Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
File: da8369e9-0146-44b6-865e-0064a4d1ed72.roa (raw, json)
Hash identifier: ON57iAZm4GB93ZTFBdpvklyM6gewVd2T6FoKby5d/ck=
Subject key identifier: DF:94:8F:37:88:61:05:04:B8:EE:E1:B1:02:B6:B6:A6:B2:21:40:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 069F527B27AF4F79D782B39F8E1C7DED2787E783
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
Signing time: Sat 28 Feb 2026 05:20:27 +0000
ROA not before: Sat 28 Feb 2026 05:20:27 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:9f:52:7b:27:af:4f:79:d7:82:b3:9f:8e:1c:7d:ed:27:87:e7:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:20:27 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=56d6a0a6249b6afae3715ea2aa1b364303989d326d355d12b619a29216dff2dd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:68:d9:15:4b:2d:e1:5c:6f:07:cf:12:f7:7a:
4b:f5:99:bf:ff:73:c1:34:99:6d:20:7b:5b:f4:f8:
84:76:a8:de:eb:cd:2f:55:e1:92:ea:2e:66:d5:90:
be:22:ae:cb:d5:2e:d3:fe:aa:18:8f:1b:d3:4f:98:
2d:37:3e:0f:93:92:3b:5d:9a:d9:e5:f5:1c:99:9c:
4a:25:4f:71:d1:88:8b:6d:10:b5:7a:e9:e1:8e:ac:
74:01:ec:f4:0e:dd:77:ed:ff:fd:21:d4:02:f7:51:
30:40:02:10:13:f1:e1:dd:c8:6e:12:b2:8e:9e:86:
31:a7:fb:28:fc:4f:87:e4:cb:9c:54:c9:e8:55:92:
19:c9:92:e6:d1:3b:43:eb:1c:81:d9:7a:90:fb:9b:
9f:46:ec:a2:9b:51:5d:f7:87:9f:20:71:9c:5d:2d:
6c:ce:44:6a:ef:98:3c:ee:c3:c1:79:c6:bf:81:62:
42:c7:0f:e6:a8:5a:74:c8:b0:04:bf:ac:bc:66:32:
49:a0:3f:3e:ed:4d:71:9b:69:52:39:ab:eb:6c:79:
05:9f:ba:03:f1:c1:ca:d3:c9:52:e9:f7:29:fa:73:
d6:9c:22:2f:7d:96:eb:f1:f2:2e:c6:d6:3f:49:72:
a9:92:af:2f:e0:3b:2a:60:5f:b5:77:99:4b:91:91:
7b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:94:8F:37:88:61:05:04:B8:EE:E1:B1:02:B6:B6:A6:B2:21:40:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6000::/40
Signature Algorithm: sha256WithRSAEncryption
99:8b:5e:b8:35:03:50:00:d5:5b:76:21:c3:10:e9:9c:44:6e:
3c:1a:4a:01:cd:3a:ef:dc:6a:be:f1:f8:59:b0:b6:51:d1:e7:
a3:29:f6:0e:f0:6c:9d:b7:84:87:d3:ea:df:d1:c9:bb:92:c5:
dc:d6:2f:d4:d4:1b:eb:71:3a:02:1c:ce:0e:b8:b3:f6:2e:20:
75:10:88:b0:3e:89:ba:5b:c4:3d:18:ac:ab:e4:18:10:a9:20:
5e:8c:31:97:13:6a:61:c2:70:2d:7c:20:8c:c1:85:05:11:cd:
83:72:93:28:fd:31:89:a3:90:50:5a:4d:9d:cd:73:a1:36:e7:
4a:6d:43:d9:0d:fd:f1:d0:d2:5d:69:fa:2e:15:25:bc:44:19:
b7:39:83:6d:63:4a:fa:b6:13:79:53:35:dd:4b:03:5d:96:ef:
07:c2:37:9f:28:51:54:68:49:1e:d6:49:50:f1:82:4f:46:32:
00:ee:00:1f:b2:8c:4e:cb:52:34:b8:3a:36:6e:cf:f4:30:c9:
fe:c1:c5:c1:e5:00:63:1a:eb:e5:86:ac:be:6e:17:25:f2:b1:
ec:a5:99:3c:83:19:f7:9b:16:4e:c8:a7:17:f6:87:72:ee:c0:
8a:66:85:d0:72:c6:15:88:39:1f:4e:36:08:4b:46:1c:d3:22:
45:84:90:0e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBp9SeyevT3nXgrOfjhx97SeH54MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTIwMjdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2ZDZhMGE2MjQ5YjZhZmFlMzcxNWVhMmFhMWIzNjQzMDM5ODlkMzI2ZDM1
NWQxMmI2MTlhMjkyMTZkZmYyZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlo2RVLLeFcbwfPEvd6S/WZv/9zwTSZbSB7W/T4hHao3uvNL1XhkuouZtWQ
viKuy9Uu0/6qGI8b00+YLTc+D5OSO12a2eX1HJmcSiVPcdGIi20QtXrp4Y6sdAHs
9A7dd+3//SHUAvdRMEACEBPx4d3IbhKyjp6GMaf7KPxPh+TLnFTJ6FWSGcmS5tE7
Q+scgdl6kPubn0bsoptRXfeHnyBxnF0tbM5Eau+YPO7DwXnGv4FiQscP5qhadMiw
BL+svGYySaA/Pu1NcZtpUjmr62x5BZ+6A/HBytPJUun3Kfpz1pwiL32W6/HyLsbW
P0lyqZKvL+A7KmBftXeZS5GRe+UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTflI83
iGEFBLju4bECtramsiFAMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGE4MzY5ZTktMDE0Ni00NGI2LTg2NWUtMDA2NGE0ZDFlZDcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFg
MA0GCSqGSIb3DQEBCwUAA4IBAQCZi164NQNQANVbdiHDEOmcRG48GkoBzTrv3Gq+
8fhZsLZR0eejKfYO8Gydt4SH0+rf0cm7ksXc1i/U1BvrcToCHM4OuLP2LiB1EIiw
Pom6W8Q9GKyr5BgQqSBejDGXE2phwnAtfCCMwYUFEc2DcpMo/TGJo5BQWk2dzXOh
NudKbUPZDf3x0NJdafouFSW8RBm3OYNtY0r6thN5UzXdSwNdlu8HwjefKFFUaEke
1klQ8YJPRjIA7gAfsoxOy1I0uDo2bs/0MMn+wcXB5QBjGuvlhqy+bhcl8rHspZk8
gxn3mxZOyKcX9ody7sCKZoXQcsYViDkfTjYIS0Yc0yJFhJAO
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:59:26 2026 by rpki-client