Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e5950d7-064f-4bc9-9ec0-ccb72ee4fb5f.roa
File: 2e5950d7-064f-4bc9-9ec0-ccb72ee4fb5f.roa (raw, json)
Hash identifier: tSIE+7v1ZFRLUhouOEWIO+yQQA06A0vImbTZUABE7sg=
Subject key identifier: BF:23:C8:91:42:C2:92:CA:0A:40:41:45:87:33:8B:E1:80:09:62:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3CA14F42AC02842C5217D5B1822A8BF80E2772BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e5950d7-064f-4bc9-9ec0-ccb72ee4fb5f.roa
Signing time: Tue 05 May 2026 00:00:06 +0000
ROA not before: Tue 05 May 2026 00:00:06 +0000
ROA not after: Mon 03 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:f000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:a1:4f:42:ac:02:84:2c:52:17:d5:b1:82:2a:8b:f8:0e:27:72:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 5 00:00:06 2026 GMT
Not After : Aug 3 23:59:59 2026 GMT
Subject: serialNumber=b0fcc920431faa60c34dba3a5fefd8ab4668af9bc8764ac87c0b192a1b2743cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:73:8c:4f:f2:61:a8:46:37:d0:33:cc:75:dd:
b0:fc:80:5c:37:40:43:5d:db:be:7a:44:11:c1:ad:
d3:4b:d0:c7:81:5b:ae:61:dc:ca:c4:db:60:8a:ac:
d3:fb:cb:70:89:e5:3b:1e:7d:ac:06:fe:80:ed:ca:
b6:65:2c:8f:e5:fb:63:84:17:77:73:56:95:04:00:
94:42:07:3f:07:ec:68:b5:7a:bb:27:86:41:3a:a8:
7f:10:ab:18:52:87:0f:14:cc:94:7d:e5:c5:da:34:
df:0a:d0:b6:8a:38:d6:bf:22:fa:f7:00:5c:44:63:
e2:16:9a:f4:9e:17:e7:15:f7:c9:d2:0d:ae:28:33:
95:84:47:04:13:3a:ff:eb:44:f2:ee:69:f0:1a:63:
75:7d:f5:6a:ce:2a:3a:d1:0a:09:db:91:86:11:16:
fd:d1:55:7b:b3:df:15:38:ea:8f:8d:99:56:f9:ea:
74:9b:a7:26:c6:53:68:75:30:88:1b:00:c9:d2:e2:
64:c6:5c:80:47:09:4e:89:2f:bf:ac:78:95:02:c5:
17:ba:00:4f:2f:46:d9:be:f5:47:fd:44:3f:27:f2:
0b:b8:5a:12:a2:48:23:1a:48:b6:a0:69:87:c4:be:
dd:5f:e8:20:99:93:22:2a:6e:cf:5e:0f:3b:d0:26:
80:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:23:C8:91:42:C2:92:CA:0A:40:41:45:87:33:8B:E1:80:09:62:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e5950d7-064f-4bc9-9ec0-ccb72ee4fb5f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:f000::/40
Signature Algorithm: sha256WithRSAEncryption
2f:cf:96:43:44:48:a9:1f:c5:d6:77:7b:82:7f:2a:09:68:f2:
90:02:e7:91:83:e6:6b:07:4c:9a:b9:ca:d4:e1:3d:34:e7:37:
12:27:6f:89:cc:a5:f4:f1:f6:a7:0d:5e:de:7c:d9:16:97:99:
b7:eb:94:3f:da:e6:39:5c:56:60:13:c6:d2:f3:7f:2b:84:83:
27:55:b4:fe:e4:e3:5a:ff:fa:47:e4:60:75:e0:d3:8c:70:84:
03:36:f5:38:d3:19:c5:26:77:39:24:ea:5a:45:9f:dd:31:ca:
cb:67:fc:24:0b:7e:ab:01:6e:e0:10:3c:23:06:97:01:98:e7:
95:08:b5:b5:60:fa:dd:3e:50:e9:a7:57:48:bb:59:9c:cd:26:
d1:5e:a8:fb:81:e3:2e:66:ad:e0:80:1d:bb:8d:1e:3b:b8:ea:
e2:bf:d6:18:25:90:e3:c7:01:45:8b:44:98:88:34:de:0c:23:
6d:a7:7b:56:aa:00:eb:e9:c0:cf:51:ea:4d:73:50:b4:42:e8:
94:a4:bf:87:32:9f:da:68:73:8a:a1:83:9b:90:fc:57:76:ba:
e1:3e:7d:c1:0c:8c:8f:07:09:bb:dc:33:2b:f2:fe:08:23:53:
ea:09:45:a8:bd:43:77:39:18:02:47:29:2b:60:55:e5:8d:b2:
61:0e:8b:f4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPKFPQqwChCxSF9WxgiqL+A4ncr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDUwMDAwMDZaFw0yNjA4MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwZmNjOTIwNDMxZmFhNjBjMzRkYmEzYTVmZWZkOGFiNDY2OGFmOWJjODc2
NGFjODdjMGIxOTJhMWIyNzQzY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOdzjE/yYahGN9AzzHXdsPyAXDdAQ13bvnpEEcGt00vQx4FbrmHcysTbYIqs
0/vLcInlOx59rAb+gO3KtmUsj+X7Y4QXd3NWlQQAlEIHPwfsaLV6uyeGQTqofxCr
GFKHDxTMlH3lxdo03wrQtoo41r8i+vcAXERj4haa9J4X5xX3ydINrigzlYRHBBM6
/+tE8u5p8BpjdX31as4qOtEKCduRhhEW/dFVe7PfFTjqj42ZVvnqdJunJsZTaHUw
iBsAydLiZMZcgEcJTokvv6x4lQLFF7oATy9G2b71R/1EPyfyC7haEqJIIxpItqBp
h8S+3V/oIJmTIipuz14PO9AmgE8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS/I8iR
QsKSygpAQUWHM4vhgAliWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmU1OTUwZDctMDY0Zi00YmM5LTllYzAtY2NiNzJlZTRmYjVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H/w
MA0GCSqGSIb3DQEBCwUAA4IBAQAvz5ZDREipH8XWd3uCfyoJaPKQAueRg+ZrB0ya
ucrU4T005zcSJ2+JzKX08fanDV7efNkWl5m365Q/2uY5XFZgE8bS838rhIMnVbT+
5ONa//pH5GB14NOMcIQDNvU40xnFJnc5JOpaRZ/dMcrLZ/wkC36rAW7gEDwjBpcB
mOeVCLW1YPrdPlDpp1dIu1mczSbRXqj7geMuZq3ggB27jR47uOriv9YYJZDjxwFF
i0SYiDTeDCNtp3tWqgDr6cDPUepNc1C0QuiUpL+HMp/aaHOKoYObkPxXdrrhPn3B
DIyPBwm73DMr8v4II1PqCUWovUN3ORgCRykrYFXljbJhDov0
-----END CERTIFICATE-----
Generated at Tue May 12 23:35:52 2026 by rpki-client