Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
File: c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa (raw, json)
Hash identifier: XJx2y4Cn0Gdh9xSiaOwouoKY3M/6hE5C119D7lU+CAU=
Subject key identifier: EA:AE:6D:49:7F:D6:3A:FE:9A:36:36:FA:4D:F2:AA:70:60:81:B2:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01045E8755DCEA0A01AB460E6BB4B39EF1BB75AA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
Signing time: Sat 28 Feb 2026 06:01:11 +0000
ROA not before: Sat 28 Feb 2026 06:01:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:04:5e:87:55:dc:ea:0a:01:ab:46:0e:6b:b4:b3:9e:f1:bb:75:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:01:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=557b3470e51e03bb3637f1d7029d583289c2cc84196714ae98adeeb45038b60c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:32:10:d2:3c:25:44:e7:b5:bf:5c:ca:14:24:
52:1d:c3:6e:74:87:1f:67:88:ea:d7:d6:77:ad:c8:
1a:78:93:13:c6:d3:43:f1:a9:b5:78:1e:21:af:c8:
49:c3:81:5a:76:0a:5b:e9:44:19:40:37:2c:ba:7b:
4b:05:61:0d:82:62:25:ff:62:da:d4:f2:2f:05:21:
d0:4d:92:05:19:8f:fc:1c:f1:47:b8:a6:4a:6b:75:
2d:6d:38:c2:3c:a9:71:6b:aa:65:71:89:ac:87:df:
65:ad:78:c8:06:1c:67:40:ba:88:17:c1:ce:4e:1d:
6d:23:10:8a:fd:6a:52:1d:83:2a:b2:e9:33:60:a6:
b0:32:5a:a8:32:eb:04:d3:d7:93:bb:64:4b:9d:bd:
6e:cc:0e:57:d8:44:37:f4:d8:8e:bf:d6:ab:5e:a9:
42:cb:59:33:65:1f:f7:a8:99:36:78:3c:bc:fe:a6:
f6:dd:e7:01:85:c8:dc:76:8a:24:a7:02:a3:0b:ba:
56:e8:b2:54:a3:46:d9:97:12:bc:4d:5b:0d:e0:62:
3f:2e:77:d1:69:30:85:d5:0e:d4:73:75:df:80:8d:
88:9f:3e:e8:d7:63:1b:b0:39:be:0f:5f:a8:87:d4:
d2:09:2f:f5:e2:4a:df:b4:d3:7f:a9:e3:f3:36:e7:
fe:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:AE:6D:49:7F:D6:3A:FE:9A:36:36:FA:4D:F2:AA:70:60:81:B2:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6a5acff-b5d8-4c80-9ecc-9415406576f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:2000::/40
Signature Algorithm: sha256WithRSAEncryption
93:65:8b:19:28:7a:87:7f:23:87:e2:62:06:55:c8:a5:d6:38:
e8:d1:b7:65:67:8b:da:f1:cb:48:ec:17:ab:f6:65:83:b0:ae:
3d:fa:ce:16:32:eb:82:6e:bf:b7:f4:d6:41:17:e6:87:61:a8:
7a:3b:60:26:a7:58:fb:ca:2a:84:f0:f2:1a:f3:d2:91:e2:70:
3f:d6:15:db:80:9a:78:e1:e4:0d:6d:57:99:fb:82:73:44:ff:
1b:50:77:93:22:d9:54:43:b3:2a:a9:b6:8e:a3:e1:77:be:4c:
ec:94:44:11:cb:f7:51:7d:3a:1a:bc:f6:3a:37:fb:2a:40:15:
84:49:70:ab:b0:4d:1b:b2:55:f5:58:e5:fa:4a:7b:53:0b:cf:
31:98:08:26:d7:16:8c:88:92:1f:5c:c2:f0:3b:5a:ce:8f:73:
36:19:c7:9b:11:16:51:b2:eb:6a:b2:0e:4a:43:f6:b5:d0:d2:
31:48:18:f8:ac:91:a2:69:74:f2:b4:f6:45:cc:9b:38:12:b4:
af:d4:e5:d3:80:12:29:2e:71:1c:3f:56:5e:3d:1e:38:6b:ee:
53:44:7e:cb:e3:91:d6:d3:98:b9:fc:2e:77:16:90:ab:cd:73:
59:a0:a3:84:c5:1e:1f:cc:a5:02:be:50:b5:09:57:e3:5b:26:
c1:42:4f:ae
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAQReh1Xc6goBq0YOa7SznvG7daowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAxMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1N2IzNDcwZTUxZTAzYmIzNjM3ZjFkNzAyOWQ1ODMyODljMmNjODQxOTY3
MTRhZTk4YWRlZWI0NTAzOGI2MGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsyENI8JUTntb9cyhQkUh3DbnSHH2eI6tfWd63IGniTE8bTQ/GptXgeIa/I
ScOBWnYKW+lEGUA3LLp7SwVhDYJiJf9i2tTyLwUh0E2SBRmP/BzxR7imSmt1LW04
wjypcWuqZXGJrIffZa14yAYcZ0C6iBfBzk4dbSMQiv1qUh2DKrLpM2CmsDJaqDLr
BNPXk7tkS529bswOV9hEN/TYjr/Wq16pQstZM2Uf96iZNng8vP6m9t3nAYXI3HaK
JKcCowu6VuiyVKNG2ZcSvE1bDeBiPy530WkwhdUO1HN134CNiJ8+6NdjG7A5vg9f
qIfU0gkv9eJK37TTf6nj8zbn/vkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqrm1J
f9Y6/po2NvpN8qpwYIGybjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzZhNWFjZmYtYjVkOC00YzgwLTllY2MtOTQxNTQwNjU3NmYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUg
MA0GCSqGSIb3DQEBCwUAA4IBAQCTZYsZKHqHfyOH4mIGVcil1jjo0bdlZ4va8ctI
7Ber9mWDsK49+s4WMuuCbr+39NZBF+aHYah6O2Amp1j7yiqE8PIa89KR4nA/1hXb
gJp44eQNbVeZ+4JzRP8bUHeTItlUQ7MqqbaOo+F3vkzslEQRy/dRfToavPY6N/sq
QBWESXCrsE0bslX1WOX6SntTC88xmAgm1xaMiJIfXMLwO1rOj3M2GcebERZRsutq
sg5KQ/a10NIxSBj4rJGiaXTytPZFzJs4ErSv1OXTgBIpLnEcP1ZePR44a+5TRH7L
45HW05i5/C53FpCrzXNZoKOExR4fzKUCvlC1CVfjWybBQk+u
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:35 2026 by rpki-client