Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa
File: f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa (raw, json)
Hash identifier: JmNMnlryGBXZfhf4VqXbrfoJmkV3j63Qeg2g6Gs4/Y0=
Subject key identifier: 68:1F:7D:06:8C:9B:C3:14:BB:89:E0:4D:D0:A3:41:F8:E0:A7:BD:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16B99BAA9E17EDA1938487ECACAF4772D9B7A2B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa
Signing time: Sun 17 May 2026 02:10:06 +0000
ROA not before: Sun 17 May 2026 02:10:06 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:b9:9b:aa:9e:17:ed:a1:93:84:87:ec:ac:af:47:72:d9:b7:a2:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:10:06 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=8a4fed2b8248d596e67d77e45ac292b76d9b5837938ee5b67fd19d167d62e512, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:99:17:3f:a2:5b:bd:c3:fd:36:25:1d:25:fb:
08:3f:2f:85:5f:5d:d4:24:41:72:39:69:d2:b0:08:
93:a4:4b:72:7c:1d:35:42:d8:97:b3:55:85:a5:64:
b1:67:cf:fe:d7:25:b0:81:da:da:f5:d6:65:9c:80:
70:f7:cd:a6:d4:f6:fe:d7:7e:8d:ce:92:96:cc:6d:
ea:28:be:4b:0d:cf:c3:63:75:af:cc:b2:f1:91:69:
10:f9:3d:c9:b1:f8:5c:d7:7a:7a:52:3f:e3:ba:c6:
c5:99:e4:ec:37:f1:a6:9c:61:f8:5b:f7:15:08:64:
7a:ff:c8:6d:16:1d:55:d1:c1:78:25:6a:4c:34:c0:
2d:24:fd:b9:28:bd:57:30:28:c8:f4:f8:9b:43:97:
92:51:5e:bf:37:3f:00:d2:e3:27:22:4b:f1:96:48:
22:0f:ca:0b:85:fd:6d:8f:1c:8a:28:a3:96:eb:eb:
5e:bf:4f:58:71:30:a8:41:9a:46:21:c9:0e:ba:3d:
28:94:a6:d6:2c:3e:cc:c5:b3:df:95:af:e4:ee:4b:
92:0c:53:28:e5:a4:27:75:02:68:a7:55:4c:8f:90:
75:05:cd:5f:a2:f0:81:db:a5:92:b0:66:e1:45:5f:
b0:a1:cc:4f:6e:9e:08:45:43:63:29:1f:df:5e:6f:
76:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:1F:7D:06:8C:9B:C3:14:BB:89:E0:4D:D0:A3:41:F8:E0:A7:BD:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f231f7ae-7dbf-4dbb-8f7a-91b4103218aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
48:bb:05:63:28:78:69:32:cd:37:ea:80:e7:00:d7:4a:a8:2c:
38:4d:82:91:76:c5:7d:b8:61:bc:ae:b7:64:20:f2:b7:bc:17:
18:0b:c1:c6:73:ac:5d:58:ae:80:f9:1f:f7:e1:0d:24:c6:77:
c2:8d:ce:ad:36:90:ad:9f:3d:c1:4d:08:d5:2e:33:7f:79:b7:
4a:3a:51:b3:8c:3d:74:26:37:4c:e8:66:78:33:db:ce:b7:13:
c1:13:8d:19:fd:ac:3a:ef:5e:cb:74:e4:33:dd:f6:b8:d9:79:
a5:e0:08:2e:39:38:af:07:bb:52:13:ff:3d:9b:7c:59:4a:ca:
61:5f:e1:ca:1e:de:18:e0:e0:69:3b:bc:57:e2:37:65:c4:ac:
ac:66:23:7c:b0:2d:1c:47:13:9a:95:dc:13:f8:b8:6f:ee:3f:
30:c0:2e:cf:9c:53:47:64:e4:3c:37:68:10:e8:bb:f6:d3:c0:
7a:f8:9c:8c:fd:36:e7:cf:1f:17:5a:33:27:be:e3:a1:7e:3e:
e7:f6:f7:67:fd:1e:aa:ae:f7:bb:3d:de:81:b0:58:72:7d:c6:
6c:cd:db:cd:11:ce:a5:2b:a5:e5:81:a4:81:d9:70:86:e3:ba:
7e:f5:cc:8c:7d:9a:cd:b4:09:dc:ad:17:ff:94:9c:26:a1:25:
15:cb:7b:9f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFrmbqp4X7aGThIfsrK9Hctm3orgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjEwMDZaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhNGZlZDJiODI0OGQ1OTZlNjdkNzdlNDVhYzI5MmI3NmQ5YjU4Mzc5Mzhl
ZTViNjdmZDE5ZDE2N2Q2MmU1MTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6ZFz+iW73D/TYlHSX7CD8vhV9d1CRBcjlp0rAIk6RLcnwdNULYl7NVhaVk
sWfP/tclsIHa2vXWZZyAcPfNptT2/td+jc6Slsxt6ii+Sw3Pw2N1r8yy8ZFpEPk9
ybH4XNd6elI/47rGxZnk7Dfxppxh+Fv3FQhkev/IbRYdVdHBeCVqTDTALST9uSi9
VzAoyPT4m0OXklFevzc/ANLjJyJL8ZZIIg/KC4X9bY8ciiijluvrXr9PWHEwqEGa
RiHJDro9KJSm1iw+zMWz35Wv5O5LkgxTKOWkJ3UCaKdVTI+QdQXNX6LwgdulkrBm
4UVfsKHMT26eCEVDYykf315vdpcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRoH30G
jJvDFLuJ4E3Qo0H44Ke9iDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjIzMWY3YWUtN2RiZi00ZGJiLThmN2EtOTFiNDEwMzIxOGFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
wDANBgkqhkiG9w0BAQsFAAOCAQEASLsFYyh4aTLNN+qA5wDXSqgsOE2CkXbFfbhh
vK63ZCDyt7wXGAvBxnOsXViugPkf9+ENJMZ3wo3OrTaQrZ89wU0I1S4zf3m3SjpR
s4w9dCY3TOhmeDPbzrcTwRONGf2sOu9ey3TkM932uNl5peAILjk4rwe7UhP/PZt8
WUrKYV/hyh7eGODgaTu8V+I3ZcSsrGYjfLAtHEcTmpXcE/i4b+4/MMAuz5xTR2Tk
PDdoEOi79tPAevicjP02588fF1ozJ77joX4+5/b3Z/0eqq73uz3egbBYcn3GbM3b
zRHOpSul5YGkgdlwhuO6fvXMjH2azbQJ3K0X/5ScJqElFct7nw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:05 2026 by rpki-client