Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa
File: 9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa (raw, json)
Hash identifier: o0nA844ZM69OOKwy7flcva81/yKLseZ+/nltruF6c3Q=
Subject key identifier: 0F:7C:E7:A9:F2:40:1F:1A:15:17:BF:1E:F1:E5:F4:BB:00:E5:D5:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 565FB29727D1BC86D56BF8E1BAF0458713395B96
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa
Signing time: Wed 25 Feb 2026 03:00:08 +0000
ROA not before: Wed 25 Feb 2026 03:00:08 +0000
ROA not after: Tue 26 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:5f:b2:97:27:d1:bc:86:d5:6b:f8:e1:ba:f0:45:87:13:39:5b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 25 03:00:08 2026 GMT
Not After : May 26 23:59:59 2026 GMT
Subject: serialNumber=75f7f86a9c75080842e6f7d72006bd4407aecfcb6c91b7334d69e192f91da509, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b4:62:b5:2c:26:a6:88:2c:2a:6a:42:83:93:
90:c0:5b:a8:36:2e:a9:05:8f:de:8e:99:9b:7d:31:
21:d6:90:cd:da:76:fa:c0:cd:a3:e4:31:03:d6:c8:
2d:fc:e9:f8:33:38:31:25:f2:c7:71:5b:25:74:87:
65:ef:00:1c:2f:7c:42:17:1e:fa:b1:f3:28:14:22:
7d:7f:26:97:bf:6d:b2:23:12:73:7b:37:8b:36:c7:
bd:1f:7e:0c:8c:08:40:83:02:dd:ce:a7:9f:80:0c:
eb:6b:36:7d:d7:27:49:87:03:27:9e:7b:64:2a:fb:
67:d2:3b:c3:35:ef:52:d3:a4:09:61:16:b3:b1:2b:
06:22:af:04:c6:65:af:a0:25:2e:30:cf:0d:c5:76:
c7:a8:f5:fb:53:ab:8d:cd:0f:e4:02:5a:d3:d1:2d:
60:87:73:a2:58:20:8d:86:78:f4:9c:fc:77:58:60:
9c:f1:00:32:ec:5f:8a:f3:e6:4f:10:36:3f:87:5f:
19:b8:70:77:bd:53:df:40:64:1e:1e:72:d3:f4:2f:
14:b0:8e:4f:c4:ac:65:d1:80:97:c5:db:6c:5c:6a:
84:1a:ea:38:76:ec:ed:b7:3f:7e:0f:af:7b:93:14:
c6:65:1f:ee:08:9c:e2:86:00:70:41:b7:be:0d:c6:
a9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:7C:E7:A9:F2:40:1F:1A:15:17:BF:1E:F1:E5:F4:BB:00:E5:D5:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:c000::/48
Signature Algorithm: sha256WithRSAEncryption
1f:4d:a1:88:bb:79:89:3f:47:b6:99:84:78:d9:79:92:20:b2:
ff:c8:38:9a:9c:e5:d9:ad:2b:34:c2:3d:db:40:92:a8:47:ab:
0d:3e:45:bd:7e:43:ff:b0:12:eb:c3:4d:7a:e5:e9:fe:e7:ec:
3e:0a:1f:cd:3d:f7:1d:63:00:bf:d1:41:03:6b:d9:4b:7b:c0:
84:d2:15:dc:53:26:75:47:7d:f0:93:dc:fa:e8:7b:ff:68:4d:
59:c8:a4:6f:2c:c0:be:71:68:25:8d:12:fa:4d:b8:57:33:a8:
c7:1e:59:8f:84:db:16:80:82:a5:0c:6f:49:00:9c:8e:b9:90:
78:8f:5d:45:ad:e1:96:8c:de:be:cd:6a:80:c2:56:a0:72:24:
f2:e1:97:21:ac:8d:00:33:a7:a2:2b:05:ba:02:7c:4c:5c:3f:
95:18:2a:f1:e0:29:c1:42:ac:3b:8a:6d:20:a5:1d:df:5a:14:
46:29:19:5b:5d:e7:45:84:bf:09:af:30:96:bf:85:42:c8:29:
ac:da:29:6d:69:bf:ff:8d:c3:1d:da:bf:27:5c:0a:e2:77:9a:
7d:45:94:3d:8b:30:3d:24:f5:b8:08:6b:69:c2:11:fa:35:2a:
10:3b:70:b6:36:55:36:7e:c7:e8:45:16:1c:95:98:96:1e:43:
20:48:bc:e2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVl+ylyfRvIbVa/jhuvBFhxM5W5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjUwMzAwMDhaFw0yNjA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1ZjdmODZhOWM3NTA4MDg0MmU2ZjdkNzIwMDZiZDQ0MDdhZWNmY2I2Yzkx
YjczMzRkNjllMTkyZjkxZGE1MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKO0YrUsJqaILCpqQoOTkMBbqDYuqQWP3o6Zm30xIdaQzdp2+sDNo+QxA9bI
Lfzp+DM4MSXyx3FbJXSHZe8AHC98Qhce+rHzKBQifX8ml79tsiMSc3s3izbHvR9+
DIwIQIMC3c6nn4AM62s2fdcnSYcDJ557ZCr7Z9I7wzXvUtOkCWEWs7ErBiKvBMZl
r6AlLjDPDcV2x6j1+1Orjc0P5AJa09EtYIdzolggjYZ49Jz8d1hgnPEAMuxfivPm
TxA2P4dfGbhwd71T30BkHh5y0/QvFLCOT8SsZdGAl8XbbFxqhBrqOHbs7bc/fg+v
e5MUxmUf7gic4oYAcEG3vg3GqRMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQPfOep
8kAfGhUXvx7x5fS7AOXV8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWRmZThjNjUtZmQ1Yi00NTk3LWJlNGEtMGUwOTRjNTljNDBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GzA
ADANBgkqhkiG9w0BAQsFAAOCAQEAH02hiLt5iT9HtpmEeNl5kiCy/8g4mpzl2a0r
NMI920CSqEerDT5FvX5D/7AS68NNeuXp/ufsPgofzT33HWMAv9FBA2vZS3vAhNIV
3FMmdUd98JPc+uh7/2hNWcikbyzAvnFoJY0S+k24VzOoxx5Zj4TbFoCCpQxvSQCc
jrmQeI9dRa3hlozevs1qgMJWoHIk8uGXIayNADOnoisFugJ8TFw/lRgq8eApwUKs
O4ptIKUd31oURikZW13nRYS/Ca8wlr+FQsgprNopbWm//43DHdq/J1wK4neafUWU
PYswPST1uAhracIR+jUqEDtwtjZVNn7H6EUWHJWYlh5DIEi84g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:55:41 2026 by rpki-client