Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef3372e-f216-40b8-b019-7230e30b3283.roa
File: 1ef3372e-f216-40b8-b019-7230e30b3283.roa (raw, json)
Hash identifier: 5sfki95umSri7G80X+BiusVLJzUn6xXaE0CI/KlMn0I=
Subject key identifier: 0D:0B:8F:8C:40:A6:B3:11:89:FB:7E:29:7E:6A:05:90:E9:8B:6A:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 095E3888713143A4D29CE372664039CC3C7C02BF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef3372e-f216-40b8-b019-7230e30b3283.roa
Signing time: Sat 02 May 2026 01:30:22 +0000
ROA not before: Sat 02 May 2026 01:30:22 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:5e:38:88:71:31:43:a4:d2:9c:e3:72:66:40:39:cc:3c:7c:02:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:22 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=7159fed3ee323c9a3fe2b5c0a622cef256cc049a27452e8e080fba582abf7f43, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ff:25:da:b3:1a:1e:c6:fc:3f:44:3e:18:08:
56:f4:3a:21:95:97:d5:3c:11:05:da:b4:d2:4b:f7:
e9:c0:4f:52:34:bc:d3:c2:c2:d1:42:12:71:1a:54:
a3:b9:31:45:2c:1e:8b:98:ea:c3:f2:09:14:8e:d5:
eb:f4:e9:79:61:6a:9c:ad:0d:9a:d8:fc:5f:d2:3c:
df:21:92:83:61:2c:c8:b9:e4:0c:83:ca:24:f0:9d:
cc:ba:0c:a0:35:a4:77:d5:f4:70:df:68:48:93:3c:
01:e2:17:94:26:e2:61:4a:c4:eb:c0:f1:45:ab:5e:
dd:68:9f:ed:42:33:50:a3:ae:0b:3c:17:ed:14:b9:
ea:db:ec:3d:33:bd:1c:55:7f:e6:8a:30:e0:07:57:
ca:24:72:86:7a:46:8b:64:7b:c4:cd:90:4a:82:c6:
23:60:12:c0:7d:f7:1d:15:a8:0e:99:d8:2a:f8:d5:
72:48:c4:e6:53:35:d9:f4:39:a5:96:b5:09:12:61:
69:ee:77:a6:d8:61:17:72:81:d4:f2:5b:67:3e:da:
a7:78:ff:fc:b7:2b:1a:41:5b:b6:d3:5e:d6:bc:ab:
38:c1:f3:63:c7:04:32:0e:8d:37:00:93:d8:98:13:
a6:d3:1c:78:dd:9d:b3:59:8f:6f:00:6d:b3:93:1a:
33:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:0B:8F:8C:40:A6:B3:11:89:FB:7E:29:7E:6A:05:90:E9:8B:6A:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef3372e-f216-40b8-b019-7230e30b3283.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
34:7c:ee:c4:37:3c:cb:28:0b:78:9b:ae:4c:bb:15:7b:87:04:
8d:7e:69:cf:49:1a:6f:6d:26:aa:9a:33:9e:00:b5:f3:48:6a:
d2:cd:a4:6c:04:9e:b4:69:a6:1e:24:fe:b9:b5:c7:c3:12:9a:
6d:a5:69:ae:4e:1b:cc:f3:26:b0:7a:46:b5:b7:de:1d:25:3d:
cd:94:9e:90:2d:91:6d:e0:62:04:fc:a9:f5:2f:22:5b:f3:6d:
e3:bb:f1:8c:72:35:0a:a3:7c:e4:3e:dc:75:46:f2:1e:84:5a:
c0:a3:4b:da:d7:76:fb:bf:c7:a1:e1:3d:97:46:53:80:89:a8:
10:2e:e6:34:ef:14:3c:4a:a4:a1:a6:da:6c:7d:b3:00:8d:79:
5d:53:1f:49:ca:90:c7:8a:d5:ae:14:19:89:01:24:b6:75:2e:
16:c4:7f:a7:df:44:81:ce:a0:fb:b2:48:cd:f7:74:7b:4f:04:
fc:dd:67:d2:5d:03:79:ff:6e:57:8f:a5:67:a4:88:b1:c4:81:
5d:a4:95:08:ad:c9:0b:d0:35:91:7c:4d:c6:01:d6:c1:42:66:
c6:44:3a:9b:20:80:f4:93:22:73:9e:d3:ee:14:98:36:cb:a5:
82:f3:93:c5:de:2e:cf:84:31:39:72:13:1f:1b:42:aa:f1:fc:
b5:f0:29:69
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCV44iHExQ6TSnONyZkA5zDx8Ar8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwMjJaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxNTlmZWQzZWUzMjNjOWEzZmUyYjVjMGE2MjJjZWYyNTZjYzA0OWEyNzQ1
MmU4ZTA4MGZiYTU4MmFiZjdmNDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKz/JdqzGh7G/D9EPhgIVvQ6IZWX1TwRBdq00kv36cBPUjS808LC0UIScRpU
o7kxRSwei5jqw/IJFI7V6/TpeWFqnK0Nmtj8X9I83yGSg2EsyLnkDIPKJPCdzLoM
oDWkd9X0cN9oSJM8AeIXlCbiYUrE68DxRate3Wif7UIzUKOuCzwX7RS56tvsPTO9
HFV/5oow4AdXyiRyhnpGi2R7xM2QSoLGI2ASwH33HRWoDpnYKvjVckjE5lM12fQ5
pZa1CRJhae53pthhF3KB1PJbZz7ap3j//LcrGkFbttNe1ryrOMHzY8cEMg6NNwCT
2JgTptMceN2ds1mPbwBts5MaM8sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQNC4+M
QKazEYn7fil+agWQ6YtqxzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVmMzM3MmUtZjIxNi00MGI4LWIwMTktNzIzMGUzMGIzMjgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gog
wDANBgkqhkiG9w0BAQsFAAOCAQEANHzuxDc8yygLeJuuTLsVe4cEjX5pz0kab20m
qpozngC180hq0s2kbASetGmmHiT+ubXHwxKabaVprk4bzPMmsHpGtbfeHSU9zZSe
kC2RbeBiBPyp9S8iW/Nt47vxjHI1CqN85D7cdUbyHoRawKNL2td2+7/HoeE9l0ZT
gImoEC7mNO8UPEqkoababH2zAI15XVMfScqQx4rVrhQZiQEktnUuFsR/p99Egc6g
+7JIzfd0e08E/N1n0l0Def9uV4+lZ6SIscSBXaSVCK3JC9A1kXxNxgHWwUJmxkQ6
myCA9JMic57T7hSYNsulgvOTxd4uz4QxOXITHxtCqvH8tfApaQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:34:16 2026 by rpki-client