Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
File: 376be0fe-aebc-4855-80a4-ea95cf413b51.roa (raw, json)
Hash identifier: CZFut/fOie7gNArWZYfBLBsPFzHirJm8SRdYQ9YUpGk=
Subject key identifier: A5:09:A3:9C:FD:73:4A:CA:FC:36:DE:00:EB:A2:4F:FB:89:B7:FB:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09484CC49BCB680AF148DCC569469E9F15B045CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
Signing time: Mon 04 May 2026 15:30:12 +0000
ROA not before: Mon 04 May 2026 15:30:12 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:48:4c:c4:9b:cb:68:0a:f1:48:dc:c5:69:46:9e:9f:15:b0:45:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:12 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=60a5861b5c511b63fa7834c0a13cd87a505748003998a74311cb32c79f0e05c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:26:08:06:5b:65:de:ec:1e:a0:72:43:6e:d8:
10:ed:54:8a:43:1e:1a:6a:99:a2:82:0c:1b:b2:01:
41:a6:c4:b2:d3:37:84:c2:8d:3e:58:fa:c0:19:64:
87:a0:b6:ae:99:60:7f:05:9b:d9:13:d4:9d:e3:38:
20:bc:1a:22:2b:07:6a:e4:94:dd:76:40:32:b3:60:
f3:3a:c6:a8:4c:9d:9f:a2:75:5b:5f:5e:95:ba:99:
f7:bf:24:db:e6:71:cc:3b:55:d7:66:22:9e:95:b3:
a6:a5:2c:9c:4d:66:7d:17:24:07:55:85:05:f5:a9:
e2:cb:7a:0d:a5:7d:33:78:b1:2f:21:53:ff:14:4d:
5f:f8:ea:e5:83:5c:6c:3e:7c:4e:45:3c:51:43:89:
a9:34:e5:ec:26:1b:8b:29:c6:38:cc:81:49:ea:f7:
98:fa:2b:51:cd:c4:86:99:66:ba:35:49:68:57:c4:
41:ae:03:09:a6:9b:2e:2e:11:18:06:ef:70:46:4a:
6c:e2:14:37:b7:2d:ae:da:6a:34:00:ea:20:27:18:
52:ec:b1:56:c6:1f:04:88:c5:27:82:4a:af:2d:c0:
af:2f:cf:f1:4a:ea:e9:89:5b:f0:e8:75:69:b2:db:
84:b7:43:a0:54:e6:f8:15:81:66:76:17:fd:6f:5d:
0d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:09:A3:9C:FD:73:4A:CA:FC:36:DE:00:EB:A2:4F:FB:89:B7:FB:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:5000::/40
Signature Algorithm: sha256WithRSAEncryption
bc:ad:1b:fc:30:ea:71:9c:dc:75:d2:87:df:ff:c0:35:cd:06:
a0:b4:11:2f:2f:82:a6:17:4f:6b:c7:00:7b:38:3d:49:3d:0e:
16:d6:35:a4:a5:ee:8b:93:c2:23:dd:9a:6e:58:39:99:14:59:
9a:d0:77:ec:12:3d:e1:35:2f:59:72:b1:ec:55:2d:cc:31:9b:
2a:e0:6f:06:2b:09:89:c3:f0:be:0b:04:d3:a0:ee:33:22:e8:
3e:ac:fb:a5:a8:ec:1a:9b:af:ba:74:cc:17:24:01:72:24:68:
96:b9:a7:b0:1e:6c:ed:6b:d6:53:0c:86:b7:8f:54:a0:b7:17:
7f:ee:81:aa:56:1f:b7:2a:12:ef:81:9b:c4:c0:1d:9e:b1:cd:
2d:d5:b6:0d:09:82:bb:f0:71:ef:a7:9a:c1:d2:ad:6c:ed:dc:
a1:13:8d:cf:40:e5:29:ce:1e:f4:fc:ff:a8:a2:1a:e0:37:02:
eb:f6:90:a3:ec:c3:35:2f:19:c6:0f:ef:1e:8f:72:a3:60:b4:
79:fd:80:26:29:9a:98:ce:b8:4d:c9:ef:11:cd:71:ec:c3:87:
0b:0a:6d:0a:09:60:4c:46:58:8b:b3:d0:19:75:80:19:3b:73:
ba:ab:f1:cb:1c:3a:04:14:d2:f2:b4:c9:7b:ef:18:59:c0:fe:
2f:48:65:48
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCUhMxJvLaArxSNzFaUaenxWwRcswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMTJaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwYTU4NjFiNWM1MTFiNjNmYTc4MzRjMGExM2NkODdhNTA1NzQ4MDAzOTk4
YTc0MzExY2IzMmM3OWYwZTA1YzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkmCAZbZd7sHqByQ27YEO1UikMeGmqZooIMG7IBQabEstM3hMKNPlj6wBlk
h6C2rplgfwWb2RPUneM4ILwaIisHauSU3XZAMrNg8zrGqEydn6J1W19elbqZ978k
2+ZxzDtV12YinpWzpqUsnE1mfRckB1WFBfWp4st6DaV9M3ixLyFT/xRNX/jq5YNc
bD58TkU8UUOJqTTl7CYbiynGOMyBSer3mPorUc3EhplmujVJaFfEQa4DCaabLi4R
GAbvcEZKbOIUN7ctrtpqNADqICcYUuyxVsYfBIjFJ4JKry3Ary/P8Urq6Ylb8Oh1
abLbhLdDoFTm+BWBZnYX/W9dDYECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSlCaOc
/XNKyvw23gDrok/7ibf7ezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mzc2YmUwZmUtYWViYy00ODU1LTgwYTQtZWE5NWNmNDEzYjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC8rRv8MOpxnNx10off/8A1zQagtBEvL4KmF09r
xwB7OD1JPQ4W1jWkpe6Lk8Ij3ZpuWDmZFFma0HfsEj3hNS9ZcrHsVS3MMZsq4G8G
KwmJw/C+CwTToO4zIug+rPulqOwam6+6dMwXJAFyJGiWuaewHmzta9ZTDIa3j1Sg
txd/7oGqVh+3KhLvgZvEwB2esc0t1bYNCYK78HHvp5rB0q1s7dyhE43PQOUpzh70
/P+oohrgNwLr9pCj7MM1LxnGD+8ej3KjYLR5/YAmKZqYzrhNye8RzXHsw4cLCm0K
CWBMRliLs9AZdYAZO3O6q/HLHDoEFNLytMl77xhZwP4vSGVI
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:00 2026 by rpki-client