Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
File: a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa (raw, json)
Hash identifier: YNMX1EwR4KLz2Ofk2J4Wa5lMtF9JoNPosX/5H4S73do=
Subject key identifier: 58:B3:98:91:D9:BB:28:AB:50:AB:45:24:2D:A6:81:CA:5D:18:18:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E0F3CE111F578513B636AB5B5F97760AFFA1A94
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
Signing time: Sat 28 Feb 2026 05:40:47 +0000
ROA not before: Sat 28 Feb 2026 05:40:47 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:0f:3c:e1:11:f5:78:51:3b:63:6a:b5:b5:f9:77:60:af:fa:1a:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:47 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f3126d5ff0af026340e52bd57babc5e7a6c5aec138f2104930add5cc94c9bf26, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fc:f6:7e:e4:e8:66:16:59:a6:79:b4:3f:89:
b5:9f:99:8e:0b:06:c2:3c:11:9e:d5:63:5e:88:6b:
12:e3:17:ed:18:9f:22:71:c0:ad:fb:27:cb:f5:4d:
2c:6c:d4:60:3d:d0:89:da:4a:5b:a3:63:9e:ab:59:
0a:12:1f:1d:80:5b:52:19:27:46:93:da:4c:5c:cf:
60:9b:b5:24:55:3f:df:5c:8a:70:5e:37:6e:54:05:
e2:c0:86:a5:ac:74:76:64:26:fa:ec:2e:72:05:94:
66:5e:12:8a:49:42:94:a2:46:a7:e1:74:c1:32:44:
cb:60:49:65:09:4d:96:a4:4a:7a:a6:b0:8d:d6:4e:
35:c8:46:3e:76:f9:f8:12:10:11:80:2b:24:3e:29:
cb:ef:4c:eb:6d:af:2c:62:de:04:7c:6b:02:6c:54:
00:12:9c:c9:b0:5e:41:c1:4a:0f:52:46:4b:e6:b7:
4d:9e:02:9d:3e:a1:8a:c9:6e:2f:5f:30:fc:d0:53:
eb:ff:d4:4c:c8:2f:87:39:82:68:65:fb:8a:8f:43:
1d:0f:6b:06:eb:dc:b1:5d:61:f6:c7:58:be:a1:53:
e0:dd:a4:7b:da:a5:19:b8:b5:07:03:59:3d:b6:64:
21:a9:e5:70:01:c1:2e:06:fa:11:41:a1:7d:26:66:
04:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:B3:98:91:D9:BB:28:AB:50:AB:45:24:2D:A6:81:CA:5D:18:18:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:9000::/40
Signature Algorithm: sha256WithRSAEncryption
b0:b9:50:43:e7:23:6d:b6:f7:63:fc:2a:c0:7d:30:95:ae:ef:
3e:f9:f7:56:08:2c:20:1e:05:ec:48:8c:1e:58:23:e2:23:b4:
d9:2c:b4:f4:74:0f:6b:a5:fe:3f:c7:e1:fc:ab:83:72:9c:30:
70:7a:3c:1e:3b:77:7b:6f:1d:42:74:0c:17:6d:ab:aa:dd:62:
ad:88:9c:85:41:1a:03:59:c3:5f:6c:17:de:7d:6b:e9:06:5d:
21:4a:31:07:08:92:bf:7b:a9:b4:16:e3:a5:d2:91:c9:f0:a4:
b7:e6:c0:44:e0:7a:60:88:9f:6b:a3:f5:03:90:5c:b7:91:af:
15:3f:e0:34:8b:c2:9c:c0:8e:ac:5b:ad:42:08:8d:85:ff:2a:
b8:02:26:bc:d5:38:3d:24:14:b8:40:3a:94:52:48:2b:99:e5:
ea:e9:2b:98:9e:df:4e:68:cd:7c:11:23:ca:57:20:60:65:7b:
06:5b:68:38:6b:3d:68:97:1c:18:1d:1f:d2:ad:de:d8:09:f2:
d8:52:f6:31:2e:18:28:30:99:ce:17:72:1b:f0:52:bd:c0:1e:
ef:6b:56:34:cb:1a:8d:70:00:2d:98:30:b5:9b:58:54:26:6f:
46:4d:ce:9a:b9:c8:cc:7d:04:02:86:be:2d:70:4a:3d:4e:3d:
bc:31:2d:7f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHg884RH1eFE7Y2q1tfl3YK/6GpQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwNDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzMTI2ZDVmZjBhZjAyNjM0MGU1MmJkNTdiYWJjNWU3YTZjNWFlYzEzOGYy
MTA0OTMwYWRkNWNjOTRjOWJmMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/89n7k6GYWWaZ5tD+JtZ+ZjgsGwjwRntVjXohrEuMX7RifInHArfsny/VN
LGzUYD3QidpKW6NjnqtZChIfHYBbUhknRpPaTFzPYJu1JFU/31yKcF43blQF4sCG
pax0dmQm+uwucgWUZl4SiklClKJGp+F0wTJEy2BJZQlNlqRKeqawjdZONchGPnb5
+BIQEYArJD4py+9M622vLGLeBHxrAmxUABKcybBeQcFKD1JGS+a3TZ4CnT6hislu
L18w/NBT6//UTMgvhzmCaGX7io9DHQ9rBuvcsV1h9sdYvqFT4N2ke9qlGbi1BwNZ
PbZkIanlcAHBLgb6EUGhfSZmBLsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRYs5iR
2bsoq1CrRSQtpoHKXRgYezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZiZDg3ZDUtYzExZS00NTA4LWFkYTUtZWY1OGE0OTVkM2Y2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCwuVBD5yNttvdj/CrAfTCVru8++fdWCCwgHgXs
SIweWCPiI7TZLLT0dA9rpf4/x+H8q4NynDBwejweO3d7bx1CdAwXbauq3WKtiJyF
QRoDWcNfbBfefWvpBl0hSjEHCJK/e6m0FuOl0pHJ8KS35sBE4HpgiJ9ro/UDkFy3
ka8VP+A0i8KcwI6sW61CCI2F/yq4Aia81Tg9JBS4QDqUUkgrmeXq6SuYnt9OaM18
ESPKVyBgZXsGW2g4az1olxwYHR/Srd7YCfLYUvYxLhgoMJnOF3Ib8FK9wB7va1Y0
yxqNcAAtmDC1m1hUJm9GTc6aucjMfQQChr4tcEo9Tj28MS1/
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:35 2026 by rpki-client