Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
File: b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa (raw, json)
Hash identifier: 9GhSyZVfJOHx656BQW+npnwOne1cLmhhH5eE+n9m5NQ=
Subject key identifier: 68:8B:56:AC:C9:61:87:A5:B2:B7:43:54:2B:86:DF:2E:0E:35:CC:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A95EEFF6A243A26E935781B62CDDF699306FEB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
Signing time: Sat 28 Feb 2026 05:51:33 +0000
ROA not before: Sat 28 Feb 2026 05:51:33 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:95:ee:ff:6a:24:3a:26:e9:35:78:1b:62:cd:df:69:93:06:fe:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:33 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=bed272de1eb1ac86d0aaa720ffd3e810bee9c781634a3f60297dc1e6a09b6ff6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:29:0e:05:fb:10:b2:13:fc:8d:e8:d5:fa:fa:
a7:b3:99:f1:46:50:71:de:89:32:41:5b:a3:a5:1b:
dc:cb:72:24:0c:b3:a6:6b:0a:70:7b:07:db:e5:91:
f7:43:63:34:14:eb:2f:52:3b:2a:91:91:4d:88:4a:
97:13:82:ce:6a:11:5b:59:6e:a2:38:54:17:59:a4:
a9:29:67:0b:ee:f9:22:22:cd:6f:64:69:8f:40:f1:
32:34:b0:a1:76:fd:0c:d4:29:8d:d3:eb:21:ba:6d:
3c:34:09:f9:1b:a7:a8:c1:fd:24:bf:a9:77:e5:88:
6e:82:da:5e:2d:86:4d:0d:bf:28:f8:c3:aa:89:d0:
40:69:2c:15:b6:d9:3b:a2:65:17:07:fd:54:4a:4d:
fa:b1:c4:01:63:f1:0e:4d:eb:82:ed:b3:40:89:32:
48:f0:8c:4d:b5:08:6f:d1:ca:4b:84:27:2e:12:fe:
5f:b2:82:13:17:11:10:f0:c3:b2:4a:ee:6b:1f:cd:
83:d8:75:17:8b:7c:a5:29:55:ba:24:d5:c5:52:11:
b2:ff:d4:a4:04:05:26:38:f1:e3:3f:54:31:97:3c:
d2:ca:7d:1b:c1:20:d7:b4:db:10:01:d8:fc:58:08:
2c:12:24:f7:0a:d4:b5:d4:50:6a:17:d8:90:e8:5e:
7d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:8B:56:AC:C9:61:87:A5:B2:B7:43:54:2B:86:DF:2E:0E:35:CC:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b:800::/37
Signature Algorithm: sha256WithRSAEncryption
40:b6:38:b4:ec:45:c5:2c:35:44:f7:61:de:4f:cb:a7:e9:71:
f9:ab:69:e5:ca:ab:0b:c6:54:a4:9f:be:83:d3:94:44:dd:eb:
c0:4b:72:0c:7d:68:e8:0d:e2:c3:e9:58:3e:35:1e:28:b9:76:
b3:70:5a:9b:36:35:0a:74:f8:fe:a3:91:37:38:8c:6f:e1:e4:
57:9d:3f:a4:ce:17:4e:58:93:aa:1f:5b:4a:ca:85:d5:26:47:
51:ee:12:15:c5:ad:38:5d:43:e4:4c:8f:df:1d:75:6b:34:6d:
21:d5:a7:ff:c7:eb:25:04:9d:20:99:30:b3:a9:97:f5:ff:ae:
ab:ad:89:ac:54:77:bc:92:22:81:d1:13:02:32:96:bd:7c:d1:
6d:85:f2:0f:f1:16:76:55:87:9a:c0:bb:db:19:7d:09:e7:c5:
59:fd:58:d0:10:4e:18:ca:8b:d7:5a:29:fe:2c:a4:93:74:53:
b8:8e:7f:15:cf:82:77:f9:cf:81:bc:68:5f:b1:c4:32:22:aa:
a7:c8:95:f2:eb:c4:c2:1c:be:8f:02:7f:ed:f8:f0:43:b7:e0:
c9:30:34:f7:1d:bf:c0:65:46:d1:f3:7d:d3:8c:3d:39:49:a5:
d1:52:2f:55:85:10:80:3c:c8:03:d5:87:28:59:a1:84:6f:4c:
20:12:cd:eb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGpXu/2okOibpNXgbYs3faZMG/rcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMzNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlZDI3MmRlMWViMWFjODZkMGFhYTcyMGZmZDNlODEwYmVlOWM3ODE2MzRh
M2Y2MDI5N2RjMWU2YTA5YjZmZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYpDgX7ELIT/I3o1fr6p7OZ8UZQcd6JMkFbo6Ub3MtyJAyzpmsKcHsH2+WR
90NjNBTrL1I7KpGRTYhKlxOCzmoRW1luojhUF1mkqSlnC+75IiLNb2Rpj0DxMjSw
oXb9DNQpjdPrIbptPDQJ+RunqMH9JL+pd+WIboLaXi2GTQ2/KPjDqonQQGksFbbZ
O6JlFwf9VEpN+rHEAWPxDk3rgu2zQIkySPCMTbUIb9HKS4QnLhL+X7KCExcREPDD
skruax/Ng9h1F4t8pSlVuiTVxVIRsv/UpAQFJjjx4z9UMZc80sp9G8Eg17TbEAHY
/FgILBIk9wrUtdRQahfYkOhefUECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRoi1as
yWGHpbK3Q1Qrht8uDjXMVjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjNiMTg2NDgtYmVhMC00ZjdlLThmMGYtNWFkMmQyZjA1ZWE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0CsI
MA0GCSqGSIb3DQEBCwUAA4IBAQBAtji07EXFLDVE92HeT8un6XH5q2nlyqsLxlSk
n76D05RE3evAS3IMfWjoDeLD6Vg+NR4ouXazcFqbNjUKdPj+o5E3OIxv4eRXnT+k
zhdOWJOqH1tKyoXVJkdR7hIVxa04XUPkTI/fHXVrNG0h1af/x+slBJ0gmTCzqZf1
/66rrYmsVHe8kiKB0RMCMpa9fNFthfIP8RZ2VYeawLvbGX0J58VZ/VjQEE4YyovX
Win+LKSTdFO4jn8Vz4J3+c+BvGhfscQyIqqnyJXy68TCHL6PAn/t+PBDt+DJMDT3
Hb/AZUbR833TjD05SaXRUi9VhRCAPMgD1YcoWaGEb0wgEs3r
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:48:45 2026 by rpki-client