Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdcd69a2-24ce-44e6-adc9-b1a1349a422a.roa
File: cdcd69a2-24ce-44e6-adc9-b1a1349a422a.roa (raw, json)
Hash identifier: 18PZ5BGx3kz4rNCUTkrmIN7Yo6qR6v6bI/Er1gwPfAY=
Subject key identifier: 44:8E:77:5A:16:97:6E:EF:DC:25:60:11:30:7B:27:FE:06:09:3C:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2808AE3BC49FD067F9EE101D366027A474205FA0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdcd69a2-24ce-44e6-adc9-b1a1349a422a.roa
Signing time: Fri 22 May 2026 16:01:52 +0000
ROA not before: Fri 22 May 2026 16:01:52 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:08:ae:3b:c4:9f:d0:67:f9:ee:10:1d:36:60:27:a4:74:20:5f:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:01:52 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=2ce8924cf599709191dde0e146d6d9b1bdf5f53cdec274465312d3e4edb22de4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:02:04:9d:11:19:18:54:5d:34:7c:cc:fa:f1:
34:8c:86:01:c8:0d:54:9c:cf:0c:3e:f8:4a:d7:37:
5d:70:56:c1:3d:c3:3d:05:50:b1:99:1d:a9:8f:53:
eb:fd:ed:24:3b:3c:05:95:26:2b:72:15:49:f6:90:
b7:13:71:d9:4c:13:02:89:98:52:20:df:07:4a:dd:
67:08:65:c0:f7:82:c9:f3:e2:10:60:c6:7a:c9:7b:
4c:50:f1:08:dc:94:09:d6:b1:05:9d:8c:4c:95:59:
0f:1f:7f:79:27:ad:6d:28:cf:dc:43:2c:95:d1:e0:
78:e9:27:7f:fa:a8:c4:7b:c7:5e:2d:1b:14:2a:0d:
d2:d7:1a:38:ff:25:2c:64:98:37:b4:63:96:63:ba:
b7:31:6f:fd:7a:1d:22:a2:35:80:57:a4:45:45:b2:
5a:9b:8f:5e:5d:8c:3c:d7:3d:00:8b:aa:16:7e:71:
8b:db:6c:5c:1b:5c:f7:95:d9:f7:29:87:aa:2a:aa:
37:10:aa:65:d0:4a:f1:a9:95:cb:62:57:e4:09:ca:
d1:9e:2a:21:9f:3a:74:27:8e:72:cc:5e:42:09:b2:
53:fb:6d:bf:4b:bf:77:ca:55:0b:fa:dc:21:f3:47:
44:9b:12:4f:79:6a:e0:af:60:db:fe:27:8c:46:53:
fe:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:8E:77:5A:16:97:6E:EF:DC:25:60:11:30:7B:27:FE:06:09:3C:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdcd69a2-24ce-44e6-adc9-b1a1349a422a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6000::/40
Signature Algorithm: sha256WithRSAEncryption
0c:59:3b:22:3f:25:c8:b0:67:0c:6b:3a:c8:25:a7:2c:a1:d8:
81:b6:49:dd:6c:0a:00:21:3e:be:1d:d4:96:3b:ec:bf:3e:74:
51:87:1d:85:aa:05:5e:32:1c:4d:33:86:58:3e:2c:a0:cf:bc:
88:e0:a1:8f:40:21:f0:b4:b3:8b:86:f3:c0:29:7e:80:f4:47:
3a:2b:87:3f:3b:75:c0:44:57:55:ff:08:3e:a2:4d:d8:d4:6f:
79:f7:bd:2c:11:96:c4:c3:54:6f:5d:2b:dd:db:24:56:cd:c6:
dd:ce:0b:85:7b:b4:0f:26:98:a7:e8:84:08:ef:4d:f9:08:bf:
00:1c:cb:3e:ed:52:91:66:66:b3:56:fa:ca:28:eb:00:6a:0b:
af:1c:b3:9e:c7:25:b0:54:f7:89:c1:ea:bd:a2:23:08:fa:01:
d7:25:f5:ec:21:bb:f8:14:a2:79:14:fe:ce:1b:ea:fd:8c:60:
44:af:31:f6:b5:0c:23:3a:79:77:3d:32:12:8a:a0:f1:6b:3f:
b6:41:e2:e7:c0:69:d7:bc:8e:7c:d5:ca:2b:f2:ec:b0:b7:f5:
26:3a:b4:e0:54:14:71:a9:cf:f7:96:1e:6f:d4:b6:0b:54:b8:
43:10:68:01:89:af:f7:8c:c3:31:8f:19:e1:57:11:bf:e2:46:
e0:f8:6f:3b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKAiuO8Sf0Gf57hAdNmAnpHQgX6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAxNTJaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjZTg5MjRjZjU5OTcwOTE5MWRkZTBlMTQ2ZDZkOWIxYmRmNWY1M2NkZWMy
NzQ0NjUzMTJkM2U0ZWRiMjJkZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMCBJ0RGRhUXTR8zPrxNIyGAcgNVJzPDD74Stc3XXBWwT3DPQVQsZkdqY9T
6/3tJDs8BZUmK3IVSfaQtxNx2UwTAomYUiDfB0rdZwhlwPeCyfPiEGDGesl7TFDx
CNyUCdaxBZ2MTJVZDx9/eSetbSjP3EMsldHgeOknf/qoxHvHXi0bFCoN0tcaOP8l
LGSYN7RjlmO6tzFv/XodIqI1gFekRUWyWpuPXl2MPNc9AIuqFn5xi9tsXBtc95XZ
9ymHqiqqNxCqZdBK8amVy2JX5AnK0Z4qIZ86dCeOcsxeQgmyU/ttv0u/d8pVC/rc
IfNHRJsST3lq4K9g2/4njEZT/s8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBREjnda
Fpdu79wlYBEweyf+Bgk8cTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RjZDY5YTItMjRjZS00NGU2LWFkYzktYjFhMTM0OWE0MjJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFg
MA0GCSqGSIb3DQEBCwUAA4IBAQAMWTsiPyXIsGcMazrIJacsodiBtkndbAoAIT6+
HdSWO+y/PnRRhx2FqgVeMhxNM4ZYPiygz7yI4KGPQCHwtLOLhvPAKX6A9Ec6K4c/
O3XARFdV/wg+ok3Y1G95970sEZbEw1RvXSvd2yRWzcbdzguFe7QPJpin6IQI7035
CL8AHMs+7VKRZmazVvrKKOsAaguvHLOexyWwVPeJweq9oiMI+gHXJfXsIbv4FKJ5
FP7OG+r9jGBErzH2tQwjOnl3PTISiqDxaz+2QeLnwGnXvI581cor8uywt/UmOrTg
VBRxqc/3lh5v1LYLVLhDEGgBia/3jMMxjxnhVxG/4kbg+G87
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:27:51 2026 by rpki-client