Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
File: c02bd597-170b-4eec-b8d1-18d678b065fa.roa (raw, json)
Hash identifier: VeP1+zI29S3cHo88E0wCM5iBVkZUhW86CEp9Zi340lo=
Subject key identifier: 57:B6:1B:FE:A7:23:2B:02:71:71:31:E9:23:57:E0:BF:6E:55:A6:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71639F5E30C8329C2FA508A8D59C629822B02D74
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
Signing time: Sat 28 Feb 2026 05:51:06 +0000
ROA not before: Sat 28 Feb 2026 05:51:06 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:63:9f:5e:30:c8:32:9c:2f:a5:08:a8:d5:9c:62:98:22:b0:2d:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:06 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=312010d4548dcd76cb0722845287d09ed2db6206a2d7606d135bfb8e7e112508, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ff:80:a4:75:56:fc:e2:eb:f3:26:44:ea:fe:
59:f4:8c:71:5a:ed:59:58:a1:22:93:06:37:29:63:
a6:3d:e2:c1:98:10:71:05:ef:29:6f:ec:82:6d:46:
cb:64:5a:c4:a4:39:1f:d1:dd:57:84:b9:e5:a1:0e:
3d:43:7b:de:1e:d5:2c:d7:45:a8:1c:c6:85:db:5c:
05:af:3e:c6:5a:0f:ef:0f:3e:2c:0d:02:a8:47:2d:
63:77:5e:08:44:d6:33:a7:ca:10:59:25:20:64:82:
2e:08:89:35:ed:42:01:e6:49:b7:ca:e4:e0:cc:0e:
3e:31:6a:03:18:27:85:01:28:d9:bc:b9:c7:7a:18:
7a:2e:a0:ce:6e:30:e5:4f:fc:2d:30:3a:b7:20:54:
16:fe:9c:2b:3a:ba:99:1b:7f:ff:60:67:66:fa:db:
59:1f:ee:8b:f7:7d:78:6d:30:c9:f3:2a:3b:87:01:
fd:97:8b:da:db:b4:56:93:5e:ba:5c:94:cb:01:17:
6c:36:df:56:03:e6:93:cd:24:0c:78:af:d2:15:f9:
45:69:5c:74:7c:ac:44:3e:eb:7c:50:7f:95:88:78:
5b:40:25:3d:d9:88:34:d2:7b:47:05:67:b2:4f:d3:
c3:5f:8e:af:1f:42:ad:ad:8b:dc:6d:89:89:a2:80:
ea:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:B6:1B:FE:A7:23:2B:02:71:71:31:E9:23:57:E0:BF:6E:55:A6:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c02bd597-170b-4eec-b8d1-18d678b065fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8010::/48
Signature Algorithm: sha256WithRSAEncryption
0e:e8:14:20:30:26:1c:54:d5:23:a5:8e:86:13:76:9f:30:38:
19:57:72:aa:50:27:e4:73:65:44:42:14:6c:fd:73:07:93:20:
67:0b:53:b3:08:4a:04:47:6a:9b:cb:13:d9:fb:9c:64:22:9f:
04:8b:82:2f:22:ab:6d:ed:d1:94:6c:50:54:6b:1c:e5:7a:47:
5e:33:7c:78:ed:40:fa:9f:28:7f:55:97:a4:fa:6e:1f:13:6e:
4a:19:d7:6e:bf:d2:6e:36:dd:e5:29:f5:fb:47:a5:5d:30:b1:
89:7f:e3:8f:90:f2:93:d6:92:be:5f:7c:e4:16:c2:e5:2a:12:
23:f2:70:6e:62:cb:3a:ff:ac:8d:ad:88:19:eb:43:a1:ba:e4:
24:49:0f:e0:65:f2:70:00:99:0a:5c:0e:f5:a7:8b:2c:a9:b4:
f9:7e:d4:02:42:7c:2f:82:5f:fe:eb:03:19:54:60:8c:3d:9b:
8b:0d:a8:d3:d9:bd:08:4b:de:62:3b:81:ea:cc:ab:b1:01:5f:
69:80:84:f5:48:21:99:a0:4a:c5:97:f6:c4:32:7b:b7:d2:f5:
92:3e:0c:0b:07:49:38:83:d6:b0:5a:49:fe:e1:c5:e7:a1:b7:
f9:f7:85:f8:ef:ad:c1:f2:fe:4d:f7:c9:fa:bb:53:cc:df:1d:
3a:50:43:3a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcWOfXjDIMpwvpQio1ZximCKwLXQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxMjAxMGQ0NTQ4ZGNkNzZjYjA3MjI4NDUyODdkMDllZDJkYjYyMDZhMmQ3
NjA2ZDEzNWJmYjhlN2UxMTI1MDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM//gKR1Vvzi6/MmROr+WfSMcVrtWVihIpMGNyljpj3iwZgQcQXvKW/sgm1G
y2RaxKQ5H9HdV4S55aEOPUN73h7VLNdFqBzGhdtcBa8+xloP7w8+LA0CqEctY3de
CETWM6fKEFklIGSCLgiJNe1CAeZJt8rk4MwOPjFqAxgnhQEo2by5x3oYei6gzm4w
5U/8LTA6tyBUFv6cKzq6mRt//2BnZvrbWR/ui/d9eG0wyfMqO4cB/ZeL2tu0VpNe
ulyUywEXbDbfVgPmk80kDHiv0hX5RWlcdHysRD7rfFB/lYh4W0AlPdmINNJ7RwVn
sk/Tw1+Orx9Cra2L3G2JiaKA6okCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRXthv+
pyMrAnFxMekjV+C/blWmrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzAyYmQ1OTctMTcwYi00ZWVjLWI4ZDEtMThkNjc4YjA2NWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
EDANBgkqhkiG9w0BAQsFAAOCAQEADugUIDAmHFTVI6WOhhN2nzA4GVdyqlAn5HNl
REIUbP1zB5MgZwtTswhKBEdqm8sT2fucZCKfBIuCLyKrbe3RlGxQVGsc5XpHXjN8
eO1A+p8of1WXpPpuHxNuShnXbr/Sbjbd5Sn1+0elXTCxiX/jj5Dyk9aSvl985BbC
5SoSI/JwbmLLOv+sja2IGetDobrkJEkP4GXycACZClwO9aeLLKm0+X7UAkJ8L4Jf
/usDGVRgjD2biw2o09m9CEveYjuB6syrsQFfaYCE9UghmaBKxZf2xDJ7t9L1kj4M
CwdJOIPWsFpJ/uHF56G3+feF+O+twfL+TffJ+rtTzN8dOlBDOg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:48:55 2026 by rpki-client