Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
File: e234d9fb-5639-4264-99c1-35b39c1e56b5.roa (raw, json)
Hash identifier: supOZQXquHIUZVjBoVEJXsv3z0Klg37bHQX4gs24oIY=
Subject key identifier: FC:94:7D:90:98:06:70:60:E0:42:38:D8:1F:7A:D4:64:A0:D8:40:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F1F3EDACBCD66DE260341D21206BF52239BD4A4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
Signing time: Tue 19 May 2026 05:00:40 +0000
ROA not before: Tue 19 May 2026 05:00:40 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:1f:3e:da:cb:cd:66:de:26:03:41:d2:12:06:bf:52:23:9b:d4:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:40 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f434552a3de79ec5496a34c1ec239dcecd7ef2679b8bec3c4f0c4dda90d39ebb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:87:f0:43:72:c9:15:6e:9b:3b:9a:40:94:18:
9e:2a:22:50:d9:0f:15:58:7b:13:27:02:6d:d2:22:
2f:1f:00:31:32:48:9e:6f:9f:1c:b4:9e:d9:95:ec:
38:d3:1f:08:d5:00:ef:0c:43:b1:eb:0b:d8:53:3e:
ae:dd:b3:e7:9d:a8:84:c9:e0:b5:ad:da:74:d4:c2:
0f:69:b0:02:f0:b6:7d:96:86:65:25:00:68:b3:f8:
5d:6d:a6:57:d7:9f:cf:6e:23:fb:be:b2:b4:90:ef:
66:eb:ca:c5:c0:26:6d:7b:a6:bc:7e:a3:50:89:ef:
d9:2c:92:ac:e6:36:b3:e4:33:7b:e8:eb:bf:71:e0:
1c:c6:c0:f2:de:a5:a1:87:11:9e:bd:ce:6b:7d:dd:
ac:c8:99:2e:e8:29:04:a9:69:d7:f7:b7:17:a7:61:
c8:b5:cb:5c:8c:61:fc:57:06:fe:fb:aa:c9:67:4f:
45:c5:75:45:55:bf:1b:be:bd:f6:06:0f:36:d9:2f:
00:9d:11:b6:bc:b1:bf:7f:73:fa:63:50:29:1c:e5:
de:8c:a7:e4:3c:65:52:e8:f9:55:42:cd:1b:a9:c4:
6f:4d:6a:12:8f:3f:7e:7f:d1:2d:33:d3:17:2a:d4:
70:6e:6e:51:bf:93:33:af:94:ab:55:36:f4:2d:15:
af:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:94:7D:90:98:06:70:60:E0:42:38:D8:1F:7A:D4:64:A0:D8:40:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
2f:46:8f:e2:87:f0:f2:1a:b0:b3:21:d5:de:cf:29:de:dd:5b:
23:fb:05:79:46:2d:d1:58:01:c5:08:01:92:1f:b8:64:85:8c:
96:3a:a5:74:b3:de:51:c2:06:49:fe:0b:ed:bd:c6:62:bd:71:
db:53:b3:98:8d:46:98:4d:3d:1d:2f:5c:c9:d2:14:4d:1c:38:
d5:11:df:02:66:ef:46:10:f7:72:a9:89:88:47:69:18:f4:ea:
3c:55:17:01:2d:b7:36:2c:3a:2a:52:69:ad:2f:ef:0f:80:60:
06:d7:40:a6:a4:df:4b:e8:b7:0f:69:42:1f:56:a1:60:7c:dd:
94:3b:82:40:65:99:64:4d:72:f6:7b:ae:73:55:a5:6f:22:70:
b6:96:16:53:47:06:e7:56:51:54:fe:5c:a5:fa:5e:9f:bd:22:
a4:22:29:0e:d1:b2:10:6a:9d:4c:68:fd:cd:c8:eb:af:43:02:
3e:da:53:38:b6:33:8b:57:38:c7:0f:b7:54:cc:f9:42:1d:94:
17:e8:f2:84:ac:33:f9:b5:89:b4:58:b9:6b:09:ba:d8:01:ee:
a5:e1:c9:85:78:82:e1:33:d9:36:d3:57:16:25:72:0d:71:cd:
38:11:c1:30:a5:b2:25:64:5d:f0:2d:fb:ab:90:d4:5e:5a:25:
b9:94:2c:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTx8+2svNZt4mA0HSEga/UiOb1KQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwNDBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0MzQ1NTJhM2RlNzllYzU0OTZhMzRjMWVjMjM5ZGNlY2Q3ZWYyNjc5Yjhi
ZWMzYzRmMGM0ZGRhOTBkMzllYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSH8ENyyRVumzuaQJQYnioiUNkPFVh7EycCbdIiLx8AMTJInm+fHLSe2ZXs
ONMfCNUA7wxDsesL2FM+rt2z552ohMngta3adNTCD2mwAvC2fZaGZSUAaLP4XW2m
V9efz24j+76ytJDvZuvKxcAmbXumvH6jUInv2SySrOY2s+Qze+jrv3HgHMbA8t6l
oYcRnr3Oa33drMiZLugpBKlp1/e3F6dhyLXLXIxh/FcG/vuqyWdPRcV1RVW/G769
9gYPNtkvAJ0Rtryxv39z+mNQKRzl3oyn5DxlUuj5VULNG6nEb01qEo8/fn/RLTPT
FyrUcG5uUb+TM6+Uq1U29C0Vr5cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT8lH2Q
mAZwYOBCONgfetRkoNhAozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTIzNGQ5ZmItNTYzOS00MjY0LTk5YzEtMzViMzljMWU1NmI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8g
MA0GCSqGSIb3DQEBCwUAA4IBAQAvRo/ih/DyGrCzIdXezyne3Vsj+wV5Ri3RWAHF
CAGSH7hkhYyWOqV0s95RwgZJ/gvtvcZivXHbU7OYjUaYTT0dL1zJ0hRNHDjVEd8C
Zu9GEPdyqYmIR2kY9Oo8VRcBLbc2LDoqUmmtL+8PgGAG10CmpN9L6LcPaUIfVqFg
fN2UO4JAZZlkTXL2e65zVaVvInC2lhZTRwbnVlFU/lyl+l6fvSKkIikO0bIQap1M
aP3NyOuvQwI+2lM4tjOLVzjHD7dUzPlCHZQX6PKErDP5tYm0WLlrCbrYAe6l4cmF
eILhM9k201cWJXINcc04EcEwpbIlZF3wLfurkNReWiW5lCyO
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:42:34 2026 by rpki-client