Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json)
Hash identifier: InXbYqh8mxxlSuoJmsYsLyV5HFYFoxMIpHvuIgqzeVU=
Subject key identifier: B1:D3:CB:70:5B:4C:57:29:7E:47:BC:54:BF:4C:62:34:2F:B2:4E:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38AD296AB9F2BC8D5F2F4BB4A570BCD417282C48
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
Signing time: Sat 28 Feb 2026 05:10:37 +0000
ROA not before: Sat 28 Feb 2026 05:10:37 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02a::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:ad:29:6a:b9:f2:bc:8d:5f:2f:4b:b4:a5:70:bc:d4:17:28:2c:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:10:37 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=11cc0817be40f1ec30a1abdfaf4ec05250d3b578bf5338a3dda86a85fb780626, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:37:38:13:d9:f4:79:57:a1:28:03:43:0a:63:
94:34:4b:1d:cc:45:53:32:80:d1:c7:ab:fb:5a:72:
dd:05:07:79:06:8e:49:e3:99:f9:53:b8:f6:94:bb:
66:34:da:c2:47:67:13:2f:db:41:93:89:da:af:67:
26:7c:76:dd:6c:45:e4:8f:e3:b8:c3:0e:0d:24:06:
8a:5c:9d:9c:9c:15:27:db:7b:df:fd:0e:3f:d3:77:
aa:d1:90:14:8e:b4:93:b4:3d:d9:0c:f1:9a:ce:f8:
3a:35:d1:0b:e6:8b:31:3a:3e:b5:9d:6c:07:b6:c5:
57:38:7b:00:d5:58:c5:50:4b:b7:2c:51:20:f5:e2:
db:35:06:6a:f1:76:06:33:2c:06:5e:c0:22:fe:1c:
28:61:c4:8a:84:d5:64:1c:05:fe:60:c9:1d:31:53:
b9:d2:92:1b:b0:ab:22:df:16:7c:6a:7f:51:21:33:
31:ce:97:1f:45:71:37:d2:b7:99:28:df:73:dc:d5:
d8:75:62:d4:d3:c1:13:55:d4:1d:2d:f8:70:b3:42:
5f:f0:d7:99:94:3e:d1:18:18:4f:6f:0a:f9:15:17:
41:94:09:8f:42:c5:1d:c2:08:83:c3:5c:dd:91:a5:
4e:4c:95:95:cc:7b:00:5d:1e:d6:b0:0d:8a:30:fc:
16:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D3:CB:70:5B:4C:57:29:7E:47:BC:54:BF:4C:62:34:2F:B2:4E:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02a::/36
Signature Algorithm: sha256WithRSAEncryption
95:fd:94:7c:a9:13:87:72:4a:14:8f:4d:fb:1b:39:1e:28:9b:
08:88:0b:9c:36:b7:fd:b1:d7:c6:23:a6:05:9f:1e:97:6c:c3:
35:80:3b:29:4c:02:43:f5:a9:4f:b0:f9:d1:7c:53:aa:77:02:
ac:47:9a:19:32:16:53:d4:bd:06:04:86:46:69:90:f8:f0:88:
70:53:b8:e4:fa:f3:74:a7:06:a8:ca:ae:37:26:3c:0c:4c:43:
6f:a8:2b:60:59:6e:fd:d9:c4:a0:a5:25:ca:ba:bb:7f:a7:45:
62:8c:0a:48:95:44:f5:66:89:6b:af:34:2b:72:4d:2b:dc:3f:
7c:86:fe:aa:f0:4c:a0:1c:2f:55:29:e8:3d:0e:77:ee:d8:07:
eb:69:5f:52:d7:5b:dd:04:f3:e1:28:4e:29:12:48:35:72:18:
bd:dd:fd:06:ef:00:3b:d0:f8:09:6c:03:eb:85:65:02:cb:c3:
c2:e6:97:88:d8:07:f4:34:c1:27:04:79:77:86:45:74:3e:24:
50:c7:79:03:5c:a3:48:d1:0e:09:27:24:76:80:c8:40:e3:94:
09:ba:d0:cf:fa:b5:c2:90:a8:b4:ce:38:63:59:05:29:0b:33:
d3:51:1b:38:ff:14:53:a0:1e:ae:8e:10:d5:7b:ef:e0:aa:1b:
33:5b:fb:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOK0parnyvI1fL0u0pXC81BcoLEgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTEwMzdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDExY2MwODE3YmU0MGYxZWMzMGExYWJkZmFmNGVjMDUyNTBkM2I1NzhiZjUz
MzhhM2RkYTg2YTg1ZmI3ODA2MjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALM3OBPZ9HlXoSgDQwpjlDRLHcxFUzKA0cer+1py3QUHeQaOSeOZ+VO49pS7
ZjTawkdnEy/bQZOJ2q9nJnx23WxF5I/juMMODSQGilydnJwVJ9t73/0OP9N3qtGQ
FI60k7Q92Qzxms74OjXRC+aLMTo+tZ1sB7bFVzh7ANVYxVBLtyxRIPXi2zUGavF2
BjMsBl7AIv4cKGHEioTVZBwF/mDJHTFTudKSG7CrIt8WfGp/USEzMc6XH0VxN9K3
mSjfc9zV2HVi1NPBE1XUHS34cLNCX/DXmZQ+0RgYT28K+RUXQZQJj0LFHcIIg8Nc
3ZGlTkyVlcx7AF0e1rANijD8FisCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSx08tw
W0xXKX5HvFS/TGI0L7JOTzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTlmZmEyMzgtOTEzMy00ZmE1LWFkODQtNDllNjdkMzQ4NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CoA
MA0GCSqGSIb3DQEBCwUAA4IBAQCV/ZR8qROHckoUj037GzkeKJsIiAucNrf9sdfG
I6YFnx6XbMM1gDspTAJD9alPsPnRfFOqdwKsR5oZMhZT1L0GBIZGaZD48IhwU7jk
+vN0pwaoyq43JjwMTENvqCtgWW792cSgpSXKurt/p0VijApIlUT1ZolrrzQrck0r
3D98hv6q8EygHC9VKeg9Dnfu2AfraV9S11vdBPPhKE4pEkg1chi93f0G7wA70PgJ
bAPrhWUCy8PC5peI2Af0NMEnBHl3hkV0PiRQx3kDXKNI0Q4JJyR2gMhA45QJutDP
+rXCkKi0zjhjWQUpCzPTURs4/xRToB6ujhDVe+/gqhszW/sS
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:27:04 2026 by rpki-client