNeeWD
7jC0xt+rRQXcYwpwbOv+a810v5+n53ANzPfvSZIAVYmrbxhHbNHA9UtjYL0ie/vw
Tr1tZDBnsfQjBYpFr/HWeIEY/k8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQtvHwa
Gis2gNGxME+oYQ6isXmGTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGZhNTQ0MmQtZjdiNi00NTMxLTlkM2UtZjYxZTNlODkyMGU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAAlXvdDZ7xt2LDhHbgrBLy0wUw8RLsh+VDEZqg
ayZB+9D8EWJzpufTr7OOiARhQjYm8ELf+dL3O+YHOvBNAWkibh63gSrR0RYxfe/W
YncYStaOd/VN/P0He5KYAJwTzlAXdn6mPvRum5+y8R0SEybK6O9b4JhAOzrp2+4G
VER4NBAJJI/qenxW+7FV97ngrNa3M8eg+zTqrBzoNZAW20Jas1fcJkZs44cdMzSX
KgN177qW6668ogaeHJvdOk9irUDgajrYlzFIwRY9HwrmU2eba+VnE0P6EpJBD9aV
bLqz54W6oAdv+z8JWtMj4t1He8gLTQW8tHq4yLdS4yrHqahE
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:33:13 2026 by rpki-client