Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea31a166-ce12-4108-9868-894ac9df0e65.roa
File: ea31a166-ce12-4108-9868-894ac9df0e65.roa (raw, json)
Hash identifier: cbbb2KBwTs/6vMp3MHeXrcKK8KSyRvbzsirFSsQ6Wv4=
Subject key identifier: 35:DE:16:C4:3E:D4:B8:E3:86:65:01:63:68:9B:93:93:9B:81:35:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 31E784128BDD3151048617E6C48F5A9FCE250B45
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea31a166-ce12-4108-9868-894ac9df0e65.roa
Signing time: Tue 19 May 2026 04:50:05 +0000
ROA not before: Tue 19 May 2026 04:50:05 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:b080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:e7:84:12:8b:dd:31:51:04:86:17:e6:c4:8f:5a:9f:ce:25:0b:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:05 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=646f3eb0bed8d2819cc8efdb6da76af5ce2990e2798b5a1c377634945115e0c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:08:91:78:3a:c9:2a:98:8a:91:2d:37:24:4f:
9e:8d:18:ac:3c:62:1c:ef:4b:e9:29:af:0a:74:d5:
20:83:46:a4:c4:e8:4b:ce:36:3c:98:ae:e1:90:e0:
1b:d4:69:49:30:2e:5f:21:a0:a5:3e:33:a6:c0:78:
59:a7:c7:fe:c4:68:99:2d:3b:94:b5:96:b6:df:cc:
8b:db:e2:ed:70:62:da:81:1a:28:b5:eb:66:61:9b:
6e:21:f3:2f:50:04:5d:00:57:e5:70:75:64:de:95:
bb:47:b4:3a:ce:f6:ad:6c:5e:42:17:a6:00:8f:d8:
6b:8e:a6:ba:7a:8e:96:6d:74:e1:6c:97:66:3c:8c:
e8:fe:50:7a:42:61:0b:7a:6f:80:36:24:88:5a:b9:
7c:ed:3f:80:21:81:b0:33:73:e0:40:53:b8:a1:00:
67:55:42:4e:a9:c6:43:a0:86:47:f7:6d:ce:97:18:
c1:dc:4e:ca:a0:a8:6f:8c:55:90:c2:70:dd:6d:21:
7a:9f:cb:aa:60:e9:76:9e:c5:90:7a:bd:a7:db:2d:
d4:bd:b0:e2:37:ae:c3:40:7b:01:2f:a1:f1:d3:c9:
bd:27:33:89:55:1d:f1:8b:ac:b9:39:e2:b9:6a:e7:
81:3e:00:45:31:58:71:37:40:d9:1b:b6:4d:2e:a7:
60:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DE:16:C4:3E:D4:B8:E3:86:65:01:63:68:9B:93:93:9B:81:35:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea31a166-ce12-4108-9868-894ac9df0e65.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:b080::/48
Signature Algorithm: sha256WithRSAEncryption
6b:e1:82:5c:32:9b:58:1c:e4:57:ee:e6:2e:fd:53:f4:9b:4c:
b8:da:46:2a:14:c9:02:26:a5:b6:f9:d6:e5:cf:18:30:ea:7e:
5c:5d:88:8d:bb:ea:ba:10:bf:3d:bd:b5:84:b1:92:9f:c5:b7:
3a:93:2b:b5:3b:73:7b:2a:ad:54:55:ee:07:fa:30:0e:b9:84:
c7:9a:5a:6a:70:bb:f9:41:c7:ed:8c:d0:ce:c4:a6:aa:0c:9a:
7a:89:68:5c:73:90:29:be:bb:3b:cf:2a:88:d0:97:ee:a8:e5:
45:b2:b1:a6:eb:db:e5:ad:be:92:26:94:11:ad:d9:b6:b3:4e:
d2:d8:7c:17:84:74:ab:ea:68:6e:3d:cc:6d:59:7a:af:e2:d9:
63:c9:7f:36:17:44:73:4e:01:ec:ee:6e:f3:cf:37:62:bb:3e:
24:9e:07:e1:2f:9c:1e:6a:cd:84:7c:30:b8:e2:d5:bc:5f:a9:
cc:e8:1d:10:ac:4d:1d:9d:aa:0c:f2:64:0a:8c:0e:ae:d8:65:
df:97:8d:d6:54:07:a0:33:d4:88:98:e3:9a:ea:80:a9:cb:91:
ee:f8:11:52:00:d2:61:be:66:15:a7:43:96:cd:97:47:50:0b:
bc:e6:5a:99:25:9e:a7:d3:92:dd:17:7d:d2:91:80:3f:f5:bd:
b3:5e:5b:59
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMeeEEovdMVEEhhfmxI9an84lC0UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMDVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0NmYzZWIwYmVkOGQyODE5Y2M4ZWZkYjZkYTc2YWY1Y2UyOTkwZTI3OThi
NWExYzM3NzYzNDk0NTExNWUwYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIwIkXg6ySqYipEtNyRPno0YrDxiHO9L6SmvCnTVIINGpMToS842PJiu4ZDg
G9RpSTAuXyGgpT4zpsB4WafH/sRomS07lLWWtt/Mi9vi7XBi2oEaKLXrZmGbbiHz
L1AEXQBX5XB1ZN6Vu0e0Os72rWxeQhemAI/Ya46munqOlm104WyXZjyM6P5QekJh
C3pvgDYkiFq5fO0/gCGBsDNz4EBTuKEAZ1VCTqnGQ6CGR/dtzpcYwdxOyqCob4xV
kMJw3W0hep/LqmDpdp7FkHq9p9st1L2w4jeuw0B7AS+h8dPJvScziVUd8YusuTni
uWrngT4ARTFYcTdA2Ru2TS6nYKUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ13hbE
PtS444ZlAWNom5OTm4E17TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWEzMWExNjYtY2UxMi00MTA4LTk4NjgtODk0YWM5ZGYwZTY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+w
gDANBgkqhkiG9w0BAQsFAAOCAQEAa+GCXDKbWBzkV+7mLv1T9JtMuNpGKhTJAial
tvnW5c8YMOp+XF2IjbvquhC/Pb21hLGSn8W3OpMrtTtzeyqtVFXuB/owDrmEx5pa
anC7+UHH7YzQzsSmqgyaeoloXHOQKb67O88qiNCX7qjlRbKxpuvb5a2+kiaUEa3Z
trNO0th8F4R0q+pobj3MbVl6r+LZY8l/NhdEc04B7O5u8883Yrs+JJ4H4S+cHmrN
hHwwuOLVvF+pzOgdEKxNHZ2qDPJkCowOrthl35eN1lQHoDPUiJjjmuqAqcuR7vgR
UgDSYb5mFadDls2XR1ALvOZamSWep9OS3Rd90pGAP/W9s15bWQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:35:37 2026 by rpki-client