Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
File: 9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa (raw, json)
Hash identifier: 6Q0u8yGU7rZdxQWIPbNlb331qUlvJ4pGh+Xd9kJjFw0=
Subject key identifier: 59:30:A2:F7:97:BA:DB:36:A5:D7:E2:D6:3D:EF:18:7D:DD:DC:19:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DEB89843086ADDDFE097D11EA8C459FE10DB8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
Signing time: Tue 24 Feb 2026 00:40:10 +0000
ROA not before: Tue 24 Feb 2026 00:40:10 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:a000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:eb:89:84:30:86:ad:dd:fe:09:7d:11:ea:8c:45:9f:e1:0d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 24 00:40:10 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=43c473de3340ef22ad894bbd57519ec94a68bd3e4b68ada9a1f5f030efc7a8e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:08:6c:cf:95:af:39:ad:a0:b0:bb:49:f5:f3:
83:b2:fb:78:7e:36:a6:81:1a:24:71:fb:6a:15:ae:
76:f4:2d:8b:f8:cf:d8:85:24:5b:e2:96:a0:9f:29:
ff:f2:bb:e2:1c:3f:ed:32:7e:74:ab:f7:6c:fe:31:
83:89:ed:8a:0f:c8:51:d8:72:75:bf:83:19:a3:5d:
be:d3:29:c5:ba:b6:e5:2c:13:5a:7f:3e:4b:62:f1:
8a:65:e1:7a:d8:c0:aa:1d:dc:11:d2:10:fb:7e:ad:
ed:3b:da:c2:b3:68:b5:a8:7b:82:4a:fc:a1:44:f9:
f1:97:01:96:78:74:e4:83:3e:88:5a:ba:16:97:c6:
10:31:0e:88:26:84:88:4e:3b:19:98:c7:18:39:9f:
0d:6d:b1:57:12:9a:80:72:a7:39:f8:33:ab:44:0b:
71:46:b9:23:78:3c:b4:e7:91:28:bf:38:d4:72:0b:
75:13:10:22:32:97:74:6e:e8:91:da:18:24:f4:b3:
7a:fa:36:f0:b9:64:f5:38:48:5b:ec:74:aa:52:23:
77:bd:a8:f9:48:9e:50:d9:c3:b9:73:b6:5a:35:c1:
12:a0:61:ba:02:c4:6c:4d:d1:91:af:6e:88:ce:97:
af:7b:e0:4f:e7:a9:1d:b1:fe:a9:89:8a:9f:6e:9b:
83:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:30:A2:F7:97:BA:DB:36:A5:D7:E2:D6:3D:EF:18:7D:DD:DC:19:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:a000::/48
Signature Algorithm: sha256WithRSAEncryption
67:50:a7:ef:09:d4:2f:11:12:5c:e7:51:05:b8:93:9d:02:c4:
2e:63:14:21:70:32:3c:0f:72:a0:21:ab:4c:2a:dd:fe:1c:14:
30:38:8b:d4:17:87:c7:73:db:19:f1:eb:04:61:39:c2:08:57:
f0:29:b8:9f:74:0e:10:06:0d:59:71:e8:a1:97:4d:1e:f0:6d:
03:b8:3a:79:e8:2b:09:da:6c:28:f6:73:0d:45:bc:31:d1:5f:
ca:10:3a:bd:0e:16:cd:3d:17:d7:23:7a:3e:57:88:64:d4:1b:
ed:e3:77:9a:54:c2:68:82:ee:43:de:ca:b9:0e:a6:2e:65:94:
42:12:4b:5d:a0:84:2f:f9:48:a2:3a:3b:b9:3a:d1:b0:25:08:
bb:e9:f9:df:87:95:5d:27:62:8d:a6:32:40:61:14:d1:f2:bd:
73:6f:e3:1a:3b:f9:24:cc:b8:c1:b2:88:9d:39:47:af:0f:a6:
e5:96:fb:bd:33:26:29:1f:54:1d:28:70:c9:e1:ea:5f:5f:ee:
66:35:d9:88:14:43:7f:4a:fe:d1:50:50:17:90:4a:34:f3:d0:
2d:de:9c:1f:01:db:a3:e0:3b:1b:3b:6a:2b:9b:f8:27:71:11:
1f:d3:8e:a0:eb:cb:38:57:77:3f:d7:2e:3a:41:db:1e:49:0f:
29:7e:df:45
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgITPeuJhDCGrd3+CX0R6oxFn+ENuDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI2MDIyNDAwNDAxMFoXDTI2MDUyNTIzNTk1OVowejFJMEcGA1UE
BRNANDNjNDczZGUzMzQwZWYyMmFkODk0YmJkNTc1MTllYzk0YTY4YmQzZTRiNjhh
ZGE5YTFmNWYwMzBlZmM3YThlNzEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArghsz5WvOa2gsLtJ9fODsvt4fjamgRokcftqFa529C2L+M/YhSRb4pagnyn/
8rviHD/tMn50q/ds/jGDie2KD8hR2HJ1v4MZo12+0ynFurblLBNafz5LYvGKZeF6
2MCqHdwR0hD7fq3tO9rCs2i1qHuCSvyhRPnxlwGWeHTkgz6IWroWl8YQMQ6IJoSI
TjsZmMcYOZ8NbbFXEpqAcqc5+DOrRAtxRrkjeDy055EovzjUcgt1ExAiMpd0buiR
2hgk9LN6+jbwuWT1OEhb7HSqUiN3vaj5SJ5Q2cO5c7ZaNcESoGG6AsRsTdGRr26I
zpeve+BP56kdsf6piYqfbpuDVQIDAQABo4ICJDCCAiAwHQYDVR0OBBYEFFkwoveX
uts2pdfi1j3vGH3d3BlnMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC85
YzFhMTBjYy01ZGM5LTQ0YmMtYTRkMi05Mzk2YmQ5YmM5NTkucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgXQdqAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBnUKfvCdQvERJc51EFuJOdAsQuYxQhcDI8D3Kg
IatMKt3+HBQwOIvUF4fHc9sZ8esEYTnCCFfwKbifdA4QBg1Zceihl00e8G0DuDp5
6CsJ2mwo9nMNRbwx0V/KEDq9DhbNPRfXI3o+V4hk1Bvt43eaVMJogu5D3sq5DqYu
ZZRCEktdoIQv+UiiOju5OtGwJQi76fnfh5VdJ2KNpjJAYRTR8r1zb+MaO/kkzLjB
soidOUevD6bllvu9MyYpH1QdKHDJ4epfX+5mNdmIFEN/Sv7RUFAXkEo089At3pwf
Aduj4DsbO2orm/gncREf046g68s4V3c/1y46QdseSQ8pft9F
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:27:40 2026 by rpki-client