Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
File: f51bf20f-531a-411e-baff-37a38bc29ce9.roa (raw, json)
Hash identifier: Tw6oUd42uH3WBHy11fHOyEx5cmtYKs5ZzKWmFM9dej8=
Subject key identifier: B9:CC:0A:65:6E:4A:EA:A3:97:DA:EC:DE:45:54:45:9F:4D:45:0C:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F03D840B5F4F22536C32ED01E60686B27703FCE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
Signing time: Tue 19 May 2026 05:10:06 +0000
ROA not before: Tue 19 May 2026 05:10:06 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:03:d8:40:b5:f4:f2:25:36:c3:2e:d0:1e:60:68:6b:27:70:3f:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:06 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=7e7140b9c63d67ace907eb2a49a1baf55c08f00a6484b6f84910369b1ac2c2ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ab:cd:5f:5b:ab:e4:60:6c:e1:c0:dc:49:90:
65:54:46:b7:55:06:dc:ab:51:3b:9e:18:41:94:63:
c8:c4:57:f8:a3:52:5a:4a:5c:8d:12:1c:13:ff:de:
49:ae:f9:27:44:3d:13:3d:a9:17:8f:ad:e7:e4:58:
85:39:c5:ca:97:5e:b7:5b:35:47:db:ea:a7:48:0e:
4e:03:e1:8f:2a:bf:1d:d4:a3:dc:7b:cb:5a:5f:f9:
6c:72:91:97:88:cd:db:81:a6:25:57:8f:74:c7:f3:
ab:be:05:3b:ae:9c:82:3d:84:76:88:db:d4:78:c5:
19:94:3c:57:81:66:72:f0:1c:e3:6a:ae:1c:af:f8:
db:52:98:12:c0:32:dc:d3:e4:5e:b4:f6:71:af:65:
50:5b:41:3e:5b:ae:20:ca:93:a3:d0:5c:a8:d6:7a:
27:f0:30:e4:b2:ac:a6:e9:5f:ed:e6:54:4f:7a:85:
3c:9e:ad:f0:ac:d1:8e:95:89:70:bf:01:6e:f7:e0:
7a:82:37:8b:9e:29:ad:36:93:3c:a2:0b:a9:f2:a7:
1a:0b:8f:f7:a2:91:bd:e6:78:fa:a8:b4:a7:27:ff:
da:f0:6a:0a:be:40:48:0b:67:15:c4:cf:b8:66:40:
65:63:c1:3b:f9:e3:42:71:32:eb:e1:13:d3:69:60:
7b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:CC:0A:65:6E:4A:EA:A3:97:DA:EC:DE:45:54:45:9F:4D:45:0C:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8020::/48
Signature Algorithm: sha256WithRSAEncryption
68:a9:a9:17:70:f2:6e:9c:ef:6a:c8:31:a5:84:d0:55:3b:00:
85:f5:7a:40:06:ca:cb:1b:eb:05:29:51:52:94:1a:c1:0a:b1:
6f:53:e5:13:3a:17:00:02:fc:a4:67:45:8c:cb:93:fb:aa:99:
7d:27:57:8d:2a:61:09:41:9b:df:6c:8a:3e:01:36:d5:2a:74:
67:b0:b0:ba:22:3d:0e:a9:24:6a:83:03:7a:a5:7a:f0:93:8c:
4e:bb:bc:4a:05:87:0d:73:be:0e:c2:ca:47:07:4f:42:41:58:
92:9f:e9:02:7c:d6:2d:16:16:b6:18:7a:88:05:d7:f6:a9:b9:
ff:6c:d4:ee:24:d9:e6:54:ef:72:78:ff:40:4c:4c:13:25:58:
2b:7e:eb:eb:f2:b3:71:de:3f:b2:d7:7c:9b:f1:5c:57:60:02:
2b:c7:d2:2a:01:37:b8:9a:c2:8f:0f:4b:86:04:a4:5a:bc:96:
9e:35:8b:70:fb:d9:04:bf:0b:b8:4f:ef:a0:ae:12:9f:53:d3:
74:df:f3:48:c4:00:77:b2:c0:2d:15:0c:d4:2d:22:56:65:3a:
d3:4d:1a:2d:70:3b:c0:e3:e5:62:80:be:02:23:2f:6f:ba:c9:
ef:d4:20:4f:82:55:32:e6:a3:bf:b6:fd:72:6e:b2:c4:29:14:
e3:ca:c8:25
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXwPYQLX08iU2wy7QHmBoaydwP84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwMDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlNzE0MGI5YzYzZDY3YWNlOTA3ZWIyYTQ5YTFiYWY1NWMwOGYwMGE2NDg0
YjZmODQ5MTAzNjliMWFjMmMyZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIurzV9bq+RgbOHA3EmQZVRGt1UG3KtRO54YQZRjyMRX+KNSWkpcjRIcE//e
Sa75J0Q9Ez2pF4+t5+RYhTnFypdet1s1R9vqp0gOTgPhjyq/HdSj3HvLWl/5bHKR
l4jN24GmJVePdMfzq74FO66cgj2Edojb1HjFGZQ8V4FmcvAc42quHK/421KYEsAy
3NPkXrT2ca9lUFtBPluuIMqTo9BcqNZ6J/Aw5LKspulf7eZUT3qFPJ6t8KzRjpWJ
cL8BbvfgeoI3i54prTaTPKILqfKnGguP96KRveZ4+qi0pyf/2vBqCr5ASAtnFcTP
uGZAZWPBO/njQnEy6+ET02lge0MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS5zApl
bkrqo5fa7N5FVEWfTUUM0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjUxYmYyMGYtNTMxYS00MTFlLWJhZmYtMzdhMzhiYzI5Y2U5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
IDANBgkqhkiG9w0BAQsFAAOCAQEAaKmpF3DybpzvasgxpYTQVTsAhfV6QAbKyxvr
BSlRUpQawQqxb1PlEzoXAAL8pGdFjMuT+6qZfSdXjSphCUGb32yKPgE21Sp0Z7Cw
uiI9DqkkaoMDeqV68JOMTru8SgWHDXO+DsLKRwdPQkFYkp/pAnzWLRYWthh6iAXX
9qm5/2zU7iTZ5lTvcnj/QExMEyVYK37r6/Kzcd4/std8m/FcV2ACK8fSKgE3uJrC
jw9LhgSkWryWnjWLcPvZBL8LuE/voK4Sn1PTdN/zSMQAd7LALRUM1C0iVmU6000a
LXA7wOPlYoC+AiMvb7rJ79QgT4JVMuajv7b9cm6yxCkU48rIJQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:53 2026 by rpki-client