Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
File: ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa (raw, json)
Hash identifier: B2qSHxUCK+Lgm8Hz6ycvAc81E0foMEIv7Txq7NXNJ9o=
Subject key identifier: 38:D3:6E:0C:28:E7:BD:49:03:3F:68:FD:79:8C:1C:6F:24:2E:15:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E964E31976E20FEC55AAFDE144D201B09EB0FD1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
Signing time: Sat 28 Feb 2026 05:40:12 +0000
ROA not before: Sat 28 Feb 2026 05:40:12 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:96:4e:31:97:6e:20:fe:c5:5a:af:de:14:4d:20:1b:09:eb:0f:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:40:12 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=8ba3676845b51839fce06c660217d27d6a9f107fd57e7da6fff62e64e3d4842f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0e:c9:74:c4:0a:fd:ff:df:3f:98:73:84:30:
45:99:de:fe:15:bc:f3:66:d9:52:58:81:a1:cd:25:
c7:e3:fa:c7:1f:7d:00:f7:43:37:9d:aa:4e:7e:16:
e9:96:40:13:78:de:a4:38:c9:b3:6b:a2:e5:89:d3:
0d:a4:1e:84:53:53:c0:9d:b3:6f:4a:94:b2:98:2f:
af:67:a1:c0:4f:a2:97:a2:45:ec:bf:9c:f3:4d:31:
df:27:68:77:87:73:6a:e3:40:3c:db:01:6f:db:c8:
1a:a4:a9:1a:36:a9:3e:cd:ce:78:7d:ae:a3:46:4d:
2c:44:8c:ac:30:33:dd:b3:16:06:d0:e8:85:cc:a6:
99:aa:bd:00:68:ee:ba:7e:09:87:21:aa:7c:c2:79:
f4:6c:23:74:84:47:70:bc:94:66:8e:c0:96:10:d7:
e8:db:65:b5:de:06:39:88:b6:17:99:21:bd:6d:53:
71:ea:ce:aa:44:08:d6:9a:82:0f:8d:4e:0f:22:74:
cd:13:0a:04:b2:b7:d1:28:01:79:8b:b3:db:db:01:
f1:3e:f1:a0:ae:36:f3:bb:ae:dd:7f:75:12:ff:2b:
5c:5d:c4:9e:cc:fa:22:b0:de:21:46:30:6e:22:0c:
91:9a:2d:57:b9:9f:71:18:0d:66:44:a9:a1:7a:5f:
64:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D3:6E:0C:28:E7:BD:49:03:3F:68:FD:79:8C:1C:6F:24:2E:15:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
6c:1d:3d:a0:b7:5f:f5:07:98:87:e1:09:3b:90:80:47:81:cc:
b3:4e:33:ab:a6:6d:25:63:34:2c:72:90:2e:f4:e1:dc:f1:01:
e7:54:60:66:df:86:d8:a4:65:73:c8:8d:e9:fe:20:7b:a3:8a:
53:7d:21:ac:5a:24:76:af:dd:f3:32:a9:f3:3c:93:0d:0d:7c:
af:36:c1:75:4b:5f:d6:4a:b7:c0:06:c7:b8:90:95:66:c2:88:
9d:6a:3f:c1:4f:c3:f4:e5:20:64:ff:83:74:72:36:13:55:c7:
a6:ad:f2:69:9d:9a:f0:44:74:65:93:03:8f:0a:72:94:b0:0b:
09:e5:50:54:b9:af:0c:6f:09:02:a4:3b:c2:bc:e5:b8:d6:09:
32:0f:1c:17:1b:fc:0f:81:09:5e:19:18:eb:dd:ef:33:d8:1d:
22:48:57:ba:ae:b5:5c:26:7a:1c:82:56:24:4d:7e:06:b8:75:
2f:62:5d:e7:93:0a:eb:96:22:a3:f4:0e:96:58:66:77:b4:e6:
0d:70:e4:a6:a3:2e:c3:e0:89:a9:c3:a6:18:8b:d5:97:a5:c4:
a2:d7:86:41:ff:ba:9a:ac:15:5a:b7:14:bc:c5:d4:c5:1d:08:
9e:bb:0f:f6:e9:36:01:b2:ef:c7:7c:5b:71:34:1d:7d:74:74:
12:5f:ba:d6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbpZOMZduIP7FWq/eFE0gGwnrD9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQwMTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiYTM2NzY4NDViNTE4MzlmY2UwNmM2NjAyMTdkMjdkNmE5ZjEwN2ZkNTdl
N2RhNmZmZjYyZTY0ZTNkNDg0MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEOyXTECv3/3z+Yc4QwRZne/hW882bZUliBoc0lx+P6xx99APdDN52qTn4W
6ZZAE3jepDjJs2ui5YnTDaQehFNTwJ2zb0qUspgvr2ehwE+il6JF7L+c800x3ydo
d4dzauNAPNsBb9vIGqSpGjapPs3OeH2uo0ZNLESMrDAz3bMWBtDohcymmaq9AGju
un4JhyGqfMJ59GwjdIRHcLyUZo7AlhDX6Ntltd4GOYi2F5khvW1TcerOqkQI1pqC
D41ODyJ0zRMKBLK30SgBeYuz29sB8T7xoK4287uu3X91Ev8rXF3Ensz6IrDeIUYw
biIMkZotV7mfcRgNZkSpoXpfZGkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ4024M
KOe9SQM/aP15jBxvJC4VATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIxZmRjNGEtZmExYS00ODEzLTgyNzItOTYwMWEzZDc1NWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAbB09oLdf9QeYh+EJO5CAR4HMs04zq6ZtJWM0
LHKQLvTh3PEB51RgZt+G2KRlc8iN6f4ge6OKU30hrFokdq/d8zKp8zyTDQ18rzbB
dUtf1kq3wAbHuJCVZsKInWo/wU/D9OUgZP+DdHI2E1XHpq3yaZ2a8ER0ZZMDjwpy
lLALCeVQVLmvDG8JAqQ7wrzluNYJMg8cFxv8D4EJXhkY693vM9gdIkhXuq61XCZ6
HIJWJE1+Brh1L2Jd55MK65Yio/QOllhmd7TmDXDkpqMuw+CJqcOmGIvVl6XEoteG
Qf+6mqwVWrcUvMXUxR0InrsP9uk2AbLvx3xbcTQdfXR0El+61g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:57:07 2026 by rpki-client