Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c10198a9-e934-4497-9fd6-1ed37399bccb.roa
File: c10198a9-e934-4497-9fd6-1ed37399bccb.roa (raw, json)
Hash identifier: 4l7q4QOGxbixhrxpEW0wWHuMsGDqAmnTkiOZAsJ1Zq0=
Subject key identifier: C1:87:6F:91:C8:BE:6B:B5:3A:E9:E3:8D:63:C8:06:DF:F2:4E:D8:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1BA2A7D2C01B5020AB4693F2B742C93686950979
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c10198a9-e934-4497-9fd6-1ed37399bccb.roa
Signing time: Fri 22 May 2026 16:01:52 +0000
ROA not before: Fri 22 May 2026 16:01:52 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:a2:a7:d2:c0:1b:50:20:ab:46:93:f2:b7:42:c9:36:86:95:09:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:01:52 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=bba4080c1123450a1716234b95be9c1400ca5bdf14ec7928bc186d5e98188ff8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:75:bf:46:e9:6c:35:8b:24:62:48:c8:64:3f:
c2:4b:e6:d0:87:a4:39:44:1d:f3:50:bf:e6:92:17:
fc:03:aa:76:81:e7:c5:21:81:a2:1d:b0:a4:83:21:
56:3a:7f:6b:ae:1a:90:80:ba:2b:15:96:15:5a:90:
d3:31:8f:5d:41:f2:53:5c:fa:3d:9e:08:3c:57:bd:
48:b1:2d:0d:66:94:ab:26:dd:66:df:a9:f7:85:68:
41:11:7b:f3:88:91:08:79:e2:f9:a6:6a:2c:7f:12:
71:df:6e:22:fa:d8:df:89:52:4c:8e:0c:ba:ad:9e:
dd:ec:3a:19:0f:d8:02:a9:f6:1e:d0:35:ab:09:5a:
13:7b:05:4b:55:e6:d8:15:d1:26:1e:c9:44:2c:36:
f6:97:2c:0b:30:5d:cb:99:2b:42:55:41:44:30:bb:
fa:ba:f7:da:38:6d:20:17:7f:91:79:08:72:ad:df:
cf:5f:c9:06:00:7b:70:af:78:70:d4:83:85:66:ff:
07:bb:e7:40:99:12:78:cf:0e:01:2c:0d:36:37:66:
53:df:c0:0f:c8:3d:d0:a8:48:23:11:e7:bf:8a:bb:
06:c5:fe:8c:30:9f:bb:51:42:d0:01:95:e1:48:ca:
91:a6:b4:09:b8:8b:60:35:94:2a:75:7e:dd:8e:cb:
bb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:87:6F:91:C8:BE:6B:B5:3A:E9:E3:8D:63:C8:06:DF:F2:4E:D8:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c10198a9-e934-4497-9fd6-1ed37399bccb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:800::/40
Signature Algorithm: sha256WithRSAEncryption
63:27:ec:b7:9b:6f:7b:b0:7f:5b:60:7f:9a:75:b0:01:19:16:
08:ff:7e:b1:29:bd:70:14:9a:2e:cf:4d:73:c8:4d:0d:cd:a9:
de:f3:4a:f8:98:7a:0c:34:46:36:44:71:1a:16:39:92:1c:e0:
07:09:e3:61:40:54:a6:5e:83:54:d1:f0:97:63:0a:55:27:73:
5f:3c:40:a8:e8:42:f5:e0:e4:a8:c9:1d:56:18:ca:1f:a9:cc:
47:85:10:57:35:e9:df:76:83:38:f4:a8:10:3d:37:4f:3e:ac:
56:af:33:35:3b:68:ce:b1:a7:c3:05:67:6f:be:3a:f0:18:67:
72:db:48:93:ed:70:9e:eb:dc:82:8d:28:fa:dc:87:8a:71:f9:
67:33:69:73:62:c2:75:47:b2:2d:c2:ef:5e:ed:60:f7:c4:c2:
b3:1c:ca:f5:fb:26:01:92:9b:4d:36:11:1f:65:64:a6:e6:61:
a4:d2:e9:e4:45:c0:71:f3:4c:3d:74:e0:37:49:6b:a3:dd:f1:
ce:34:6f:69:d4:db:0b:08:ae:8c:90:d8:92:e5:a4:ac:17:e6:
e6:80:1a:36:58:f1:a9:33:66:cc:ab:da:b9:e0:37:74:ae:9a:
5a:06:03:d9:f3:f0:d8:7a:40:b5:8f:db:e2:7a:f3:e1:64:97:
7e:11:ab:60
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG6Kn0sAbUCCrRpPyt0LJNoaVCXkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAxNTJaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiYTQwODBjMTEyMzQ1MGExNzE2MjM0Yjk1YmU5YzE0MDBjYTViZGYxNGVj
NzkyOGJjMTg2ZDVlOTgxODhmZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMR1v0bpbDWLJGJIyGQ/wkvm0IekOUQd81C/5pIX/AOqdoHnxSGBoh2wpIMh
Vjp/a64akIC6KxWWFVqQ0zGPXUHyU1z6PZ4IPFe9SLEtDWaUqybdZt+p94VoQRF7
84iRCHni+aZqLH8Scd9uIvrY34lSTI4Muq2e3ew6GQ/YAqn2HtA1qwlaE3sFS1Xm
2BXRJh7JRCw29pcsCzBdy5krQlVBRDC7+rr32jhtIBd/kXkIcq3fz1/JBgB7cK94
cNSDhWb/B7vnQJkSeM8OASwNNjdmU9/AD8g90KhIIxHnv4q7BsX+jDCfu1FC0AGV
4UjKkaa0CbiLYDWUKnV+3Y7Lu+0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTBh2+R
yL5rtTrp441jyAbf8k7YrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzEwMTk4YTktZTkzNC00NDk3LTlmZDYtMWVkMzczOTliY2NiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DEI
MA0GCSqGSIb3DQEBCwUAA4IBAQBjJ+y3m297sH9bYH+adbABGRYI/36xKb1wFJou
z01zyE0Nzane80r4mHoMNEY2RHEaFjmSHOAHCeNhQFSmXoNU0fCXYwpVJ3NfPECo
6EL14OSoyR1WGMofqcxHhRBXNenfdoM49KgQPTdPPqxWrzM1O2jOsafDBWdvvjrw
GGdy20iT7XCe69yCjSj63IeKcflnM2lzYsJ1R7Itwu9e7WD3xMKzHMr1+yYBkptN
NhEfZWSm5mGk0unkRcBx80w9dOA3SWuj3fHONG9p1NsLCK6MkNiS5aSsF+bmgBo2
WPGpM2bMq9q54Dd0rppaBgPZ8/DYekC1j9vievPhZJd+Eatg
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:27:55 2026 by rpki-client