Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa
File: fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa (raw, json)
Hash identifier: yZfd/8ABiY2ttIR57jnA7qbCVcUXUJvoR7m68U8A2RE=
Subject key identifier: 4F:06:D2:AC:29:60:B2:10:C4:40:5E:05:4A:8B:26:1C:61:4B:3E:72
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 384B14EE85F47606979B6701B7155A17A9F1D120
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa
Signing time: Sat 28 Feb 2026 05:30:10 +0000
ROA not before: Sat 28 Feb 2026 05:30:10 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:4b:14:ee:85:f4:76:06:97:9b:67:01:b7:15:5a:17:a9:f1:d1:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:30:10 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=fc3376901b15a5b982def0614adf4ba10d2da9062ee9b639dcf3e1da38f684ce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:19:cf:0c:4b:a4:fc:cb:2e:0e:80:2d:fe:bb:
cd:73:ab:9a:02:9f:0d:9f:b7:03:86:88:ef:41:d0:
05:10:85:41:3f:72:b3:5b:23:31:6a:a4:b2:89:8a:
b1:7a:59:d8:3f:56:9e:cb:a3:13:69:6f:58:22:62:
df:b4:d2:85:81:dc:8b:ed:47:15:de:93:c6:5b:7b:
7b:65:54:f6:40:72:07:9b:bc:6d:66:66:87:bd:12:
fe:fa:d7:29:1f:0e:a8:b7:5c:1c:00:01:d5:4f:1b:
4b:3e:69:d8:c1:36:1e:6d:44:6e:8f:01:06:fb:81:
05:5c:0d:a4:35:a5:fc:44:32:71:f0:0e:5b:de:c4:
01:1c:f4:6d:58:e3:49:9c:48:79:09:a7:d4:b0:ce:
76:44:a6:4d:85:4a:74:36:98:18:66:0e:2d:ad:15:
dc:8d:07:94:26:91:e3:97:5e:95:02:7a:50:c9:9b:
de:b4:25:0b:4a:c7:df:01:e6:bd:32:96:dd:b4:4b:
77:ba:7f:8a:9d:28:00:20:f7:9c:31:a7:59:67:c1:
d5:82:e3:87:ae:e6:7e:fc:1e:41:72:dd:dd:99:96:
54:ee:03:04:83:e5:dd:0f:e7:28:d0:14:d7:3a:5c:
52:94:a6:57:c2:3f:fc:14:f9:0d:f7:7b:12:fd:2b:
ff:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:06:D2:AC:29:60:B2:10:C4:40:5E:05:4A:8B:26:1C:61:4B:3E:72
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4060::/48
Signature Algorithm: sha256WithRSAEncryption
c6:6e:2d:90:b5:23:8c:42:b3:2c:88:05:62:51:93:3a:66:d1:
33:7f:69:ec:11:48:e7:3c:cc:d9:42:aa:bf:4b:ac:49:77:0f:
3c:c3:7c:93:e8:bd:7b:c7:f1:9c:84:ab:71:2b:4d:89:6a:c8:
93:e5:e3:eb:59:e5:bb:89:b7:8a:2f:b6:4d:5b:b4:bb:61:4f:
f0:05:99:d1:aa:81:88:92:6d:9a:33:27:d2:47:d1:43:93:07:
99:a4:ad:0b:d2:5a:13:cb:33:24:56:36:09:05:78:b0:f9:0d:
1a:34:38:9a:fe:3f:82:6c:5d:00:a7:dc:57:99:9d:f4:75:3a:
e7:b1:5a:8a:2c:e4:a8:50:3a:26:ae:06:9c:07:7f:36:51:1d:
14:45:07:dc:51:ed:c9:94:61:96:c2:df:ee:d9:a7:ad:1e:1b:
40:33:ec:65:17:90:fb:82:06:30:c8:09:eb:cf:bf:7c:d6:f3:
3d:66:eb:63:89:36:ec:cd:01:6d:bb:7e:b7:d1:12:a3:ed:41:
d3:d2:d0:82:66:05:63:7b:dd:6c:7f:b5:3b:60:69:9b:46:d1:
67:35:93:d1:9b:4f:a0:25:55:3e:83:d1:d8:af:6f:70:ee:2a:
a9:61:3a:0e:ef:7a:82:d5:cb:57:da:3d:fa:54:ab:13:c1:c9:
ae:7c:d6:73
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOEsU7oX0dgaXm2cBtxVaF6nx0SAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMwMTBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjMzM3NjkwMWIxNWE1Yjk4MmRlZjA2MTRhZGY0YmExMGQyZGE5MDYyZWU5
YjYzOWRjZjNlMWRhMzhmNjg0Y2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQZzwxLpPzLLg6ALf67zXOrmgKfDZ+3A4aI70HQBRCFQT9ys1sjMWqksomK
sXpZ2D9WnsujE2lvWCJi37TShYHci+1HFd6Txlt7e2VU9kByB5u8bWZmh70S/vrX
KR8OqLdcHAAB1U8bSz5p2ME2Hm1Ebo8BBvuBBVwNpDWl/EQycfAOW97EARz0bVjj
SZxIeQmn1LDOdkSmTYVKdDaYGGYOLa0V3I0HlCaR45delQJ6UMmb3rQlC0rH3wHm
vTKW3bRLd7p/ip0oACD3nDGnWWfB1YLjh67mfvweQXLd3ZmWVO4DBIPl3Q/nKNAU
1zpcUpSmV8I//BT5Dfd7Ev0r/98CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRPBtKs
KWCyEMRAXgVKiyYcYUs+cjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmI0NTVmNWQtNmNlNi00MzczLWI1YmMtMWMxZTAzNGExNDhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
YDANBgkqhkiG9w0BAQsFAAOCAQEAxm4tkLUjjEKzLIgFYlGTOmbRM39p7BFI5zzM
2UKqv0usSXcPPMN8k+i9e8fxnISrcStNiWrIk+Xj61nlu4m3ii+2TVu0u2FP8AWZ
0aqBiJJtmjMn0kfRQ5MHmaStC9JaE8szJFY2CQV4sPkNGjQ4mv4/gmxdAKfcV5md
9HU657FaiizkqFA6Jq4GnAd/NlEdFEUH3FHtyZRhlsLf7tmnrR4bQDPsZReQ+4IG
MMgJ68+/fNbzPWbrY4k27M0Bbbt+t9ESo+1B09LQgmYFY3vdbH+1O2Bpm0bRZzWT
0ZtPoCVVPoPR2K9vcO4qqWE6Du96gtXLV9o9+lSrE8HJrnzWcw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:32:27 2026 by rpki-client