Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
File: c153f994-19fd-4682-b6f7-f4e92e6144ea.roa (raw, json)
Hash identifier: GzuSfaLdIJ3ESmwrTkrUidSVoHlzXpG2IiSg+YZY8bw=
Subject key identifier: 8C:A8:1B:2A:52:F2:49:CA:C5:8F:06:7C:38:FD:1D:72:16:57:A8:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C0149DCDB1876D9D67F127E2512B1A8321F20ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
Signing time: Tue 19 May 2026 04:40:41 +0000
ROA not before: Tue 19 May 2026 04:40:41 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:01:49:dc:db:18:76:d9:d6:7f:12:7e:25:12:b1:a8:32:1f:20:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:41 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=2b0c285b61d1f07e2a075395fcfbcb8acf5865a361c7d4f7d8882da7d5444dd6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c6:06:d6:ba:2d:0b:bf:51:47:0c:e9:c9:54:
57:20:c6:7d:83:9d:70:5d:af:e9:d9:83:65:18:d8:
69:c1:ab:41:68:91:3b:ed:39:09:f5:02:a7:f2:74:
79:9e:4e:52:77:38:49:d7:19:e3:86:69:78:bd:13:
ab:3f:6f:cd:34:00:90:cb:f6:9e:42:70:be:9d:92:
7d:e7:c2:f4:8e:eb:30:7e:ce:c0:d4:5d:84:e5:18:
8c:70:a8:4f:f3:49:e4:95:b5:d4:ac:8b:87:84:1e:
ed:b1:79:d8:4b:fe:f6:df:fb:4f:4b:c4:ab:4b:8f:
f6:e5:1c:17:4a:37:ba:50:6c:94:3b:24:26:20:56:
54:b7:1d:71:21:86:6a:17:4c:a8:d9:4c:52:1b:c1:
30:e6:29:4a:4b:09:fa:c0:cd:11:51:1d:c4:41:30:
98:83:57:a3:3f:c4:8e:25:15:4b:af:36:8f:25:d6:
5f:74:ae:9f:92:0c:b1:81:3d:5c:d9:0f:49:9f:55:
45:61:ac:ee:ab:cd:f7:bf:ec:3e:26:7a:79:ca:96:
f1:63:d2:e7:e0:b2:4b:5d:f6:0d:56:03:60:c0:6a:
17:5c:02:9b:64:43:2a:3d:4a:d8:77:4a:3f:33:b0:
94:73:2d:fb:d6:0d:89:ac:77:54:1e:ec:57:99:47:
90:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:A8:1B:2A:52:F2:49:CA:C5:8F:06:7C:38:FD:1D:72:16:57:A8:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:c00::/38
Signature Algorithm: sha256WithRSAEncryption
92:01:b5:e1:29:bd:2f:2c:79:5c:b8:eb:1d:e6:52:41:0b:69:
01:70:92:55:3e:69:a6:ec:e1:57:0f:ad:aa:c7:90:83:27:a0:
3d:3c:33:02:8b:55:20:0c:51:8f:02:e0:bc:4e:ea:cb:b0:da:
68:40:51:6e:29:09:1c:b8:6e:1d:b6:96:d5:6f:99:a9:8a:5b:
07:58:fe:3d:a0:c3:6e:67:0a:bb:3f:37:a3:24:85:2f:16:5d:
9c:45:54:cd:fa:fe:48:49:42:81:a2:ef:58:63:8a:db:7c:7e:
60:27:46:88:1b:8f:ff:56:c9:7b:f8:7e:d3:c6:5e:cb:4e:98:
7b:43:d1:34:a2:1d:6b:31:56:06:c6:7d:e3:e5:d2:5b:81:90:
d5:a2:4b:1a:55:b1:e5:59:7b:81:35:ea:b7:a6:6a:60:c7:47:
fd:9d:33:c4:e5:f0:a6:6b:7d:ab:0d:be:17:ad:b8:7c:f7:a2:
40:83:da:c9:7c:94:0c:e9:07:f3:67:90:09:ab:e7:34:98:51:
af:54:84:6b:a0:46:25:75:4a:89:53:e0:f6:74:77:4a:ad:eb:
0d:5b:11:93:e5:28:de:10:99:3a:8c:99:70:8f:c5:c7:bb:73:
a3:b3:9e:5e:22:82:c7:3a:a1:cd:07:1c:65:98:f3:cb:ce:a0:
99:b0:9e:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTAFJ3NsYdtnWfxJ+JRKxqDIfIO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwNDFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiMGMyODViNjFkMWYwN2UyYTA3NTM5NWZjZmJjYjhhY2Y1ODY1YTM2MWM3
ZDRmN2Q4ODgyZGE3ZDU0NDRkZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzGBta6LQu/UUcM6clUVyDGfYOdcF2v6dmDZRjYacGrQWiRO+05CfUCp/J0
eZ5OUnc4SdcZ44ZpeL0Tqz9vzTQAkMv2nkJwvp2SfefC9I7rMH7OwNRdhOUYjHCo
T/NJ5JW11KyLh4Qe7bF52Ev+9t/7T0vEq0uP9uUcF0o3ulBslDskJiBWVLcdcSGG
ahdMqNlMUhvBMOYpSksJ+sDNEVEdxEEwmINXoz/EjiUVS682jyXWX3Sun5IMsYE9
XNkPSZ9VRWGs7qvN97/sPiZ6ecqW8WPS5+CyS132DVYDYMBqF1wCm2RDKj1K2HdK
PzOwlHMt+9YNiax3VB7sV5lHkNsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSMqBsq
UvJJysWPBnw4/R1yFleoiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzE1M2Y5OTQtMTlmZC00NjgyLWI2ZjctZjRlOTJlNjE0NGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwM
MA0GCSqGSIb3DQEBCwUAA4IBAQCSAbXhKb0vLHlcuOsd5lJBC2kBcJJVPmmm7OFX
D62qx5CDJ6A9PDMCi1UgDFGPAuC8TurLsNpoQFFuKQkcuG4dtpbVb5mpilsHWP49
oMNuZwq7PzejJIUvFl2cRVTN+v5ISUKBou9YY4rbfH5gJ0aIG4//Vsl7+H7Txl7L
Tph7Q9E0oh1rMVYGxn3j5dJbgZDVoksaVbHlWXuBNeq3pmpgx0f9nTPE5fCma32r
Db4Xrbh896JAg9rJfJQM6QfzZ5AJq+c0mFGvVIRroEYldUqJU+D2dHdKresNWxGT
5SjeEJk6jJlwj8XHu3Ojs55eIoLHOqHNBxxlmPPLzqCZsJ4h
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:57 2026 by rpki-client