Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
File: f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa (raw, json)
Hash identifier: zg6ob39rPGaHrmuxnrIFdU6xym0CqTkcfSf5kma6aBM=
Subject key identifier: CA:C0:C8:72:CA:15:2A:ED:40:99:62:7C:87:E4:D5:7F:C7:EF:B7:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38CBFDF6BBA3C0DA6864F786DD2712FC5FEB6E52
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
Signing time: Fri 20 Feb 2026 01:50:55 +0000
ROA not before: Fri 20 Feb 2026 01:50:55 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:cb:fd:f6:bb:a3:c0:da:68:64:f7:86:dd:27:12:fc:5f:eb:6e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:55 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=3c555bc51fe321d843f99ae9130d8fec165cda475d21d2c9e9dd9601f8c45bec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c4:b4:2f:b2:2a:1d:74:91:cf:a6:b2:6e:03:
59:c9:19:74:7e:18:64:10:bb:1e:38:53:50:7c:e9:
58:db:43:a9:24:2f:a4:c9:9e:bd:0a:08:8b:8d:7a:
0e:4d:b7:b5:13:8d:27:5e:24:dd:cf:7a:05:5a:31:
71:60:8d:ed:56:17:21:37:8b:7b:f9:4b:a8:57:73:
69:79:d5:0a:ca:0d:96:9c:d9:8b:5e:96:60:3d:d2:
9b:a9:16:d7:af:99:f7:16:8f:ac:ff:31:69:4f:f1:
c6:42:7b:e4:45:06:4c:7d:76:10:cf:1c:39:bb:0e:
75:30:f7:6a:75:0a:7d:fd:1c:de:1a:bc:53:51:86:
49:35:4a:94:e1:ae:10:ac:9f:44:b8:26:a0:0a:de:
9b:9a:ef:8f:6d:9f:ab:2f:c0:81:77:93:1e:b4:19:
16:20:65:22:3b:af:c2:f7:14:9b:fc:d9:70:43:52:
67:55:53:9f:f6:3c:8b:a0:83:13:64:e9:f1:87:61:
5e:3f:44:64:27:ce:c1:f6:03:b9:3e:33:fa:9c:bc:
35:88:b5:58:18:b7:e0:ad:48:a6:d9:c5:a3:50:f6:
e0:46:43:77:f2:26:77:0d:1f:33:77:b4:12:c9:eb:
52:8f:85:9d:e6:14:3f:37:2f:fc:6d:b4:5c:40:d5:
87:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C0:C8:72:CA:15:2A:ED:40:99:62:7C:87:E4:D5:7F:C7:EF:B7:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
24:a7:e9:6a:ed:0d:2c:23:7e:f9:86:0c:84:d2:20:33:fa:bb:
2d:73:47:30:cc:16:c4:d9:11:ed:be:24:5c:16:18:b8:17:6a:
f4:12:15:98:05:f7:41:0f:18:e1:5f:59:4a:a7:22:33:24:44:
51:05:74:29:8a:48:34:73:3b:3e:30:aa:41:20:6b:73:0f:8e:
25:9c:8a:4c:46:19:ad:7f:c1:98:5c:3b:c6:e1:63:4c:22:97:
6e:76:b8:76:a2:4a:61:d3:0c:f2:ff:a4:32:31:e6:9e:f2:f5:
da:0a:71:fd:38:e4:7b:f3:0e:83:44:7f:dc:89:41:bf:9e:c8:
ba:dd:c9:6f:18:67:be:65:59:a5:9d:45:f7:5b:a8:b2:2a:20:
64:03:32:1a:3a:f8:b5:e8:f5:21:6b:45:5d:70:1a:14:b9:7f:
ee:c0:81:86:6b:83:35:b3:f4:d3:16:7c:ac:ef:32:d8:45:20:
9b:8f:c0:43:2e:dc:b6:9c:d5:04:0d:7d:2a:2a:d7:5e:d9:2c:
65:8c:83:e5:02:cc:51:63:19:ae:87:ad:8d:6e:76:42:2c:f4:
0c:a3:03:f4:aa:bc:f9:45:59:04:5f:ec:5c:ea:0d:be:7d:77:
aa:e5:13:8f:40:1a:58:ab:9e:02:09:4c:09:79:14:13:e9:26:
c8:b3:bf:80
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOMv99rujwNpoZPeG3ScS/F/rblIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwNTVaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjNTU1YmM1MWZlMzIxZDg0M2Y5OWFlOTEzMGQ4ZmVjMTY1Y2RhNDc1ZDIx
ZDJjOWU5ZGQ5NjAxZjhjNDViZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM3EtC+yKh10kc+msm4DWckZdH4YZBC7HjhTUHzpWNtDqSQvpMmevQoIi416
Dk23tRONJ14k3c96BVoxcWCN7VYXITeLe/lLqFdzaXnVCsoNlpzZi16WYD3Sm6kW
16+Z9xaPrP8xaU/xxkJ75EUGTH12EM8cObsOdTD3anUKff0c3hq8U1GGSTVKlOGu
EKyfRLgmoArem5rvj22fqy/AgXeTHrQZFiBlIjuvwvcUm/zZcENSZ1VTn/Y8i6CD
E2Tp8YdhXj9EZCfOwfYDuT4z+py8NYi1WBi34K1IptnFo1D24EZDd/Imdw0fM3e0
EsnrUo+FneYUPzcv/G20XEDVh7sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKwMhy
yhUq7UCZYnyH5NV/x++3/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdjMTRjYjMtMjRkNS00ODkwLTg4ODktY2I3YzI2MzM4YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQAkp+lq7Q0sI375hgyE0iAz+rstc0cwzBbE2RHt
viRcFhi4F2r0EhWYBfdBDxjhX1lKpyIzJERRBXQpikg0czs+MKpBIGtzD44lnIpM
Rhmtf8GYXDvG4WNMIpdudrh2okph0wzy/6QyMeae8vXaCnH9OOR78w6DRH/ciUG/
nsi63clvGGe+ZVmlnUX3W6iyKiBkAzIaOvi16PUha0VdcBoUuX/uwIGGa4M1s/TT
Fnys7zLYRSCbj8BDLty2nNUEDX0qKtde2SxljIPlAsxRYxmuh62NbnZCLPQMowP0
qrz5RVkEX+xc6g2+fXeq5ROPQBpYq54CCUwJeRQT6SbIs7+A
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:38:23 2026 by rpki-client