Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
File: decd4459-2e9b-442e-a3bd-6633fdd0250b.roa (raw, json)
Hash identifier: OvSksOkp85IuY3b7csOnRp88A28Mzqwed8HCDhcJg1U=
Subject key identifier: 32:7A:39:4B:69:D2:CF:A3:B0:7C:84:69:F0:DE:5A:03:5C:9E:A2:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2CB98BF7F4E0D72097304504AAEAA19429C0910C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
Signing time: Tue 19 May 2026 05:00:39 +0000
ROA not before: Tue 19 May 2026 05:00:39 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:b9:8b:f7:f4:e0:d7:20:97:30:45:04:aa:ea:a1:94:29:c0:91:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:39 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=a447da4ccd878e7779c014c44dbc851852ba4398d92c6aba647a5d16585206c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3a:cb:cb:25:dd:06:4c:1d:c8:33:b0:39:8f:
e2:38:13:51:21:da:cd:83:8e:e2:41:38:91:5c:2f:
a9:3e:9d:b7:66:f6:fd:c0:f0:ca:28:7b:b3:78:7a:
d6:34:ea:f4:65:e7:c5:36:02:52:48:67:9e:f1:bf:
b1:ec:39:37:b7:00:74:98:b7:a1:ab:c0:91:70:f6:
db:21:28:0f:09:09:5f:ae:8f:0c:f4:d1:75:c4:55:
4a:50:a7:bb:ec:86:89:b5:36:df:05:51:a3:63:07:
bd:d9:34:14:b2:5d:a7:15:e3:45:7d:d0:14:be:0d:
e7:ba:dd:80:ce:c3:34:ee:3a:fc:7d:6e:60:82:20:
a0:db:51:bb:4c:05:34:2f:9e:c3:f0:e2:4e:d8:0b:
dd:6b:9e:72:35:9e:da:37:7e:cd:84:0f:37:77:02:
88:98:0d:1b:fb:0c:80:f9:2c:b2:fc:20:91:db:2d:
7b:22:23:44:41:91:46:50:9d:9d:37:41:79:f4:a0:
10:73:de:ef:30:ff:11:3b:80:7b:cb:45:a8:43:3e:
10:8e:6e:de:d2:96:be:8d:32:47:45:1f:c9:40:61:
cf:14:a0:c2:3c:96:88:4a:ff:5d:08:0b:cf:e4:cf:
c1:5e:90:4b:d5:f8:4f:e4:71:d7:86:fe:66:49:37:
fe:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:7A:39:4B:69:D2:CF:A3:B0:7C:84:69:F0:DE:5A:03:5C:9E:A2:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/decd4459-2e9b-442e-a3bd-6633fdd0250b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a000::/40
Signature Algorithm: sha256WithRSAEncryption
16:8c:c5:c7:49:2f:fa:52:8c:00:e6:2d:1b:28:96:bd:9e:11:
12:fe:4c:1c:ff:94:53:01:e5:4b:5e:aa:0b:33:cf:e2:72:06:
f4:13:dc:a4:de:38:e9:67:7a:b4:c7:7c:68:4b:39:31:0d:a3:
4e:55:63:cf:6b:35:66:b3:f9:f6:44:3c:18:42:7b:fa:2a:6d:
89:77:1a:4e:e3:30:a8:69:55:83:87:59:be:ab:68:d8:ea:0b:
9c:99:ca:c7:99:e9:8e:39:7d:04:19:76:89:e3:b3:f6:57:cc:
5a:33:40:bf:a6:a9:f9:6c:20:bb:65:86:58:df:a8:4a:94:76:
5c:db:f5:a9:ff:80:49:08:d1:f9:f3:8f:d2:8f:a1:36:6d:c8:
44:56:95:95:81:a2:9c:d7:1e:5c:ab:29:dd:eb:7e:39:d2:f8:
4b:ec:d9:70:d7:5a:38:45:76:f4:09:fa:ad:c4:08:6f:29:ed:
8d:62:0a:8d:bd:2d:60:11:3f:0b:26:83:45:9e:28:3b:ba:fc:
21:85:c7:ef:f1:d9:78:df:f1:0c:3e:85:99:84:90:eb:cf:87:
8b:ec:ba:1a:2a:e8:0d:9d:44:42:cc:ce:aa:a8:3e:9e:16:aa:
4d:2e:3f:ec:24:b6:7a:77:c9:59:5d:8b:49:33:39:07:5d:e4:
26:e5:7d:79
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULLmL9/Tg1yCXMEUEquqhlCnAkQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMzlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0NDdkYTRjY2Q4NzhlNzc3OWMwMTRjNDRkYmM4NTE4NTJiYTQzOThkOTJj
NmFiYTY0N2E1ZDE2NTg1MjA2YzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL46y8sl3QZMHcgzsDmP4jgTUSHazYOO4kE4kVwvqT6dt2b2/cDwyih7s3h6
1jTq9GXnxTYCUkhnnvG/sew5N7cAdJi3oavAkXD22yEoDwkJX66PDPTRdcRVSlCn
u+yGibU23wVRo2MHvdk0FLJdpxXjRX3QFL4N57rdgM7DNO46/H1uYIIgoNtRu0wF
NC+ew/DiTtgL3WuecjWe2jd+zYQPN3cCiJgNG/sMgPkssvwgkdsteyIjREGRRlCd
nTdBefSgEHPe7zD/ETuAe8tFqEM+EI5u3tKWvo0yR0UfyUBhzxSgwjyWiEr/XQgL
z+TPwV6QS9X4T+Rx14b+Zkk3/tkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyejlL
adLPo7B8hGnw3loDXJ6i3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVjZDQ0NTktMmU5Yi00NDJlLWEzYmQtNjYzM2ZkZDAyNTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKg
MA0GCSqGSIb3DQEBCwUAA4IBAQAWjMXHSS/6UowA5i0bKJa9nhES/kwc/5RTAeVL
XqoLM8/icgb0E9yk3jjpZ3q0x3xoSzkxDaNOVWPPazVms/n2RDwYQnv6Km2JdxpO
4zCoaVWDh1m+q2jY6gucmcrHmemOOX0EGXaJ47P2V8xaM0C/pqn5bCC7ZYZY36hK
lHZc2/Wp/4BJCNH584/Sj6E2bchEVpWVgaKc1x5cqynd63450vhL7Nlw11o4RXb0
CfqtxAhvKe2NYgqNvS1gET8LJoNFnig7uvwhhcfv8dl43/EMPoWZhJDrz4eL7Loa
KugNnURCzM6qqD6eFqpNLj/sJLZ6d8lZXYtJMzkHXeQm5X15
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:06 2026 by rpki-client