Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa
File: df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa (raw, json)
Hash identifier: 2IwsPbQYyoqyK/nn5JtMMt4KCVbEjvQyHWPoPxSXJVM=
Subject key identifier: A8:EA:6E:20:71:95:91:5A:E9:BE:88:1C:22:BE:95:BE:41:BC:B0:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F500156A17B3481D6371355D56B2BC2486347D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa
Signing time: Sat 28 Feb 2026 06:10:47 +0000
ROA not before: Sat 28 Feb 2026 06:10:47 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:50:01:56:a1:7b:34:81:d6:37:13:55:d5:6b:2b:c2:48:63:47:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:10:47 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=cc9919337bb00de8cbda44c316b72ec50f487f28a85de596eb5af967ed6da9f7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1d:c1:d5:1e:46:b6:39:3e:21:49:59:89:80:
b0:17:8c:ec:45:5f:3f:7b:c5:56:5f:6c:1a:c8:aa:
d1:55:85:19:8c:54:26:19:37:ec:c4:11:c0:9a:e3:
e6:eb:4f:15:43:8b:6d:20:87:c3:6e:47:1b:d7:67:
22:bc:85:52:ed:d9:b6:cc:a9:2f:61:30:17:89:51:
90:d0:a8:8e:86:0f:b5:0c:42:6c:d1:47:f8:40:15:
a1:b8:a1:81:36:70:56:f0:7d:c2:4a:10:0f:71:7b:
3b:b0:a5:27:33:7d:9e:dc:c3:dd:f0:0d:77:95:ae:
b7:65:cb:b5:df:fc:a5:88:b3:59:03:1c:2c:27:d7:
70:5e:1d:9c:8d:17:cb:88:49:49:35:c4:1d:5e:c1:
c5:c1:9c:ca:0b:72:6a:6a:ab:e6:fc:7d:fc:7e:47:
c3:7e:68:ac:30:8b:8a:ce:ec:92:50:a9:38:ca:f0:
21:5a:4e:e2:7b:f6:de:7c:10:f1:a7:03:fd:03:46:
84:a1:9b:34:37:11:cc:f1:a1:19:c9:78:f7:7c:06:
d6:02:6a:d6:00:b0:78:cd:6f:11:1c:65:0a:f8:e8:
0e:04:74:f5:63:51:39:eb:f8:97:8c:15:cf:f2:bc:
64:56:4a:e5:a8:d2:79:6f:c4:ca:f9:ad:45:1d:39:
0b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:EA:6E:20:71:95:91:5A:E9:BE:88:1C:22:BE:95:BE:41:BC:B0:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:c000::/40
Signature Algorithm: sha256WithRSAEncryption
14:9c:f5:da:59:d6:9c:8f:10:c6:3a:b5:86:fd:9b:2b:3b:e5:
ae:43:d1:26:1e:58:61:67:d5:7c:ee:14:18:2e:a0:ba:97:79:
10:fe:93:44:4c:8f:3e:fd:09:f2:99:80:cc:fe:1a:c7:9c:83:
ed:a4:79:33:92:09:75:9f:3b:20:b6:35:7e:0a:ba:46:85:7c:
e8:92:eb:bf:f3:fc:10:a7:f9:6a:27:84:07:00:e0:d2:23:cc:
d9:fe:34:fa:bd:29:9c:17:71:16:90:e8:b6:24:54:55:e2:55:
7f:8d:cf:87:9c:e8:bf:32:1c:9d:11:67:d4:63:25:fe:2c:16:
67:3b:10:09:e2:dd:74:c2:71:41:a0:f2:bb:63:a3:ba:57:48:
83:ad:84:88:ed:f2:07:83:9e:ef:f5:92:66:16:6c:6f:5b:40:
0b:f7:0c:7f:a6:3e:b1:6e:b2:b4:69:6a:39:72:ea:68:be:ed:
2b:30:cf:fc:ec:94:05:65:67:f3:34:3b:f7:2d:ce:03:0a:ac:
63:3b:1a:62:91:12:cb:15:37:0b:72:20:6a:93:48:67:93:cd:
b5:0a:fd:02:7c:33:94:44:0b:f5:71:44:0b:75:6b:17:b0:fe:
c1:91:4f:53:e5:98:76:6e:e4:3a:56:49:b1:7c:34:c4:9c:a4:
2e:38:a4:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT1ABVqF7NIHWNxNV1WsrwkhjR9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjEwNDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjOTkxOTMzN2JiMDBkZThjYmRhNDRjMzE2YjcyZWM1MGY0ODdmMjhhODVk
ZTU5NmViNWFmOTY3ZWQ2ZGE5ZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcdwdUeRrY5PiFJWYmAsBeM7EVfP3vFVl9sGsiq0VWFGYxUJhk37MQRwJrj
5utPFUOLbSCHw25HG9dnIryFUu3ZtsypL2EwF4lRkNCojoYPtQxCbNFH+EAVobih
gTZwVvB9wkoQD3F7O7ClJzN9ntzD3fANd5Wut2XLtd/8pYizWQMcLCfXcF4dnI0X
y4hJSTXEHV7BxcGcygtyamqr5vx9/H5Hw35orDCLis7sklCpOMrwIVpO4nv23nwQ
8acD/QNGhKGbNDcRzPGhGcl493wG1gJq1gCweM1vERxlCvjoDgR09WNROev4l4wV
z/K8ZFZK5ajSeW/EyvmtRR05C98CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSo6m4g
cZWRWum+iBwivpW+QbywXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGYzOGMwMGItYTZiMy00ZTYzLTlmNjktYjhjMzg1NmViZGY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G3A
MA0GCSqGSIb3DQEBCwUAA4IBAQAUnPXaWdacjxDGOrWG/ZsrO+WuQ9EmHlhhZ9V8
7hQYLqC6l3kQ/pNETI8+/QnymYDM/hrHnIPtpHkzkgl1nzsgtjV+CrpGhXzokuu/
8/wQp/lqJ4QHAODSI8zZ/jT6vSmcF3EWkOi2JFRV4lV/jc+HnOi/MhydEWfUYyX+
LBZnOxAJ4t10wnFBoPK7Y6O6V0iDrYSI7fIHg57v9ZJmFmxvW0AL9wx/pj6xbrK0
aWo5cupovu0rMM/87JQFZWfzNDv3Lc4DCqxjOxpikRLLFTcLciBqk0hnk821Cv0C
fDOURAv1cUQLdWsXsP7BkU9T5Zh2buQ6VkmxfDTEnKQuOKR6
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:30 2026 by rpki-client