Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
File: 9963ca7c-f411-4aae-ac61-2c650f8269e0.roa (raw, json)
Hash identifier: LEWOxdw9JlvbxyILXZxeFQ779OlIas3LsL5jTuBSlUI=
Subject key identifier: B0:19:57:B9:13:B9:1F:C9:85:AA:E5:7D:4D:43:D0:64:E2:7E:20:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 123EB66B915847EC0B4FD5E3EEA97A193529C351
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
Signing time: Tue 19 May 2026 04:40:06 +0000
ROA not before: Tue 19 May 2026 04:40:06 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:3e:b6:6b:91:58:47:ec:0b:4f:d5:e3:ee:a9:7a:19:35:29:c3:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:06 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=45a8071b41e303e19d190ceb45e2cea69b4400eca75e79fdd091321a8b6eb367, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bc:bd:7e:bf:97:eb:cc:98:39:e6:08:e2:fd:
3d:41:c3:68:57:04:b4:f6:33:02:74:6e:21:ed:f2:
94:48:33:66:fe:55:0e:5f:69:ea:c6:13:95:e7:88:
8c:b8:e8:5e:0b:d0:da:19:45:7f:60:a2:f3:d5:07:
4d:b5:0b:a4:63:96:6e:1d:fd:6e:3d:58:e8:6e:d3:
c4:b6:24:71:e0:6d:1a:14:3b:f7:24:74:18:5d:da:
3e:b7:a9:49:fd:01:11:7e:51:0f:e8:4b:74:80:d5:
05:0a:3b:96:07:a7:f4:4a:18:06:84:0c:47:6d:24:
b8:5d:13:6e:6f:6d:76:cf:51:1e:bc:2a:9e:30:25:
76:34:c0:21:81:ac:82:d6:9d:4e:ca:7e:a7:54:f0:
65:f4:6c:13:7c:21:69:67:57:ba:a8:07:c7:48:14:
d0:fb:e1:87:05:79:83:47:57:20:ef:aa:e9:65:a9:
91:f7:18:9f:6d:8d:e4:09:65:1c:36:ca:30:2e:03:
6d:5d:85:c9:db:c1:1e:bb:21:b0:4c:b5:bb:f8:97:
e3:4f:d0:65:96:27:73:0f:ea:3a:81:86:6b:34:60:
2e:13:1e:d9:0c:0f:c4:c0:93:d6:2e:a8:10:48:60:
8e:dc:5c:56:d1:a9:f9:67:db:5d:c2:44:af:9f:90:
1f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:19:57:B9:13:B9:1F:C9:85:AA:E5:7D:4D:43:D0:64:E2:7E:20:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:400::/38
Signature Algorithm: sha256WithRSAEncryption
ad:f8:c6:72:f3:dc:8b:cf:77:16:05:39:6a:00:ca:2e:60:09:
72:08:8a:6f:85:89:35:be:4b:71:64:cb:6b:5a:05:52:51:45:
dc:57:ef:c1:47:1f:3f:42:b3:65:31:b3:08:55:bb:22:f8:0c:
33:2d:27:0a:d2:84:ee:a9:c8:8b:cf:64:9a:bb:ec:4a:ad:bb:
a1:25:51:48:a1:aa:b3:d6:98:7b:86:62:76:cd:d6:d5:c7:d7:
40:f3:eb:b6:ec:d8:0a:74:f7:88:97:80:28:28:b6:83:7a:e0:
b8:fe:1e:cd:91:fc:f4:87:42:58:0c:87:d0:91:8f:91:e2:c5:
0f:57:e0:e9:ad:93:3d:00:c4:0c:86:e8:50:dc:72:8a:98:ea:
9a:b3:9f:61:fe:a5:df:e9:8e:ea:f8:2a:06:bd:04:c8:0e:5d:
31:c2:cb:79:d2:20:9a:b2:f2:bb:f2:94:4a:d7:18:93:12:ef:
b3:96:b4:da:1d:a9:a5:0c:18:c0:56:00:c0:2b:82:40:46:e5:
0d:45:2e:7b:ba:c3:51:6d:b7:41:2e:87:f8:41:89:63:e6:7d:
31:6c:19:2b:a7:d7:23:3b:5c:38:fd:a8:8c:43:6f:ea:f3:58:
4c:e0:1c:ad:bb:48:f0:ab:9b:3e:ee:55:44:69:14:02:a0:9c:
2d:4d:84:d3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEj62a5FYR+wLT9Xj7ql6GTUpw1EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1YTgwNzFiNDFlMzAzZTE5ZDE5MGNlYjQ1ZTJjZWE2OWI0NDAwZWNhNzVl
NzlmZGQwOTEzMjFhOGI2ZWIzNjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALS8vX6/l+vMmDnmCOL9PUHDaFcEtPYzAnRuIe3ylEgzZv5VDl9p6sYTleeI
jLjoXgvQ2hlFf2Ci89UHTbULpGOWbh39bj1Y6G7TxLYkceBtGhQ79yR0GF3aPrep
Sf0BEX5RD+hLdIDVBQo7lgen9EoYBoQMR20kuF0Tbm9tds9RHrwqnjAldjTAIYGs
gtadTsp+p1TwZfRsE3whaWdXuqgHx0gU0PvhhwV5g0dXIO+q6WWpkfcYn22N5All
HDbKMC4DbV2FydvBHrshsEy1u/iX40/QZZYncw/qOoGGazRgLhMe2QwPxMCT1i6o
EEhgjtxcVtGp+WfbXcJEr5+QH28CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSwGVe5
E7kfyYWq5X1NQ9Bk4n4gXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk2M2NhN2MtZjQxMS00YWFlLWFjNjEtMmM2NTBmODI2OWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEE
MA0GCSqGSIb3DQEBCwUAA4IBAQCt+MZy89yLz3cWBTlqAMouYAlyCIpvhYk1vktx
ZMtrWgVSUUXcV+/BRx8/QrNlMbMIVbsi+AwzLScK0oTuqciLz2Sau+xKrbuhJVFI
oaqz1ph7hmJ2zdbVx9dA8+u27NgKdPeIl4AoKLaDeuC4/h7Nkfz0h0JYDIfQkY+R
4sUPV+DprZM9AMQMhuhQ3HKKmOqas59h/qXf6Y7q+CoGvQTIDl0xwst50iCasvK7
8pRK1xiTEu+zlrTaHamlDBjAVgDAK4JARuUNRS57usNRbbdBLof4QYlj5n0xbBkr
p9cjO1w4/aiMQ2/q81hM4Bytu0jwq5s+7lVEaRQCoJwtTYTT
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:15:23 2026 by rpki-client