Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b453d7ce-5ce3-4d78-989f-ab5dc55802e2.roa
File: b453d7ce-5ce3-4d78-989f-ab5dc55802e2.roa (raw, json)
Hash identifier: ERwu4Hk7ghixO+dMcaxr/K11XAUc7yreCqD2B86iA2c=
Subject key identifier: 4D:E1:31:30:F8:98:AF:3D:F5:32:12:11:40:B0:C1:3A:16:47:B7:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E1C3ED5205A411FB2133F1FCCD6345220D52C56
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b453d7ce-5ce3-4d78-989f-ab5dc55802e2.roa
Signing time: Fri 22 May 2026 16:03:26 +0000
ROA not before: Fri 22 May 2026 16:03:26 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:1c:3e:d5:20:5a:41:1f:b2:13:3f:1f:cc:d6:34:52:20:d5:2c:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:03:26 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=2092c88528f078d9275feb8ab5fd977b2cd5a6620c2c8bf3c20cd56436f1b9b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:58:47:41:7d:fd:c5:de:34:d5:e2:33:9d:c8:
cc:ab:29:73:a0:26:a6:49:c4:17:0a:e7:14:c7:94:
82:70:67:35:fc:ad:9c:cc:99:11:2b:e2:cb:06:2a:
55:ee:9d:fc:05:f2:e2:c4:f7:2a:94:76:c5:40:7e:
b3:bd:4e:a7:ee:94:a8:96:0a:5d:18:61:c4:55:b7:
3a:c9:24:25:5a:f9:ec:86:dd:42:6d:68:1a:9f:22:
e4:09:7b:7e:53:06:81:7d:07:b5:ed:14:d6:e9:98:
d6:ab:a9:36:13:da:ef:7f:bd:f8:3a:2c:b3:1c:3e:
dc:39:f0:2c:73:29:2c:c2:30:65:0b:58:3c:79:91:
b7:50:d6:a1:74:1b:c7:10:24:40:16:a4:96:24:a2:
9a:8b:51:79:a1:72:e1:bd:e7:8e:1a:4b:81:54:70:
fd:bd:e3:71:d1:67:d1:68:1c:94:d0:b7:37:ab:c3:
9b:9f:6b:a5:ef:67:7b:f0:b2:94:1a:14:80:71:2f:
51:ff:6a:ee:5a:57:16:2a:25:1b:a2:bd:0e:38:4a:
68:dd:c3:d7:05:47:9d:79:b2:b7:7a:4c:f1:1d:18:
09:dd:9f:17:ed:6a:0b:c7:3a:8d:44:b2:ff:5d:64:
ba:38:8e:82:0f:07:be:1c:54:dd:82:e7:6a:75:f5:
a2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:E1:31:30:F8:98:AF:3D:F5:32:12:11:40:B0:C1:3A:16:47:B7:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b453d7ce-5ce3-4d78-989f-ab5dc55802e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:1080::/48
Signature Algorithm: sha256WithRSAEncryption
64:eb:67:c0:91:f2:29:9d:16:65:07:22:ff:0d:15:ad:ab:77:
18:a1:db:e0:d7:24:37:80:5f:3e:6f:ba:69:82:2e:04:b3:28:
4a:c0:60:09:33:a3:a5:c3:5a:bf:61:32:b0:82:1b:a4:8f:2d:
f3:2c:75:b0:86:23:ea:ea:89:ba:44:f9:51:11:13:81:f9:4f:
49:14:1f:65:ec:9c:93:df:e4:e1:24:a1:ac:79:4f:7d:e2:11:
4d:8b:49:a4:d0:f7:e6:b0:18:31:0b:c5:f1:fa:55:93:7d:9b:
7a:ed:95:f8:36:de:5c:68:73:ef:e3:63:72:88:63:64:37:81:
1d:84:2d:c5:a6:92:de:d3:d4:c9:75:93:31:38:83:61:92:32:
9e:93:89:e0:a3:12:ae:a8:8e:fd:ee:52:fc:89:e2:97:8a:53:
ea:ae:dd:4b:af:b6:38:d5:fc:b7:3c:69:08:c0:ee:19:5c:03:
7b:5d:bf:93:ed:ee:3c:7b:9e:28:eb:79:db:03:52:c4:b5:70:
8b:49:42:95:6d:e5:30:d6:b2:59:71:ed:18:4e:1e:b8:07:b2:
23:54:d0:30:ce:cd:e7:e6:60:6a:0b:5c:41:fc:4b:df:22:04:
27:e4:b0:e9:6e:a3:fa:b1:78:6f:08:d0:df:f1:cb:da:92:ba:
d1:23:54:32
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDhw+1SBaQR+yEz8fzNY0UiDVLFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAzMjZaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwOTJjODg1MjhmMDc4ZDkyNzVmZWI4YWI1ZmQ5NzdiMmNkNWE2NjIwYzJj
OGJmM2MyMGNkNTY0MzZmMWI5YjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtYR0F9/cXeNNXiM53IzKspc6AmpknEFwrnFMeUgnBnNfytnMyZESviywYq
Ve6d/AXy4sT3KpR2xUB+s71Op+6UqJYKXRhhxFW3OskkJVr57IbdQm1oGp8i5Al7
flMGgX0Hte0U1umY1qupNhPa73+9+Dossxw+3DnwLHMpLMIwZQtYPHmRt1DWoXQb
xxAkQBakliSimotReaFy4b3njhpLgVRw/b3jcdFn0WgclNC3N6vDm59rpe9ne/Cy
lBoUgHEvUf9q7lpXFiolG6K9DjhKaN3D1wVHnXmyt3pM8R0YCd2fF+1qC8c6jUSy
/11kujiOgg8HvhxU3YLnanX1osMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRN4TEw
+JivPfUyEhFAsME6Fke3WzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQ1M2Q3Y2UtNWNlMy00ZDc4LTk4OWYtYWI1ZGM1NTgwMmUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GgQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAZOtnwJHyKZ0WZQci/w0Vrat3GKHb4NckN4Bf
Pm+6aYIuBLMoSsBgCTOjpcNav2EysIIbpI8t8yx1sIYj6uqJukT5URETgflPSRQf
Zeyck9/k4SShrHlPfeIRTYtJpND35rAYMQvF8fpVk32beu2V+DbeXGhz7+Njcohj
ZDeBHYQtxaaS3tPUyXWTMTiDYZIynpOJ4KMSrqiO/e5S/Inil4pT6q7dS6+2ONX8
tzxpCMDuGVwDe12/k+3uPHueKOt52wNSxLVwi0lClW3lMNayWXHtGE4euAeyI1TQ
MM7N5+ZgagtcQfxL3yIEJ+Sw6W6j+rF4bwjQ3/HL2pK60SNUMg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:03:21 2026 by rpki-client