Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
File: cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa (raw, json)
Hash identifier: a+np15BO2BwFLpwuz6T9taCVg2+r6mAhn1ODGbYvnLw=
Subject key identifier: 58:A4:9E:FD:4D:8E:59:F5:3F:E2:8E:1E:5E:D0:1B:C2:35:2E:25:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FA93ACC27BD0E2774010741B98953A7E82186C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
Signing time: Sat 28 Feb 2026 06:20:12 +0000
ROA not before: Sat 28 Feb 2026 06:20:12 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:a9:3a:cc:27:bd:0e:27:74:01:07:41:b9:89:53:a7:e8:21:86:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:20:12 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=dabe231d89eada02c5ad21fbe73110c422dd00bae32cc6b75efc54cab7cc96d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3a:6b:19:eb:1c:e1:61:1e:fa:f9:4a:21:a7:
6f:78:16:4b:d0:4c:a3:54:28:05:75:c1:c9:20:06:
4c:a0:67:0d:03:1a:72:f1:d5:9f:85:d7:47:b3:ef:
85:70:70:ea:b6:30:8c:57:72:fa:4f:51:4a:0b:b0:
b7:e6:68:25:33:6c:72:26:c4:93:db:8f:f6:31:68:
d0:a8:de:40:e8:e5:ea:e2:a9:fd:94:fb:68:4f:8d:
5d:6b:4f:93:25:02:55:3c:b5:d5:e3:eb:31:3d:90:
5f:42:b6:90:96:9f:7c:79:d6:40:c0:bf:b4:b0:0c:
73:1c:7c:a7:3e:d7:66:9f:be:21:41:f7:54:78:f0:
35:69:84:03:49:f4:f1:47:02:b6:aa:47:64:e3:3d:
24:47:31:43:48:0f:1e:c0:e9:31:21:46:a1:85:bd:
be:b3:81:26:f8:44:e2:6b:8f:95:bd:18:46:fa:13:
84:72:74:ba:b0:a0:d6:fb:0e:4a:e7:59:36:06:62:
a1:f9:d3:ae:42:8a:a0:83:68:7a:13:47:0d:27:8e:
67:63:1f:63:2d:0c:d4:f4:f9:e6:7d:86:2d:6e:ee:
7c:d7:33:e9:8a:42:aa:94:e9:c2:29:56:ac:c2:71:
d2:fc:40:52:5d:ed:9f:44:c8:b8:5c:7a:30:39:bd:
89:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:A4:9E:FD:4D:8E:59:F5:3F:E2:8E:1E:5E:D0:1B:C2:35:2E:25:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:a000::/40
Signature Algorithm: sha256WithRSAEncryption
96:cf:2f:b0:8b:c7:03:7a:b9:e0:61:6c:8d:3a:33:8f:ec:80:
22:f2:f4:83:8f:14:ff:e0:80:f1:0b:06:a9:89:36:0f:22:da:
8e:79:67:a8:85:b9:cf:15:c9:73:1b:61:d1:4e:73:24:e2:f0:
94:8b:cc:5c:d2:46:e2:58:2c:0d:a6:ae:40:d1:4d:a5:36:06:
8c:a8:cd:0e:5e:31:7c:d6:50:c8:4f:21:69:85:19:3b:65:28:
80:b2:56:07:ac:07:06:44:05:81:01:fb:d9:24:22:de:fb:70:
3c:d3:e0:da:73:45:fd:0a:a5:9d:4f:9d:f1:5d:3c:99:cb:6a:
2f:1d:f2:b6:88:e4:73:4c:ef:ae:44:2a:d9:65:5d:95:7f:fd:
1e:95:b6:f4:51:5d:eb:9c:8d:f6:ba:27:7f:64:17:46:f7:65:
e2:2a:b3:37:ff:30:f3:78:5d:f2:87:31:2e:0a:20:17:52:9f:
2f:e4:81:eb:85:be:54:cc:34:3c:97:42:11:40:13:4a:ad:b5:
d5:ab:14:12:a3:52:54:dd:4a:93:06:a8:84:7b:aa:b8:42:77:
2f:ef:81:60:d4:7e:17:f4:39:46:3f:7f:18:7c:0d:67:35:f0:
cc:08:63:32:eb:22:e8:a0:c4:f9:21:68:1d:57:d2:b6:8e:78:
b9:fb:2a:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD6k6zCe9Did0AQdBuYlTp+ghhskwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIwMTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhYmUyMzFkODllYWRhMDJjNWFkMjFmYmU3MzExMGM0MjJkZDAwYmFlMzJj
YzZiNzVlZmM1NGNhYjdjYzk2ZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK06axnrHOFhHvr5SiGnb3gWS9BMo1QoBXXBySAGTKBnDQMacvHVn4XXR7Pv
hXBw6rYwjFdy+k9RSguwt+ZoJTNscibEk9uP9jFo0KjeQOjl6uKp/ZT7aE+NXWtP
kyUCVTy11ePrMT2QX0K2kJaffHnWQMC/tLAMcxx8pz7XZp++IUH3VHjwNWmEA0n0
8UcCtqpHZOM9JEcxQ0gPHsDpMSFGoYW9vrOBJvhE4muPlb0YRvoThHJ0urCg1vsO
SudZNgZiofnTrkKKoINoehNHDSeOZ2MfYy0M1PT55n2GLW7ufNcz6YpCqpTpwilW
rMJx0vxAUl3tn0TIuFx6MDm9iU8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRYpJ79
TY5Z9T/ijh5e0BvCNS4lvjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I0YTczZTEtYmU2Yi00Y2JhLWIxMzAtYTIyYmIzOWNmNjcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKg
MA0GCSqGSIb3DQEBCwUAA4IBAQCWzy+wi8cDerngYWyNOjOP7IAi8vSDjxT/4IDx
CwapiTYPItqOeWeohbnPFclzG2HRTnMk4vCUi8xc0kbiWCwNpq5A0U2lNgaMqM0O
XjF81lDITyFphRk7ZSiAslYHrAcGRAWBAfvZJCLe+3A80+Dac0X9CqWdT53xXTyZ
y2ovHfK2iORzTO+uRCrZZV2Vf/0elbb0UV3rnI32uid/ZBdG92XiKrM3/zDzeF3y
hzEuCiAXUp8v5IHrhb5UzDQ8l0IRQBNKrbXVqxQSo1JU3UqTBqiEe6q4Qncv74Fg
1H4X9DlGP38YfA1nNfDMCGMy6yLooMT5IWgdV9K2jni5+yoB
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:56 2026 by rpki-client