Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
File: a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa (raw, json)
Hash identifier: EjQ+YEMDux41CzgX2asYPZFfl3foVxU3ipfGG73orNU=
Subject key identifier: 2F:F2:8D:C0:BD:1A:DB:77:A8:17:61:FE:5A:4F:82:5E:AD:DA:65:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3283AE8C9169689EEB8546574F05349332653369
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
Signing time: Sat 28 Feb 2026 06:11:03 +0000
ROA not before: Sat 28 Feb 2026 06:11:03 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:83:ae:8c:91:69:68:9e:eb:85:46:57:4f:05:34:93:32:65:33:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:11:03 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=fc975f84275fefada5c7df8edc0591ac57e6b88b41b337d4071a760b29d4aa9a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:58:4f:f2:4d:89:ba:41:3c:f4:ac:32:20:7d:
ac:a4:5a:1f:7e:72:b7:ae:b2:b5:d0:cb:e6:ac:13:
65:73:dc:16:1b:96:0e:4e:5a:80:2c:bc:56:80:bd:
7c:ed:ef:81:96:f0:ec:da:36:89:a0:fb:52:67:c1:
d4:cf:84:67:3d:82:ed:77:89:e2:13:d8:dc:c2:fd:
f8:f3:63:f2:97:c5:ee:26:1a:70:a6:70:e6:80:15:
43:58:c1:10:a8:60:92:4c:ac:5f:6f:25:a5:14:0a:
64:e7:1c:30:d5:94:d1:59:5a:f1:16:6b:a0:a2:b5:
31:c6:0e:d5:aa:d1:9e:1e:e5:82:5a:84:90:36:53:
27:7f:67:c4:fa:62:84:fa:fa:a6:d0:bd:9c:e8:55:
79:ea:d4:75:4a:cb:64:29:84:7a:d7:27:24:92:d6:
a6:11:58:ba:8e:ac:fb:e7:08:f1:f6:29:0a:91:43:
a1:f1:ac:7c:61:73:0e:b1:62:e5:c4:35:20:89:22:
5c:86:8e:98:a9:39:da:e0:b2:ab:2a:3c:c8:d8:c3:
c5:3d:b1:a3:a9:d8:34:12:26:60:e6:b0:03:24:6e:
63:6b:3c:42:ec:6f:35:e7:8e:d7:6d:80:68:df:c4:
f0:11:d4:55:67:03:74:e5:11:78:9e:ad:cb:c0:22:
3b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F2:8D:C0:BD:1A:DB:77:A8:17:61:FE:5A:4F:82:5E:AD:DA:65:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6080::/48
Signature Algorithm: sha256WithRSAEncryption
60:b8:ca:9c:84:79:df:fb:ec:f4:3c:ed:b3:a5:0a:d2:15:53:
ce:53:bf:47:eb:1a:14:66:b7:e1:e8:39:a2:f6:00:ef:be:f0:
9d:d9:3b:16:2b:fe:50:8b:14:b9:dc:91:75:64:f5:f6:0f:df:
0f:23:55:0d:fe:b9:ac:a1:43:c3:10:21:55:af:76:b5:f8:f2:
35:fb:6a:65:27:d8:ff:74:aa:3c:60:fb:78:83:93:a3:e5:b8:
b1:9a:ce:79:24:fe:85:11:fd:b3:bd:4e:d9:58:db:60:33:c6:
4d:9d:1a:91:37:59:fc:66:0e:1b:1c:81:cb:35:1a:0b:e3:6b:
70:a5:be:96:98:a1:db:c7:a9:02:f5:48:1d:12:33:c2:33:83:
5f:76:7e:43:78:d2:68:51:65:3c:4a:7f:af:81:bf:27:19:54:
06:a8:8b:bb:e0:1c:3a:7f:a2:60:56:8f:c2:b5:b3:1f:c5:a1:
e6:dc:23:7a:35:8e:fc:81:dd:9c:cd:8a:c2:1e:4a:ee:3a:78:
5c:59:ab:1f:0a:be:8a:a4:bd:62:2e:3c:3c:81:86:05:d8:8b:
8a:8d:e1:ae:a8:60:48:1c:fe:b0:fa:33:d5:aa:38:e1:68:64:
cc:42:b2:89:73:1c:dc:71:f0:45:15:cf:c2:51:ac:8a:19:fe:
7b:00:2b:5f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMoOujJFpaJ7rhUZXTwU0kzJlM2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjExMDNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjOTc1Zjg0Mjc1ZmVmYWRhNWM3ZGY4ZWRjMDU5MWFjNTdlNmI4OGI0MWIz
MzdkNDA3MWE3NjBiMjlkNGFhOWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5YT/JNibpBPPSsMiB9rKRaH35yt66ytdDL5qwTZXPcFhuWDk5agCy8VoC9
fO3vgZbw7No2iaD7UmfB1M+EZz2C7XeJ4hPY3ML9+PNj8pfF7iYacKZw5oAVQ1jB
EKhgkkysX28lpRQKZOccMNWU0Vla8RZroKK1McYO1arRnh7lglqEkDZTJ39nxPpi
hPr6ptC9nOhVeerUdUrLZCmEetcnJJLWphFYuo6s++cI8fYpCpFDofGsfGFzDrFi
5cQ1IIkiXIaOmKk52uCyqyo8yNjDxT2xo6nYNBImYOawAyRuY2s8QuxvNeeO122A
aN/E8BHUVWcDdOUReJ6ty8AiO0ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQv8o3A
vRrbd6gXYf5aT4JerdplqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQwZTJjZjItZDZlNC00ODEzLWE1YWEtNjIzZWRhODkyNmU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg
gDANBgkqhkiG9w0BAQsFAAOCAQEAYLjKnIR53/vs9Dzts6UK0hVTzlO/R+saFGa3
4eg5ovYA777wndk7Fiv+UIsUudyRdWT19g/fDyNVDf65rKFDwxAhVa92tfjyNftq
ZSfY/3SqPGD7eIOTo+W4sZrOeST+hRH9s71O2VjbYDPGTZ0akTdZ/GYOGxyByzUa
C+NrcKW+lpih28epAvVIHRIzwjODX3Z+Q3jSaFFlPEp/r4G/JxlUBqiLu+AcOn+i
YFaPwrWzH8Wh5twjejWO/IHdnM2Kwh5K7jp4XFmrHwq+iqS9Yi48PIGGBdiLio3h
rqhgSBz+sPoz1ao44WhkzEKyiXMc3HHwRRXPwlGsihn+ewArXw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:48:56 2026 by rpki-client