Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a27681a-552d-49f7-9124-ff1331d94249.roa
File: 9a27681a-552d-49f7-9124-ff1331d94249.roa (raw, json)
Hash identifier: fq3pB8ld6MrL++Vaipb1Ofu3eMLT6ayMSEdHDNb/nzQ=
Subject key identifier: 07:39:85:4C:28:DC:19:82:AA:A5:C8:2D:B4:F8:ED:85:F7:82:D4:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A818C04798A35B62D5B1B8B6328569D267FA8F1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a27681a-552d-49f7-9124-ff1331d94249.roa
Signing time: Fri 22 May 2026 16:16:27 +0000
ROA not before: Fri 22 May 2026 16:16:27 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:81:8c:04:79:8a:35:b6:2d:5b:1b:8b:63:28:56:9d:26:7f:a8:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:16:27 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=d0f5e8af39214f56abef2dc3d195807dfcb68f478a2eda62a46620c8f626d271, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9d:8a:cd:09:0a:20:1d:9a:2a:75:0f:a3:96:
da:cc:5c:c4:9b:b2:22:58:f7:a8:83:10:9c:1e:23:
27:42:f7:dc:52:d1:e7:9e:f0:47:0c:7c:77:1e:49:
d5:85:42:71:90:ee:e3:64:6e:51:9c:fb:39:9b:ff:
f7:05:18:fc:d0:2d:d7:83:ce:62:01:3b:e8:2f:11:
e3:82:cb:94:ab:6d:d5:f9:45:2a:e5:bf:1b:40:5d:
04:e2:64:f5:52:d3:47:df:48:47:45:85:da:de:d2:
4e:c1:ee:5c:30:67:17:59:71:03:e0:ce:14:25:e7:
41:7e:b7:f1:cd:d3:42:36:11:c7:f0:12:26:b1:d6:
a2:7d:2b:21:8f:27:70:57:0b:64:50:0a:1b:7f:9d:
7b:fe:bb:f1:65:2c:01:d9:3e:99:fd:dc:33:00:cf:
02:1f:99:95:4a:e6:74:4e:e8:d3:28:3d:98:2d:bb:
c2:ef:e5:07:27:4c:13:9b:47:87:3e:db:02:20:4f:
2b:fb:b5:7b:fd:e0:ac:c3:56:96:66:50:df:b7:8b:
41:92:91:bf:c7:d1:a7:bd:90:12:3e:5b:a1:be:da:
50:e0:6e:4e:d0:75:2f:aa:de:59:0b:ac:8c:45:bc:
a4:a6:72:d9:12:19:b4:eb:0e:35:43:cd:2d:33:86:
1f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:39:85:4C:28:DC:19:82:AA:A5:C8:2D:B4:F8:ED:85:F7:82:D4:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a27681a-552d-49f7-9124-ff1331d94249.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:c000::/40
Signature Algorithm: sha256WithRSAEncryption
74:3b:b0:60:0a:f1:06:1e:ec:34:01:dc:d6:5a:6f:b5:a4:00:
21:a3:ac:b5:b4:0b:4a:c5:1b:57:c7:64:62:76:f5:ce:3c:9a:
0a:37:2d:e0:75:65:f4:24:3d:5b:e3:97:9c:9a:64:73:59:02:
e1:7d:04:54:8a:01:23:21:ee:67:7f:a0:61:65:66:cd:98:60:
6b:37:61:4a:78:25:a4:99:0e:06:6e:7d:0f:9d:fe:e9:1e:e9:
6d:26:cb:b4:2b:ea:52:fb:76:23:49:c2:63:c6:57:d7:3d:19:
bf:e7:7d:e7:c1:c8:0a:70:a4:3b:98:0f:22:7a:2b:e1:0a:e5:
53:8a:e1:c6:7a:4b:83:c7:ce:f1:10:e6:b4:87:7f:88:05:00:
fb:76:2b:06:5a:16:fd:65:9d:d4:f1:2f:92:fb:45:bd:42:4a:
8f:92:f7:27:52:4d:4e:07:fb:d9:f7:00:e2:1b:6e:76:3a:9d:
bd:3b:dd:b4:dd:81:23:29:00:d6:16:b4:65:c0:a8:b9:38:28:
75:d8:c9:50:0a:1c:f1:9a:7c:87:58:b6:c0:7c:02:3f:94:1e:
ce:04:4c:ff:8e:90:0f:eb:0c:35:31:43:2e:e8:51:96:27:e9:
d3:b1:d7:a4:7d:c1:3f:cf:11:8e:5f:c1:1c:db:e7:51:7d:72:
1a:01:af:a9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGoGMBHmKNbYtWxuLYyhWnSZ/qPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjE2MjdaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwZjVlOGFmMzkyMTRmNTZhYmVmMmRjM2QxOTU4MDdkZmNiNjhmNDc4YTJl
ZGE2MmE0NjYyMGM4ZjYyNmQyNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKedis0JCiAdmip1D6OW2sxcxJuyIlj3qIMQnB4jJ0L33FLR557wRwx8dx5J
1YVCcZDu42RuUZz7OZv/9wUY/NAt14POYgE76C8R44LLlKtt1flFKuW/G0BdBOJk
9VLTR99IR0WF2t7STsHuXDBnF1lxA+DOFCXnQX638c3TQjYRx/ASJrHWon0rIY8n
cFcLZFAKG3+de/678WUsAdk+mf3cMwDPAh+ZlUrmdE7o0yg9mC27wu/lBydME5tH
hz7bAiBPK/u1e/3grMNWlmZQ37eLQZKRv8fRp72QEj5bob7aUOBuTtB1L6reWQus
jEW8pKZy2RIZtOsONUPNLTOGH1ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQHOYVM
KNwZgqqlyC20+O2F94LUxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWEyNzY4MWEtNTUyZC00OWY3LTkxMjQtZmYxMzMxZDk0MjQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GjA
MA0GCSqGSIb3DQEBCwUAA4IBAQB0O7BgCvEGHuw0AdzWWm+1pAAho6y1tAtKxRtX
x2RidvXOPJoKNy3gdWX0JD1b45ecmmRzWQLhfQRUigEjIe5nf6BhZWbNmGBrN2FK
eCWkmQ4Gbn0Pnf7pHultJsu0K+pS+3YjScJjxlfXPRm/533nwcgKcKQ7mA8ieivh
CuVTiuHGekuDx87xEOa0h3+IBQD7disGWhb9ZZ3U8S+S+0W9QkqPkvcnUk1OB/vZ
9wDiG252Op29O9203YEjKQDWFrRlwKi5OCh12MlQChzxmnyHWLbAfAI/lB7OBEz/
jpAP6ww1MUMu6FGWJ+nTsdekfcE/zxGOX8Ec2+dRfXIaAa+p
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:53:40 2026 by rpki-client