Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
File: 1977ffde-7d26-418c-800c-ccacd18fe560.roa (raw, json)
Hash identifier: 19KfZS0hf86BLMNOqR224VY8IxmegWp1ghACnJFBMcQ=
Subject key identifier: 72:94:FD:13:1A:33:7D:20:AA:05:CF:39:03:ED:CB:8B:8B:F9:3B:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20435CDDBCBA7578FCB1ABEAC9B8D9D8856E9DC1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
Signing time: Mon 04 May 2026 15:20:03 +0000
ROA not before: Mon 04 May 2026 15:20:03 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 8987
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:43:5c:dd:bc:ba:75:78:fc:b1:ab:ea:c9:b8:d9:d8:85:6e:9d:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:03 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=9816660234d29c0b6b765b2ee3394e8ede2fe25f70639a76102fa533674c39ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:db:3c:81:40:e1:5c:31:f9:8b:a2:43:07:76:
42:e3:68:94:96:b7:6d:b0:b1:a8:f2:43:15:22:29:
5d:92:c1:85:fb:a3:12:b5:f4:8d:88:4a:0a:3b:94:
6a:eb:69:0c:0a:3a:e0:1c:50:8e:08:56:72:e7:62:
26:fe:02:ac:16:77:d6:0a:0a:4c:f3:96:b4:d2:98:
5b:4a:4f:c2:27:91:ef:a9:01:05:0c:43:f9:e7:58:
70:b0:e6:ce:9b:ca:94:dc:55:68:7d:a9:f7:6e:89:
07:6b:00:d6:0d:78:8a:63:63:5b:23:f2:b5:d0:eb:
64:e2:c1:e5:bb:77:18:c5:4c:3b:a6:bd:0c:d7:55:
64:d3:ce:29:33:91:06:d0:30:6b:fc:e8:75:8e:fc:
19:da:9a:f7:32:f2:f8:0d:c6:fc:2f:cd:d0:4f:00:
be:91:12:75:b0:65:b3:51:66:b3:a5:1a:e4:69:d6:
06:28:5e:79:e3:49:5f:db:08:e4:03:02:c9:64:44:
80:04:14:77:b4:a7:83:ba:ff:ad:53:aa:fa:86:6e:
d6:55:c5:ca:39:da:38:51:a8:dc:12:8b:cc:12:ce:
3d:77:82:96:e6:68:31:07:cc:e9:88:bc:53:8a:6c:
ff:f3:68:be:8e:d2:e4:81:67:32:43:31:68:19:d6:
f2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:94:FD:13:1A:33:7D:20:AA:05:CF:39:03:ED:CB:8B:8B:F9:3B:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1977ffde-7d26-418c-800c-ccacd18fe560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
16:8a:13:38:44:b8:3c:32:42:ef:07:0c:52:c7:e3:ac:29:93:
00:c8:eb:88:1e:d1:6d:cd:1e:e3:4d:d8:df:89:03:c2:88:06:
e7:4b:40:20:68:1b:67:d2:82:62:bc:04:4e:0d:8c:16:08:e5:
47:33:28:40:c6:5f:2a:3f:68:96:b1:85:b6:43:6a:c1:63:1b:
53:76:f5:0c:32:0b:a2:5e:5b:d6:f8:b3:b9:b2:8d:a8:70:d1:
1b:28:1a:77:b7:2c:c1:54:0d:5f:d7:49:86:7f:b5:69:38:86:
89:05:4d:b1:82:41:f1:3b:94:47:70:49:5a:39:e1:d4:97:8b:
08:da:2e:18:bb:bb:d4:6f:11:d5:61:95:cb:18:b0:df:5e:8f:
07:d7:9c:db:ab:4e:5f:03:ee:26:44:a3:5b:85:cf:57:2b:ac:
4e:30:7f:ce:ce:5a:14:7f:e4:a4:57:3d:27:b1:66:ce:24:76:
f5:9c:f2:c6:18:d0:d9:8f:40:0e:b3:ca:98:cf:cd:9e:93:9b:
83:c0:73:f7:ec:b2:58:8f:a0:10:65:e3:fd:a5:88:54:c0:90:
50:c7:cb:a1:55:25:9f:53:cf:a1:20:f6:79:26:b5:22:ba:7f:
56:62:99:e8:e4:14:5e:9b:1b:73:1e:87:14:00:b0:38:e5:81:
4e:a2:7e:fe
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUIENc3by6dXj8savqybjZ2IVuncEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwMDNaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4MTY2NjAyMzRkMjljMGI2Yjc2NWIyZWUzMzk0ZThlZGUyZmUyNWY3MDYz
OWE3NjEwMmZhNTMzNjc0YzM5ZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7bPIFA4Vwx+YuiQwd2QuNolJa3bbCxqPJDFSIpXZLBhfujErX0jYhKCjuU
autpDAo64BxQjghWcudiJv4CrBZ31goKTPOWtNKYW0pPwieR76kBBQxD+edYcLDm
zpvKlNxVaH2p926JB2sA1g14imNjWyPytdDrZOLB5bt3GMVMO6a9DNdVZNPOKTOR
BtAwa/zodY78Gdqa9zLy+A3G/C/N0E8AvpESdbBls1Fms6Ua5GnWBiheeeNJX9sI
5AMCyWREgAQUd7Sng7r/rVOq+oZu1lXFyjnaOFGo3BKLzBLOPXeCluZoMQfM6Yi8
U4ps//Novo7S5IFnMkMxaBnW8ssCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRylP0T
GjN9IKoFzzkD7cuLi/k75jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTk3N2ZmZGUtN2QyNi00MThjLTgwMGMtY2NhY2QxOGZlNTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBABaKEzhEuDwyQu8HDFLH46wpkwDI64ge0W3NHuNN
2N+JA8KIBudLQCBoG2fSgmK8BE4NjBYI5UczKEDGXyo/aJaxhbZDasFjG1N29Qwy
C6JeW9b4s7myjahw0RsoGne3LMFUDV/XSYZ/tWk4hokFTbGCQfE7lEdwSVo54dSX
iwjaLhi7u9RvEdVhlcsYsN9ejwfXnNurTl8D7iZEo1uFz1crrE4wf87OWhR/5KRX
PSexZs4kdvWc8sYY0NmPQA6zypjPzZ6Tm4PAc/fssliPoBBl4/2liFTAkFDHy6FV
JZ9Tz6Eg9nkmtSK6f1ZimejkFF6bG3MehxQAsDjlgU6ifv4=
-----END CERTIFICATE-----
Generated at Wed May 13 00:17:47 2026 by rpki-client