Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
File: abbeedab-21fb-4993-b3ce-b753ba293d00.roa (raw, json)
Hash identifier: PJ4VXCV6lYZVWuM79xq1NpOQ6t4MjUPn2go8LlQiUwA=
Subject key identifier: 34:15:C6:B2:DD:BC:81:11:ED:60:3F:8F:F4:93:60:F8:7C:07:25:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22545A749AF823D42EB62A9FA2A65B0ACC0F4C62
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
Signing time: Sat 28 Feb 2026 05:30:53 +0000
ROA not before: Sat 28 Feb 2026 05:30:53 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:54:5a:74:9a:f8:23:d4:2e:b6:2a:9f:a2:a6:5b:0a:cc:0f:4c:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:53 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=9d962076eb561c326c43953031b29ae93ccef4b5b69a8035783b1f96d58dd6fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:a1:ac:4c:cb:ce:21:73:93:f7:cd:23:82:07:
66:38:d2:42:fc:0f:26:1e:b3:8c:9e:4c:97:97:dc:
82:f6:59:7b:1c:88:4d:02:58:5c:79:05:08:1f:b5:
bc:b5:7c:23:6e:15:c1:fe:d7:62:8c:50:af:ed:eb:
ef:87:1d:9b:f5:07:60:ed:65:b4:83:0d:20:c7:33:
34:cc:73:f9:3c:08:f6:a4:8c:9e:ae:b6:91:1f:b1:
e4:aa:f5:5e:94:46:ab:8a:4f:c0:9f:e5:c3:eb:bd:
a5:64:38:9b:ae:49:38:06:9a:aa:43:10:d6:ab:15:
ee:fa:dc:18:78:53:83:ed:8a:ab:43:e9:aa:4a:01:
7e:97:19:33:86:e3:a5:f9:1c:4c:4e:97:7d:f4:0c:
25:68:3e:74:19:43:18:f8:e7:b0:a0:c4:c2:f8:8b:
17:c7:3f:61:5d:bb:70:c5:f9:b7:89:be:30:ad:da:
10:a6:24:e7:ec:90:da:de:1c:c0:32:89:27:9f:c8:
11:98:4e:1f:96:04:9c:d1:c4:6e:4f:54:d4:20:14:
80:d6:09:32:29:7f:c2:fb:82:29:8a:a7:cc:57:ae:
7c:4a:9b:81:64:55:8f:48:b7:22:e2:2d:f4:52:c8:
d9:fc:36:70:05:cb:7d:2e:2c:67:72:be:d0:8a:b5:
9b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:15:C6:B2:DD:BC:81:11:ED:60:3F:8F:F4:93:60:F8:7C:07:25:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:e000::/40
Signature Algorithm: sha256WithRSAEncryption
32:1e:9c:05:40:71:77:e0:d2:84:b3:dd:23:f1:a6:49:73:81:
25:63:e4:19:33:9e:bb:c7:92:e1:df:08:75:e3:7e:97:51:7f:
8d:5f:ba:28:7d:b1:b1:81:ce:32:b0:17:e2:d1:ac:94:05:ef:
4c:e4:35:ee:73:2d:55:71:4b:77:bc:71:e0:eb:c9:87:2f:1d:
c7:66:95:00:bb:59:74:96:82:cf:5b:4b:33:28:ac:de:4b:00:
e5:eb:e1:8b:59:0b:33:fb:a6:5a:a3:cd:9d:60:12:52:22:28:
5a:1a:f5:97:c1:92:7c:de:46:d6:37:c5:f0:d6:7d:8b:4d:7f:
65:13:b6:03:b9:19:37:dc:e7:ad:67:f4:c9:b8:4b:06:a5:a5:
41:37:48:f5:26:9d:a4:59:5a:b4:88:86:07:d5:2d:40:93:7a:
44:1e:46:7e:3e:87:5c:9c:1e:03:6a:59:51:09:ae:31:b0:b4:
96:5d:bd:9d:b8:88:a7:ed:ca:fe:4a:5f:bf:08:53:f2:f2:75:
f8:36:62:e9:5e:e4:07:0a:6d:90:84:85:74:cf:29:10:b2:e7:
17:fc:87:62:53:af:30:9f:86:74:93:57:7c:bf:f5:46:a5:da:
5c:44:d6:55:31:2b:c0:77:85:53:62:33:9b:90:9f:2c:5f:2c:
34:f4:a3:66
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIlRadJr4I9QutiqfoqZbCswPTGIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwNTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkOTYyMDc2ZWI1NjFjMzI2YzQzOTUzMDMxYjI5YWU5M2NjZWY0YjViNjlh
ODAzNTc4M2IxZjk2ZDU4ZGQ2ZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOuhrEzLziFzk/fNI4IHZjjSQvwPJh6zjJ5Ml5fcgvZZexyITQJYXHkFCB+1
vLV8I24Vwf7XYoxQr+3r74cdm/UHYO1ltIMNIMczNMxz+TwI9qSMnq62kR+x5Kr1
XpRGq4pPwJ/lw+u9pWQ4m65JOAaaqkMQ1qsV7vrcGHhTg+2Kq0PpqkoBfpcZM4bj
pfkcTE6XffQMJWg+dBlDGPjnsKDEwviLF8c/YV27cMX5t4m+MK3aEKYk5+yQ2t4c
wDKJJ5/IEZhOH5YEnNHEbk9U1CAUgNYJMil/wvuCKYqnzFeufEqbgWRVj0i3IuIt
9FLI2fw2cAXLfS4sZ3K+0Iq1mwcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ0Fcay
3byBEe1gP4/0k2D4fAcl6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWJiZWVkYWItMjFmYi00OTkzLWIzY2UtYjc1M2JhMjkzZDAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDg
MA0GCSqGSIb3DQEBCwUAA4IBAQAyHpwFQHF34NKEs90j8aZJc4ElY+QZM567x5Lh
3wh1436XUX+NX7oofbGxgc4ysBfi0ayUBe9M5DXucy1VcUt3vHHg68mHLx3HZpUA
u1l0loLPW0szKKzeSwDl6+GLWQsz+6Zao82dYBJSIihaGvWXwZJ83kbWN8Xw1n2L
TX9lE7YDuRk33OetZ/TJuEsGpaVBN0j1Jp2kWVq0iIYH1S1Ak3pEHkZ+PodcnB4D
allRCa4xsLSWXb2duIin7cr+Sl+/CFPy8nX4NmLpXuQHCm2QhIV0zykQsucX/Idi
U68wn4Z0k1d8v/VGpdpcRNZVMSvAd4VTYjObkJ8sXyw09KNm
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:38:23 2026 by rpki-client