Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
File: eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa (raw, json)
Hash identifier: laho1lh79bQaAtM9VfxEKthEAFBtazgISeGgyXkqpbs=
Subject key identifier: F8:AB:85:45:C9:60:B0:8A:66:32:D2:67:A8:52:ED:C9:B3:19:22:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72A88DDC2916884761EB4FABE6DFB5766AE98973
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
Signing time: Sat 28 Feb 2026 06:00:51 +0000
ROA not before: Sat 28 Feb 2026 06:00:51 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:a8:8d:dc:29:16:88:47:61:eb:4f:ab:e6:df:b5:76:6a:e9:89:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:00:51 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=bb7950f0ebc6b54534efb105c1ad277b9c60afbfd6e4bd6958a67f4366876604, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:32:04:a0:f7:12:f9:e5:cb:ad:a7:01:c9:66:
80:53:15:06:24:df:2b:1f:79:65:fc:e5:b1:98:e3:
16:7f:29:f2:2f:a0:7c:15:ac:98:2f:85:40:b7:24:
fa:c1:74:1f:0c:81:95:b3:be:b0:18:20:b9:89:c5:
24:7a:a7:fe:63:99:6b:da:9b:cf:39:78:b8:32:6c:
4e:ae:69:bb:3d:c6:2a:bf:52:a9:f9:9f:f1:dc:b5:
51:57:cf:10:87:b0:7e:ff:04:18:c8:4b:52:51:a2:
a4:84:5b:1c:b8:ee:a2:b7:26:d0:56:7e:79:31:29:
d6:4c:21:0a:28:7f:da:4c:6e:a1:cf:2e:4f:1f:6b:
31:81:dc:21:34:03:e5:c6:1f:6d:ee:71:ee:6c:68:
87:bb:59:cf:2c:04:c9:fd:ea:92:4d:20:94:ff:1c:
9a:27:73:fe:c2:1b:ac:b8:0b:40:b8:3f:9d:c4:ec:
b7:15:a9:9d:eb:cc:6a:9c:fc:77:b5:be:fa:69:d8:
32:a2:59:16:6f:1e:a1:7d:19:89:01:f8:15:ad:9f:
3d:3b:0c:b8:13:40:a1:e5:90:59:a2:e8:b6:03:c7:
b5:87:7b:90:13:11:52:e1:94:60:e3:ec:3b:4e:b8:
61:ca:67:d1:c2:8b:96:bc:c0:51:e7:9b:ca:84:0e:
2a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AB:85:45:C9:60:B0:8A:66:32:D2:67:A8:52:ED:C9:B3:19:22:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4040::/48
Signature Algorithm: sha256WithRSAEncryption
80:84:28:b4:c1:4b:f6:f8:d5:6e:b0:27:a8:23:42:18:52:fb:
3b:52:0c:c3:7d:af:22:1e:67:05:c3:ee:1a:fc:b4:42:c3:7f:
89:38:99:e6:32:b9:82:1b:4d:f2:d6:e8:84:22:e8:b9:be:14:
cc:58:2f:56:92:b5:b6:61:38:02:37:15:5b:07:e8:5a:76:60:
c1:c4:18:30:39:f1:eb:f5:b1:d4:5b:77:67:74:1f:9a:b0:c0:
92:45:54:09:dd:0e:5a:75:63:68:d2:72:8d:35:85:fb:33:ce:
97:c9:55:51:e4:d0:a1:8f:04:f9:ba:fe:be:0c:ae:c4:23:86:
99:5a:2c:69:db:44:4c:4c:b1:c8:f0:c6:01:f0:33:3b:66:36:
5b:26:5e:83:4f:04:92:df:6f:02:5a:80:54:a8:0b:e6:1a:46:
26:2c:8f:a3:e7:57:ee:a9:86:95:7e:e2:d6:97:e7:f3:1a:16:
2b:dd:3b:e5:58:fd:1f:0b:19:84:18:db:f2:d5:5d:2f:30:10:
b2:1b:52:a5:db:ff:48:ec:1c:c0:d4:3f:75:f9:d9:41:d1:64:
d3:02:03:41:fb:c7:53:85:06:72:75:97:7e:42:15:ac:d7:d3:
e2:3c:c1:86:47:1b:67:82:a1:8a:0d:b0:0f:03:88:32:2f:07:
f7:f2:f7:bc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcqiN3CkWiEdh60+r5t+1dmrpiXMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjAwNTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiNzk1MGYwZWJjNmI1NDUzNGVmYjEwNWMxYWQyNzdiOWM2MGFmYmZkNmU0
YmQ2OTU4YTY3ZjQzNjY4NzY2MDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAyBKD3Evnly62nAclmgFMVBiTfKx95ZfzlsZjjFn8p8i+gfBWsmC+FQLck
+sF0HwyBlbO+sBgguYnFJHqn/mOZa9qbzzl4uDJsTq5puz3GKr9Sqfmf8dy1UVfP
EIewfv8EGMhLUlGipIRbHLjuorcm0FZ+eTEp1kwhCih/2kxuoc8uTx9rMYHcITQD
5cYfbe5x7mxoh7tZzywEyf3qkk0glP8cmidz/sIbrLgLQLg/ncTstxWpnevMapz8
d7W++mnYMqJZFm8eoX0ZiQH4Fa2fPTsMuBNAoeWQWaLotgPHtYd7kBMRUuGUYOPs
O064Ycpn0cKLlrzAUeebyoQOKksCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT4q4VF
yWCwimYy0meoUu3JsxkiHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWVkZGRiYmQtMmJiZC00ZTY0LTliMzctZGRkZDMzOTJjZThmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
QDANBgkqhkiG9w0BAQsFAAOCAQEAgIQotMFL9vjVbrAnqCNCGFL7O1IMw32vIh5n
BcPuGvy0QsN/iTiZ5jK5ghtN8tbohCLoub4UzFgvVpK1tmE4AjcVWwfoWnZgwcQY
MDnx6/Wx1Ft3Z3QfmrDAkkVUCd0OWnVjaNJyjTWF+zPOl8lVUeTQoY8E+br+vgyu
xCOGmVosadtETEyxyPDGAfAzO2Y2WyZeg08Ekt9vAlqAVKgL5hpGJiyPo+dX7qmG
lX7i1pfn8xoWK9075Vj9HwsZhBjb8tVdLzAQshtSpdv/SOwcwNQ/dfnZQdFk0wID
QfvHU4UGcnWXfkIVrNfT4jzBhkcbZ4Khig2wDwOIMi8H9/L3vA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:41:05 2026 by rpki-client