Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
File: b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa (raw, json)
Hash identifier: k6icksDwdWxoCzRLlvtBB0tLYwW+idZRHuTDW0Grop0=
Subject key identifier: CE:E1:60:DC:E3:97:E3:83:78:DD:BD:24:E1:81:9F:6D:9D:FD:48:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 62076D9BFE0115488E1970CCCF817E4EAC9FC226
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
Signing time: Sat 28 Feb 2026 05:50:12 +0000
ROA not before: Sat 28 Feb 2026 05:50:12 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:07:6d:9b:fe:01:15:48:8e:19:70:cc:cf:81:7e:4e:ac:9f:c2:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:12 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c073172865140c369ac71b015bb571c06995a6cc1284f70919b426c9d58bc65b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e7:c7:2d:2c:e1:b9:ea:12:9d:2e:91:3d:e1:
16:18:de:0e:d7:bf:c6:de:10:d7:21:04:7f:fc:bb:
ed:87:eb:09:cc:3c:c0:3c:8e:55:43:f0:5d:08:d7:
c5:b0:d3:dc:c3:73:28:d1:4f:f9:71:b8:9f:63:b9:
0f:08:98:7c:07:40:24:41:90:00:72:4e:33:fb:99:
43:a3:79:2c:9a:89:eb:8f:45:39:22:3f:98:d7:1a:
df:67:a5:cd:c2:0f:8c:13:68:86:98:50:fb:ce:10:
29:9d:06:2c:4f:3f:af:be:84:78:66:22:b4:b2:5e:
6d:3f:bb:6e:7c:ab:00:2c:0f:fc:0e:91:e7:e4:f9:
99:30:38:4a:95:ec:1e:97:d3:f4:84:03:3b:fd:f2:
c4:d9:1d:2f:4e:d2:42:08:ab:2d:eb:ef:78:4d:26:
a7:28:14:7e:ca:9e:e9:24:9b:61:3b:71:5d:66:b5:
b0:87:06:79:1b:f6:d6:b3:65:80:74:1d:51:33:7c:
11:22:8b:d2:b2:27:f2:47:4a:05:8e:9b:15:02:d0:
cd:0a:1b:5f:41:c8:18:4b:e6:3a:83:99:e6:e2:16:
08:08:01:4b:65:47:a1:a2:b2:e9:16:a8:18:ff:64:
1b:56:d8:e9:e0:bd:b6:8b:7b:52:93:b5:48:1b:f8:
63:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E1:60:DC:E3:97:E3:83:78:DD:BD:24:E1:81:9F:6D:9D:FD:48:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
6c:14:7d:b0:f0:77:55:01:8a:47:f1:30:79:b7:ce:1c:03:78:
f8:83:f8:2a:cc:16:78:b3:28:40:94:b7:7f:d3:5a:71:21:6c:
36:6e:66:40:63:9a:ac:4f:3e:11:06:2d:f5:30:e3:fb:f5:00:
f4:4f:d3:8c:3e:70:c6:ec:f1:d9:25:c6:fe:b2:57:81:27:1a:
65:f1:bd:2e:db:ee:f5:d0:aa:2f:bd:97:a2:9e:ad:57:e3:c2:
ca:10:e1:97:d3:84:74:af:30:39:3e:61:92:f6:39:d8:42:b7:
91:c0:dc:8b:27:75:dc:2a:6a:33:22:d7:26:92:94:16:93:4d:
93:3a:c2:98:51:30:7e:5a:98:f0:72:f0:9a:df:30:eb:e2:bd:
7e:67:76:ff:40:9a:5b:fc:61:f1:8d:29:9c:05:cf:99:22:72:
7b:6d:a7:cd:35:e3:12:38:59:16:ca:cd:30:d2:8c:74:9b:8f:
7d:00:8a:c5:b9:16:55:33:58:ac:f9:4e:41:63:0e:bd:b1:ea:
42:7e:e8:f5:85:d6:79:5a:fb:98:05:0f:6b:c5:50:a8:85:cf:
34:80:cf:50:e1:24:7c:05:b3:ba:56:be:8a:e6:69:0d:3c:08:
15:38:d4:0c:87:ba:1e:67:db:2c:53:c4:94:06:43:ae:bf:7d:
48:fa:64:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYgdtm/4BFUiOGXDMz4F+TqyfwiYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwMTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwNzMxNzI4NjUxNDBjMzY5YWM3MWIwMTViYjU3MWMwNjk5NWE2Y2MxMjg0
ZjcwOTE5YjQyNmM5ZDU4YmM2NWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbnxy0s4bnqEp0ukT3hFhjeDte/xt4Q1yEEf/y77YfrCcw8wDyOVUPwXQjX
xbDT3MNzKNFP+XG4n2O5DwiYfAdAJEGQAHJOM/uZQ6N5LJqJ649FOSI/mNca32el
zcIPjBNohphQ+84QKZ0GLE8/r76EeGYitLJebT+7bnyrACwP/A6R5+T5mTA4SpXs
HpfT9IQDO/3yxNkdL07SQgirLevveE0mpygUfsqe6SSbYTtxXWa1sIcGeRv21rNl
gHQdUTN8ESKL0rIn8kdKBY6bFQLQzQobX0HIGEvmOoOZ5uIWCAgBS2VHoaKy6Rao
GP9kG1bY6eC9tot7UpO1SBv4Y7kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTO4WDc
45fjg3jdvSThgZ9tnf1InDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjYxZjg1OGEtMzFiMS00ODVhLThjZWQtMGMzMjhjZTljNGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9A
MA0GCSqGSIb3DQEBCwUAA4IBAQBsFH2w8HdVAYpH8TB5t84cA3j4g/gqzBZ4syhA
lLd/01pxIWw2bmZAY5qsTz4RBi31MOP79QD0T9OMPnDG7PHZJcb+sleBJxpl8b0u
2+710KovvZeinq1X48LKEOGX04R0rzA5PmGS9jnYQreRwNyLJ3XcKmozItcmkpQW
k02TOsKYUTB+WpjwcvCa3zDr4r1+Z3b/QJpb/GHxjSmcBc+ZInJ7bafNNeMSOFkW
ys0w0ox0m499AIrFuRZVM1is+U5BYw69sepCfuj1hdZ5WvuYBQ9rxVCohc80gM9Q
4SR8BbO6Vr6K5mkNPAgVONQMh7oeZ9ssU8SUBkOuv31I+mSa
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:19 2026 by rpki-client