Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
File: 9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa (raw, json)
Hash identifier: OVcTZOOKvBiilaPDOD5HOUO/NNCnQp90xkF3UH8X60o=
Subject key identifier: 3F:27:CC:55:F2:AD:E4:6D:CC:E6:2F:54:D5:16:5C:47:40:FD:EA:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E4D89C778107C5EFD7FC6B9E355DD110C61D29D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
Signing time: Sat 28 Feb 2026 06:20:48 +0000
ROA not before: Sat 28 Feb 2026 06:20:48 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:4d:89:c7:78:10:7c:5e:fd:7f:c6:b9:e3:55:dd:11:0c:61:d2:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:20:48 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=19902c02c5f13cf0ea3723adf5350bd76e97fed8e61b2df05e2bb9af327cdd39, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:dc:c3:2c:69:24:aa:7b:75:18:a5:6a:05:3a:
4b:0d:bb:d4:52:f3:95:6c:4d:8d:dd:57:a0:a7:24:
e2:84:34:d2:57:7a:5c:ad:36:91:e3:d1:03:51:7e:
87:e9:cc:ca:d5:bd:01:cd:15:a1:13:82:d2:0e:b9:
12:7a:b1:58:c4:7d:12:c0:ed:38:a0:d3:d9:58:17:
54:fa:25:22:1c:01:62:45:71:5c:34:75:35:f2:61:
46:dc:75:7c:b2:86:f9:46:4d:b4:ce:c8:2a:38:3d:
69:30:53:aa:86:99:57:e5:8c:8e:a5:cf:11:7e:da:
c7:32:07:f1:62:9c:75:e0:2c:0e:7c:81:df:3d:90:
6f:5c:28:4a:f6:4f:ff:98:dd:d0:18:8a:80:da:1b:
bd:d4:f4:93:29:a1:c4:3b:98:5a:b9:60:b1:31:f8:
32:31:fd:41:98:f2:87:8b:0b:ad:1b:c9:7a:98:a2:
8e:bf:bf:de:ee:7d:d1:c7:04:94:92:7f:9f:86:84:
b8:8c:c6:fc:5b:8d:ed:fc:90:d9:a4:35:c9:4e:8b:
17:08:27:0b:f6:97:4d:15:03:14:27:c4:de:e6:fb:
c7:aa:6a:27:c0:64:5a:f9:9d:08:62:57:24:ec:ca:
c6:ba:0d:5e:f8:ed:61:28:b0:6f:74:40:0c:15:13:
12:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:27:CC:55:F2:AD:E4:6D:CC:E6:2F:54:D5:16:5C:47:40:FD:EA:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:9040::/48
Signature Algorithm: sha256WithRSAEncryption
69:d8:11:6a:c2:8f:93:da:8f:42:a1:b2:f4:e9:f2:f8:f4:ef:
32:ec:d6:90:a6:39:20:f0:1b:ee:7f:f4:01:ce:62:b0:07:4d:
1e:c4:d2:cb:0c:b4:a0:07:e5:a7:b8:82:f6:cc:47:ee:87:39:
0f:b0:6d:55:9a:22:9e:79:46:e3:bf:bf:e8:54:1a:fd:2a:8a:
1d:f3:b3:bc:85:ce:b8:d5:87:90:4f:a2:ca:4c:6c:69:ce:82:
d7:32:9b:62:46:90:4b:6d:5c:5d:37:68:d2:52:9c:0e:8c:a7:
89:2a:61:59:0b:9f:b5:47:2d:54:39:8a:aa:50:3f:35:ba:fc:
24:49:f1:b8:31:1a:77:d7:1e:15:e9:96:f9:9b:98:9f:09:54:
00:74:9e:d9:a3:87:75:72:af:f8:2f:d4:36:57:c1:e8:cf:19:
c0:38:b1:c5:32:36:66:89:3a:6c:5c:fc:fb:57:99:d9:81:e7:
92:4b:7d:47:67:44:01:f3:e2:92:f2:a7:73:42:7a:58:2f:d3:
ed:d1:68:a1:45:6e:fa:96:4d:2e:94:a4:5d:40:0b:2f:f1:8c:
74:5c:44:cd:08:86:80:60:59:c3:11:36:7c:83:77:cc:d1:f8:
14:26:3e:65:b5:5e:38:8e:6b:8f:09:ba:5d:a4:db:12:7d:b8:
ae:9f:46:6c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULk2Jx3gQfF79f8a541XdEQxh0p0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIwNDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5OTAyYzAyYzVmMTNjZjBlYTM3MjNhZGY1MzUwYmQ3NmU5N2ZlZDhlNjFi
MmRmMDVlMmJiOWFmMzI3Y2RkMzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJDcwyxpJKp7dRilagU6Sw271FLzlWxNjd1XoKck4oQ00ld6XK02kePRA1F+
h+nMytW9Ac0VoROC0g65EnqxWMR9EsDtOKDT2VgXVPolIhwBYkVxXDR1NfJhRtx1
fLKG+UZNtM7IKjg9aTBTqoaZV+WMjqXPEX7axzIH8WKcdeAsDnyB3z2Qb1woSvZP
/5jd0BiKgNobvdT0kymhxDuYWrlgsTH4MjH9QZjyh4sLrRvJepiijr+/3u590ccE
lJJ/n4aEuIzG/FuN7fyQ2aQ1yU6LFwgnC/aXTRUDFCfE3ub7x6pqJ8BkWvmdCGJX
JOzKxroNXvjtYSiwb3RADBUTEmcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ/J8xV
8q3kbczmL1TVFlxHQP3qrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTIwNzU5NWUtM2JiYy00NWY3LThmMGEtODEzZTFiMDFmOWExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAadgRasKPk9qPQqGy9Ony+PTvMuzWkKY5IPAb
7n/0Ac5isAdNHsTSywy0oAflp7iC9sxH7oc5D7BtVZoinnlG47+/6FQa/SqKHfOz
vIXOuNWHkE+iykxsac6C1zKbYkaQS21cXTdo0lKcDoyniSphWQuftUctVDmKqlA/
Nbr8JEnxuDEad9ceFemW+ZuYnwlUAHSe2aOHdXKv+C/UNlfB6M8ZwDixxTI2Zok6
bFz8+1eZ2YHnkkt9R2dEAfPikvKnc0J6WC/T7dFooUVu+pZNLpSkXUALL/GMdFxE
zQiGgGBZwxE2fIN3zNH4FCY+ZbVeOI5rjwm6XaTbEn24rp9GbA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:02:46 2026 by rpki-client