Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
File: ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa (raw, json)
Hash identifier: +slAA3GchgdmLr4IT/+NmlvC7HonjqKXX3/Pa/vMyuY=
Subject key identifier: 0B:6B:4D:E3:46:C9:E9:38:56:D1:AD:6B:60:71:B0:2B:59:BF:02:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A72AF0E5C118D1326FC9E877653D6DE07DE0C74
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
Signing time: Tue 19 May 2026 05:20:37 +0000
ROA not before: Tue 19 May 2026 05:20:37 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:72:af:0e:5c:11:8d:13:26:fc:9e:87:76:53:d6:de:07:de:0c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:37 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=84f16f7740ff1962dd05bdc11f9b39b14c28e052806665e62c75a2f2ced6efe5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6c:b9:a0:bd:56:63:f4:21:3a:4e:71:32:4d:
04:59:ec:a2:43:52:12:d7:ad:bc:2b:a2:93:1f:22:
8a:c8:12:7a:e0:42:f0:21:f2:fa:70:f6:6d:87:2e:
b9:4e:3b:59:28:8a:9b:6e:3e:5e:fc:c8:b2:f6:a3:
f9:28:3f:6a:44:42:b9:ad:1e:8f:fa:27:d5:28:1e:
12:c4:67:2e:0d:5c:80:30:ad:64:33:ad:1d:ce:51:
73:41:2c:d7:57:77:39:2b:d2:29:1a:87:64:11:87:
42:3c:9e:5b:ca:ae:7c:f5:e4:19:73:23:18:c5:12:
27:06:16:07:9b:7e:c0:2b:e6:ba:0b:10:e8:a4:95:
f5:e4:f5:f0:ca:64:4f:ff:a9:1a:f5:62:b4:76:09:
05:8d:6d:0e:ea:82:4d:9f:e0:bd:af:cd:0d:4f:b3:
22:7e:07:cc:ed:d1:12:00:e5:78:97:4c:90:d3:2a:
1b:8e:2d:64:6a:53:8c:18:0f:17:be:34:70:a9:e1:
37:24:d3:2d:c1:db:99:2d:3a:f3:8f:7a:bf:b8:15:
96:45:96:be:8f:3f:30:f1:fd:a0:e4:0e:51:2f:f4:
65:8f:7e:e1:ff:ce:36:90:8b:21:96:fd:87:61:c7:
e6:6c:79:6f:6e:a5:80:9a:21:8b:4c:10:84:57:8f:
e4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:6B:4D:E3:46:C9:E9:38:56:D1:AD:6B:60:71:B0:2B:59:BF:02:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
99:25:1b:29:0b:b2:ed:ef:91:94:48:2a:0f:77:9e:39:7f:93:
b3:bf:53:2a:fb:c5:5f:5e:dd:b9:f3:24:35:6d:33:01:15:13:
60:4b:e0:79:98:8c:ca:a9:a6:08:01:64:f6:77:b2:1f:72:ec:
17:a0:41:60:ca:27:49:3b:ef:a0:a1:cb:b1:76:2a:74:99:cf:
95:16:d3:ab:45:32:21:01:93:44:08:42:c0:c3:7d:b1:c3:2f:
34:f3:05:6d:5f:57:73:9f:e3:a8:d9:fb:85:65:df:91:51:40:
42:ef:2c:15:0c:de:77:69:35:9d:42:1b:10:69:7d:da:ad:21:
fa:8c:63:0c:37:0e:3a:90:79:a9:41:3a:48:e3:f7:b3:ea:0b:
20:2c:0f:7c:fb:83:6b:92:ca:d6:8b:07:a3:01:9f:7e:14:e0:
ed:1e:65:10:39:74:a2:c1:09:3c:59:44:0c:3f:f6:b2:a5:cc:
fe:d0:27:37:d5:00:f7:f2:f9:0b:8c:7b:27:c8:19:b1:aa:92:
f0:82:5a:82:41:d7:ce:22:17:a6:46:2e:28:d8:58:fd:9a:7f:
45:f7:cb:e1:d9:ca:c0:a1:23:d0:d2:06:af:36:16:65:7b:d4:
5d:3c:f3:e3:37:1e:76:53:12:cd:8c:69:38:2e:46:35:7e:44:
e6:34:52:15
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUenKvDlwRjRMm/J6HdlPW3gfeDHQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMzdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0ZjE2Zjc3NDBmZjE5NjJkZDA1YmRjMTFmOWIzOWIxNGMyOGUwNTI4MDY2
NjVlNjJjNzVhMmYyY2VkNmVmZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5suaC9VmP0ITpOcTJNBFnsokNSEtetvCuikx8iisgSeuBC8CHy+nD2bYcu
uU47WSiKm24+XvzIsvaj+Sg/akRCua0ej/on1SgeEsRnLg1cgDCtZDOtHc5Rc0Es
11d3OSvSKRqHZBGHQjyeW8qufPXkGXMjGMUSJwYWB5t+wCvmugsQ6KSV9eT18Mpk
T/+pGvVitHYJBY1tDuqCTZ/gva/NDU+zIn4HzO3REgDleJdMkNMqG44tZGpTjBgP
F740cKnhNyTTLcHbmS068496v7gVlkWWvo8/MPH9oOQOUS/0ZY9+4f/ONpCLIZb9
h2HH5mx5b26lgJohi0wQhFeP5JMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQLa03j
RsnpOFbRrWtgcbArWb8CijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIyMzJiODYtOWJkNi00MDljLThkZTUtOTJiZmZmMmE4YjVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
wDANBgkqhkiG9w0BAQsFAAOCAQEAmSUbKQuy7e+RlEgqD3eeOX+Ts79TKvvFX17d
ufMkNW0zARUTYEvgeZiMyqmmCAFk9neyH3LsF6BBYMonSTvvoKHLsXYqdJnPlRbT
q0UyIQGTRAhCwMN9scMvNPMFbV9Xc5/jqNn7hWXfkVFAQu8sFQzed2k1nUIbEGl9
2q0h+oxjDDcOOpB5qUE6SOP3s+oLICwPfPuDa5LK1osHowGffhTg7R5lEDl0osEJ
PFlEDD/2sqXM/tAnN9UA9/L5C4x7J8gZsaqS8IJagkHXziIXpkYuKNhY/Zp/RffL
4dnKwKEj0NIGrzYWZXvUXTzz4zcedlMSzYxpOC5GNX5E5jRSFQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:55 2026 by rpki-client