Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
File: a7031a07-12ba-45f8-a53b-6bd5b713c999.roa (raw, json)
Hash identifier: xZo5K7h6QuyIx7hCZJ5eMLiV1hNnQVcATKpC05yR28s=
Subject key identifier: 4E:99:B4:A3:8A:C2:07:09:B8:8A:F1:66:AC:B3:64:AA:DE:EC:CE:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 424F7EA11EFA84FD05012C32B1AE38D4E49CDFCD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
Signing time: Tue 19 May 2026 04:40:46 +0000
ROA not before: Tue 19 May 2026 04:40:46 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:4f:7e:a1:1e:fa:84:fd:05:01:2c:32:b1:ae:38:d4:e4:9c:df:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:46 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=8381d00e32f24ee5caa32e22f1db9613519834d9a65374995f4389edc3d69500, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f1:63:83:d7:25:b8:21:c8:7a:e9:01:25:54:
23:93:22:bb:34:a7:7b:2a:cb:7e:98:9e:6d:5f:35:
d3:0a:5d:7f:70:8b:ae:5c:01:ed:12:32:de:81:30:
db:12:de:96:33:10:4f:c5:13:c1:0c:22:7e:7e:11:
26:d0:21:65:06:17:34:ae:80:fb:7f:c0:2e:f6:22:
7a:e3:36:43:ad:48:40:b0:cb:ae:d6:d8:58:4e:27:
04:44:b2:98:c9:44:64:1c:db:d3:7a:0e:dd:15:02:
78:e5:48:73:fb:54:71:b0:ec:ac:2c:25:59:9b:56:
cf:92:fd:73:66:7b:7b:dd:c5:da:c7:f5:79:6d:30:
a9:b3:9f:5a:ba:b2:e2:7a:61:ba:c9:e3:85:0d:ab:
ba:a3:5b:0e:4b:c7:4a:64:ba:a3:52:5e:2d:b8:35:
32:1a:6f:54:38:b5:4f:89:5b:02:28:f1:66:e0:b2:
c5:06:27:ac:bf:f5:1d:53:33:28:dc:52:67:7e:de:
bd:c1:44:e6:85:61:ee:bb:a2:0a:cc:a3:1a:67:01:
d6:9c:42:24:76:36:b2:3c:1a:b7:78:d7:07:3c:eb:
03:2f:0c:46:ad:3f:8e:18:2a:c4:38:a7:1e:7e:bd:
93:16:62:87:4a:29:cc:62:d9:f0:09:69:4a:f3:f2:
77:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:99:B4:A3:8A:C2:07:09:B8:8A:F1:66:AC:B3:64:AA:DE:EC:CE:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:400::/38
Signature Algorithm: sha256WithRSAEncryption
59:60:7e:ab:7a:c8:ce:7b:69:b6:f8:5d:f2:49:99:93:c7:e2:
fe:8f:31:bf:0a:65:3c:1e:f8:07:58:b7:44:da:e6:a4:01:35:
ed:ad:32:27:80:af:7e:ce:33:72:72:8a:f1:ae:93:5f:09:42:
ab:42:86:82:e4:ba:84:db:57:ef:4b:17:25:75:c3:15:6a:19:
07:92:ad:7e:d0:28:af:eb:db:18:aa:74:97:e5:91:64:f6:58:
30:07:5b:86:e1:4c:15:e5:67:46:0c:3d:2c:b9:25:74:47:bc:
e5:d6:75:eb:ca:a7:40:98:1d:94:e7:62:b8:14:eb:42:7f:ca:
eb:89:67:b9:ee:59:d8:ea:f0:26:4f:6c:2d:78:a6:83:46:c2:
79:29:e6:c1:cb:1b:82:55:ee:00:29:ef:f2:5c:18:fc:36:48:
aa:4f:f6:a8:81:92:fe:2d:0e:6b:72:c6:41:86:1b:55:90:64:
d6:19:80:39:e6:53:60:48:63:1e:f5:d7:ad:4c:c3:4d:df:8a:
da:0a:23:50:bb:95:c5:fe:ea:5d:a8:ff:f9:a2:5b:11:08:b3:
4e:9a:04:3f:9f:70:24:fb:bc:95:ef:64:56:b1:0e:8c:68:fa:
b0:00:b7:d8:8b:59:f2:3b:13:93:f3:24:b5:23:d1:f7:d2:25:
7d:6e:b7:18
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQk9+oR76hP0FASwysa441OSc380wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwNDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzODFkMDBlMzJmMjRlZTVjYWEzMmUyMmYxZGI5NjEzNTE5ODM0ZDlhNjUz
NzQ5OTVmNDM4OWVkYzNkNjk1MDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfxY4PXJbghyHrpASVUI5MiuzSneyrLfpiebV810wpdf3CLrlwB7RIy3oEw
2xLeljMQT8UTwQwifn4RJtAhZQYXNK6A+3/ALvYieuM2Q61IQLDLrtbYWE4nBESy
mMlEZBzb03oO3RUCeOVIc/tUcbDsrCwlWZtWz5L9c2Z7e93F2sf1eW0wqbOfWrqy
4nphusnjhQ2ruqNbDkvHSmS6o1JeLbg1MhpvVDi1T4lbAijxZuCyxQYnrL/1HVMz
KNxSZ37evcFE5oVh7ruiCsyjGmcB1pxCJHY2sjwat3jXBzzrAy8MRq0/jhgqxDin
Hn69kxZih0opzGLZ8AlpSvPyd/sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROmbSj
isIHCbiK8Wass2Sq3uzO0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTcwMzFhMDctMTJiYS00NWY4LWE1M2ItNmJkNWI3MTNjOTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoE
MA0GCSqGSIb3DQEBCwUAA4IBAQBZYH6resjOe2m2+F3ySZmTx+L+jzG/CmU8HvgH
WLdE2uakATXtrTIngK9+zjNycorxrpNfCUKrQoaC5LqE21fvSxcldcMVahkHkq1+
0Civ69sYqnSX5ZFk9lgwB1uG4UwV5WdGDD0suSV0R7zl1nXryqdAmB2U52K4FOtC
f8rriWe57lnY6vAmT2wteKaDRsJ5KebByxuCVe4AKe/yXBj8NkiqT/aogZL+LQ5r
csZBhhtVkGTWGYA55lNgSGMe9detTMNN34raCiNQu5XF/updqP/5olsRCLNOmgQ/
n3Ak+7yV72RWsQ6MaPqwALfYi1nyOxOT8yS1I9H30iV9brcY
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:48:32 2026 by rpki-client