Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
File: 541034be-1844-4bf7-9c43-91bf5b83fa3d.roa (raw, json)
Hash identifier: yBVZlNhm5CLPwDUYSct0Q8rsuNrBz+/91GKmQ/tY9ic=
Subject key identifier: 1B:7B:83:05:4F:0F:F8:4A:49:0E:68:3A:28:A9:C7:E4:4C:E8:B7:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35F2D6E9AE90D5F27B016D9710BA83AC51859DD6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
Signing time: Mon 11 May 2026 01:51:06 +0000
ROA not before: Mon 11 May 2026 01:51:06 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:f2:d6:e9:ae:90:d5:f2:7b:01:6d:97:10:ba:83:ac:51:85:9d:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:51:06 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=76b0b42c92363d38b5cb38bd3763aac79c5429772934a9be45806028fef01703, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a1:93:60:1b:6d:79:c4:99:3a:fd:32:3e:e9:
5b:21:57:72:d3:9b:0c:d5:e3:8b:c6:ab:57:d0:d3:
cb:fb:e9:b1:62:32:07:6e:b5:d4:9e:c0:df:1a:6c:
c2:57:1a:96:87:24:cd:1e:16:cd:a8:be:bc:c0:ee:
8e:4d:b2:23:ac:0c:b3:1a:05:8d:c8:4e:dc:1f:8c:
f7:f5:bd:7f:5b:dd:85:c5:4a:d6:4f:0a:0a:5c:73:
d6:29:4a:c0:26:3e:2d:12:a8:c9:14:29:c4:b7:ae:
37:16:2d:8c:44:69:93:e3:e7:7a:1d:19:29:a7:ff:
3b:6e:42:f0:68:ab:9c:95:90:8e:cd:e2:a9:35:c8:
fb:5c:21:5d:43:57:32:d7:34:52:9d:a3:5a:94:89:
43:98:4c:e4:db:f3:95:54:63:cb:6a:7a:dd:9e:2a:
b0:20:2b:e0:87:28:93:7d:38:e9:72:19:ba:54:93:
53:42:0a:b5:f6:4c:94:da:93:ea:6b:0a:0e:d0:91:
52:17:42:de:c5:48:0b:48:58:31:eb:ae:80:b9:b3:
08:9d:9a:9e:3a:42:6b:0f:16:54:a0:94:1c:f8:c0:
ad:a6:fc:a6:36:27:75:ed:72:8c:05:ab:ef:0a:4b:
3c:c1:2b:fc:4d:0a:8b:50:8d:ef:bd:14:48:36:96:
21:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:7B:83:05:4F:0F:F8:4A:49:0E:68:3A:28:A9:C7:E4:4C:E8:B7:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:8000::/40
Signature Algorithm: sha256WithRSAEncryption
01:6c:90:00:6e:62:a7:12:28:86:ee:0e:59:c1:07:b2:54:19:
6c:65:cb:23:45:63:ea:80:12:d5:c8:f6:ac:f2:e4:89:24:d0:
d2:3f:91:23:25:4c:c2:aa:4c:cc:87:2c:02:e0:38:41:c0:f4:
bb:db:91:6c:21:a9:6f:49:7e:7e:ca:cb:59:12:e0:fb:2a:30:
e8:fc:82:54:80:c5:31:5a:da:dc:5f:6e:06:87:a5:a3:b1:47:
fc:58:c8:94:a0:b7:7e:76:2d:7e:84:6c:5e:dd:52:45:83:47:
b0:ef:ce:d7:ee:2c:0b:24:e4:73:f8:b5:e2:57:7f:e1:8b:8f:
6c:10:27:42:5c:8a:31:23:c1:67:30:e1:2b:b2:36:fb:78:53:
ab:9e:5e:af:7a:2a:03:36:e0:7f:e9:4b:43:d9:12:0c:10:29:
2a:36:88:3f:8a:3d:4f:c4:41:5c:5b:a0:a7:b5:26:20:bb:eb:
84:68:79:16:ba:80:9b:18:69:1a:f3:95:30:91:5f:94:22:bd:
5b:ac:3a:e5:de:a1:b3:33:22:e0:e2:83:d9:ed:59:e0:df:af:
46:24:d0:63:c4:86:59:05:db:6e:68:89:b2:58:38:35:c9:55:
ca:7a:17:4c:1b:9f:88:18:d0:db:56:27:77:89:80:9a:bf:96:
c7:0d:e8:f1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNfLW6a6Q1fJ7AW2XELqDrFGFndYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUxMDZaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2YjBiNDJjOTIzNjNkMzhiNWNiMzhiZDM3NjNhYWM3OWM1NDI5NzcyOTM0
YTliZTQ1ODA2MDI4ZmVmMDE3MDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALehk2AbbXnEmTr9Mj7pWyFXctObDNXji8arV9DTy/vpsWIyB2611J7A3xps
wlcalockzR4Wzai+vMDujk2yI6wMsxoFjchO3B+M9/W9f1vdhcVK1k8KClxz1ilK
wCY+LRKoyRQpxLeuNxYtjERpk+Pneh0ZKaf/O25C8GirnJWQjs3iqTXI+1whXUNX
Mtc0Up2jWpSJQ5hM5NvzlVRjy2p63Z4qsCAr4Icok3046XIZulSTU0IKtfZMlNqT
6msKDtCRUhdC3sVIC0hYMeuugLmzCJ2anjpCaw8WVKCUHPjArab8pjYnde1yjAWr
7wpLPMEr/E0Ki1CN770USDaWIb8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQbe4MF
Tw/4SkkOaDooqcfkTOi3KDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQxMDM0YmUtMTg0NC00YmY3LTljNDMtOTFiZjViODNmYTNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaA
MA0GCSqGSIb3DQEBCwUAA4IBAQABbJAAbmKnEiiG7g5ZwQeyVBlsZcsjRWPqgBLV
yPas8uSJJNDSP5EjJUzCqkzMhywC4DhBwPS725FsIalvSX5+ystZEuD7KjDo/IJU
gMUxWtrcX24Gh6WjsUf8WMiUoLd+di1+hGxe3VJFg0ew787X7iwLJORz+LXiV3/h
i49sECdCXIoxI8FnMOErsjb7eFOrnl6veioDNuB/6UtD2RIMECkqNog/ij1PxEFc
W6CntSYgu+uEaHkWuoCbGGka85UwkV+UIr1brDrl3qGzMyLg4oPZ7Vng369GJNBj
xIZZBdtuaImyWDg1yVXKehdMG5+IGNDbVid3iYCav5bHDejx
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:06 2026 by rpki-client