Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acbed2c9-a77c-43a4-ba7d-3b3dbcdf2064.roa
File: acbed2c9-a77c-43a4-ba7d-3b3dbcdf2064.roa (raw, json)
Hash identifier: faQw5rgWreeFeIu68kstAe5BKQPRO0WPnL1637vt75U=
Subject key identifier: 6F:B6:CF:D5:2F:63:62:22:35:80:85:65:63:BC:4D:F4:51:22:E2:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E0525FD9F0EBBBC26B065244FA78F53F08A1830
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acbed2c9-a77c-43a4-ba7d-3b3dbcdf2064.roa
Signing time: Fri 22 May 2026 16:16:26 +0000
ROA not before: Fri 22 May 2026 16:16:26 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:05:25:fd:9f:0e:bb:bc:26:b0:65:24:4f:a7:8f:53:f0:8a:18:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:16:26 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=fd18466e6260f00e8b6aa8e64b4ec4dae54fc3a6220511b33bc7c2f5440e0735, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6c:b6:16:e0:93:2b:83:79:17:1f:55:05:f3:
b0:91:64:c1:f3:14:d7:ca:f2:20:41:ea:2e:92:ca:
be:07:8b:70:94:fe:0c:c7:b2:81:cc:58:eb:56:dc:
f2:74:68:1e:d4:c1:0e:37:fb:2a:c3:03:9e:56:a2:
db:a7:5f:7d:a0:ba:0e:f3:4a:9b:14:d2:42:c3:98:
41:72:1c:b6:3c:c1:c8:c7:0d:f2:15:ab:82:7c:f2:
df:14:51:31:fb:1f:85:97:fe:50:df:37:01:1e:66:
a4:ba:2d:92:80:5d:30:8d:28:74:8b:f8:a9:3d:72:
11:25:16:33:38:0c:7d:f6:f8:58:82:57:d8:df:a8:
bb:a9:27:b1:bb:55:cf:e5:f8:1e:06:08:7a:16:2c:
83:f5:76:fd:c7:fb:61:3b:30:9e:a3:db:be:aa:52:
ac:d7:cd:7a:a6:c0:26:f5:29:d8:77:40:dd:62:5f:
67:40:5d:c5:7d:83:eb:3e:74:df:33:1d:c3:d8:bf:
6f:dc:ed:90:33:56:24:cf:d2:64:bc:3e:11:e7:36:
df:e6:e6:d3:ad:aa:57:e0:a0:62:19:a8:4d:9f:66:
cc:82:a8:a0:49:21:a0:75:e7:f6:f5:cc:bb:f9:c9:
fa:c9:65:9e:f3:5a:ec:a4:19:45:05:cc:c5:a5:b3:
a8:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B6:CF:D5:2F:63:62:22:35:80:85:65:63:BC:4D:F4:51:22:E2:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acbed2c9-a77c-43a4-ba7d-3b3dbcdf2064.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:9000::/40
Signature Algorithm: sha256WithRSAEncryption
97:67:e1:78:4e:ca:36:6e:52:22:14:73:1c:fc:1f:0b:fc:99:
81:39:dd:15:49:e9:c5:88:ca:72:ce:ea:39:fc:89:c0:e0:2b:
5d:d0:3a:0b:a2:35:0b:34:1a:0c:f2:d7:f7:a8:5f:8b:55:10:
de:13:3c:f9:c1:bc:60:e3:e3:2a:aa:42:12:71:80:fe:c6:32:
b7:69:b9:b5:80:74:b2:4c:2b:0d:56:af:3a:9d:88:70:0f:30:
0e:80:f9:9d:dc:41:1a:56:86:8b:0b:8f:e3:45:60:6e:57:19:
d8:6d:d6:05:58:a1:6a:72:91:ad:69:3c:4d:72:d3:ec:01:b7:
b0:c1:0a:36:36:7d:09:1c:69:d6:1f:5f:2f:a3:1e:d2:a5:a9:
42:06:89:fc:33:3b:4d:b4:53:b8:44:98:ee:79:f9:ab:a6:3b:
9f:fc:18:41:3f:03:1d:db:86:6b:a6:c9:7f:35:82:b4:11:9a:
1d:b0:4c:4d:1a:6d:df:f7:4f:a5:bd:ea:be:d8:7a:c9:69:f5:
cb:db:a5:56:57:61:c1:21:c7:22:00:20:fa:a0:07:b1:b8:70:
4a:35:fa:e7:da:8f:8d:3c:c0:2e:c6:1d:90:19:48:9d:89:44:
c1:0d:c8:e9:cc:8f:94:fb:91:18:5a:6b:a5:9c:7d:93:73:59:
d5:57:63:c7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfgUl/Z8Ou7wmsGUkT6ePU/CKGDAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjE2MjZaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkMTg0NjZlNjI2MGYwMGU4YjZhYThlNjRiNGVjNGRhZTU0ZmMzYTYyMjA1
MTFiMzNiYzdjMmY1NDQwZTA3MzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhsthbgkyuDeRcfVQXzsJFkwfMU18ryIEHqLpLKvgeLcJT+DMeygcxY61bc
8nRoHtTBDjf7KsMDnlai26dffaC6DvNKmxTSQsOYQXIctjzByMcN8hWrgnzy3xRR
MfsfhZf+UN83AR5mpLotkoBdMI0odIv4qT1yESUWMzgMffb4WIJX2N+ou6knsbtV
z+X4HgYIehYsg/V2/cf7YTswnqPbvqpSrNfNeqbAJvUp2HdA3WJfZ0BdxX2D6z50
3zMdw9i/b9ztkDNWJM/SZLw+Eec23+bm062qV+CgYhmoTZ9mzIKooEkhoHXn9vXM
u/nJ+sllnvNa7KQZRQXMxaWzqIECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRvts/V
L2NiIjWAhWVjvE30USLiSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWNiZWQyYzktYTc3Yy00M2E0LWJhN2QtM2IzZGJjZGYyMDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCXZ+F4Tso2blIiFHMc/B8L/JmBOd0VSenFiMpy
zuo5/InA4Ctd0DoLojULNBoM8tf3qF+LVRDeEzz5wbxg4+MqqkIScYD+xjK3abm1
gHSyTCsNVq86nYhwDzAOgPmd3EEaVoaLC4/jRWBuVxnYbdYFWKFqcpGtaTxNctPs
AbewwQo2Nn0JHGnWH18vox7SpalCBon8MztNtFO4RJjuefmrpjuf/BhBPwMd24Zr
psl/NYK0EZodsExNGm3f90+lveq+2HrJafXL26VWV2HBIcciACD6oAexuHBKNfrn
2o+NPMAuxh2QGUidiUTBDcjpzI+U+5EYWmulnH2Tc1nVV2PH
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:03:18 2026 by rpki-client