Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa
File: 82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa (raw, json)
Hash identifier: fBmzRnOl5Yyt+7YuDEFBbW04VowOHAk2dqr21dOOA1w=
Subject key identifier: 96:2C:CD:43:56:F3:B4:A5:4D:31:2A:E2:B0:35:65:8E:9F:C2:3C:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 783C17B427F973E78FF38E532FAC20FC6C5517BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa
Signing time: Mon 04 May 2026 15:30:07 +0000
ROA not before: Mon 04 May 2026 15:30:07 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:3c:17:b4:27:f9:73:e7:8f:f3:8e:53:2f:ac:20:fc:6c:55:17:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:07 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=d91d5fc5e50dd6dd07277394b9836564f6985218a02924abc297c2dafe5b9a83, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:75:97:a7:6f:1d:9d:ee:f3:6f:0b:4e:14:9d:
42:0d:8b:9f:25:b1:1b:16:d4:e3:d5:43:f7:0f:ad:
0b:8e:7a:ed:b8:69:f7:3d:55:93:82:14:ca:d3:63:
3a:cf:d0:71:cf:84:2a:97:52:ff:f6:41:1c:3d:86:
15:99:cf:10:a1:a8:e6:58:cf:0a:cc:57:dc:46:c3:
8e:f0:0c:e7:7d:4f:fa:3e:b9:b7:0b:9b:19:d8:61:
83:ff:03:ca:f7:e9:60:5f:8b:64:cd:50:19:c4:11:
5d:5d:ae:5d:ea:51:3b:ff:74:47:17:e9:1d:8e:79:
6e:a4:37:e1:d2:dd:8c:82:32:67:bc:f0:e1:83:0a:
65:a1:8d:d4:89:8d:b2:2b:b7:99:90:e6:b2:35:5c:
8c:f6:6d:9d:0f:49:c9:4f:a1:98:12:c2:0c:f5:f3:
f8:77:5a:17:83:d6:0a:6f:fe:5d:a2:8b:b2:b2:19:
49:3a:81:f5:ee:91:85:5f:5d:aa:5b:78:4a:33:ac:
ce:4d:cd:6e:6a:90:27:d9:7e:fc:7c:2c:81:f6:b3:
cd:53:a9:6a:cf:2a:fe:47:60:9a:04:dd:cd:bf:de:
76:f7:89:d7:7e:6d:34:6e:c5:5b:7f:51:84:72:51:
bc:74:11:2f:40:e2:1d:90:69:bf:db:8e:18:55:7c:
c9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2C:CD:43:56:F3:B4:A5:4D:31:2A:E2:B0:35:65:8E:9F:C2:3C:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c000::/40
Signature Algorithm: sha256WithRSAEncryption
64:e0:ed:a3:a6:65:c2:01:6b:da:54:c1:42:9b:5b:c5:02:0d:
92:74:b0:8a:a6:52:27:0d:40:fb:3f:73:82:87:24:a6:b6:3a:
0e:86:9a:88:e8:ef:e6:75:fe:f6:bf:09:d7:15:3e:65:6d:ca:
5c:e9:fb:47:fb:5e:dd:ae:00:ae:cc:81:95:42:30:cc:6b:d2:
67:41:d0:dc:89:2b:78:e2:0f:89:1c:c8:4b:8f:18:f3:55:33:
19:ef:c7:d0:1e:cc:3c:c8:aa:84:d0:d3:d0:1f:9e:f5:5f:0f:
bc:2a:7a:a9:bf:bf:2f:31:5a:fa:d9:2b:7e:9c:2d:77:15:ac:
2e:4e:8d:48:e1:29:ea:bb:27:d4:19:fc:ee:dc:db:6b:fa:13:
da:65:70:2d:af:4c:3a:6e:61:19:91:a8:be:96:bf:49:26:4f:
ba:a3:52:60:3c:35:ef:30:36:f9:7c:e4:8d:48:6b:e0:c3:8f:
5d:28:66:bb:85:87:13:bb:30:e0:43:35:96:56:25:e2:6b:6e:
26:9a:f0:71:bc:4b:4d:28:30:8f:5b:98:6b:79:3d:36:38:58:
10:f2:69:a9:95:d8:84:74:b1:09:7b:81:51:d0:0d:54:2a:fd:
b0:cb:c6:9a:ee:02:3f:e2:28:9d:38:f1:81:f8:b0:14:f6:ef:
de:dc:08:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeDwXtCf5c+eP845TL6wg/GxVF70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMDdaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5MWQ1ZmM1ZTUwZGQ2ZGQwNzI3NzM5NGI5ODM2NTY0ZjY5ODUyMThhMDI5
MjRhYmMyOTdjMmRhZmU1YjlhODMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZ1l6dvHZ3u828LThSdQg2LnyWxGxbU49VD9w+tC4567bhp9z1Vk4IUytNj
Os/Qcc+EKpdS//ZBHD2GFZnPEKGo5ljPCsxX3EbDjvAM531P+j65twubGdhhg/8D
yvfpYF+LZM1QGcQRXV2uXepRO/90RxfpHY55bqQ34dLdjIIyZ7zw4YMKZaGN1ImN
siu3mZDmsjVcjPZtnQ9JyU+hmBLCDPXz+HdaF4PWCm/+XaKLsrIZSTqB9e6RhV9d
qlt4SjOszk3NbmqQJ9l+/HwsgfazzVOpas8q/kdgmgTdzb/edveJ135tNG7FW39R
hHJRvHQRL0DiHZBpv9uOGFV8yf8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSWLM1D
VvO0pU0xKuKwNWWOn8I8LDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODJkOWI2MTktYTZkYy00NGM0LTk1ODktZjg5ZmVmMmU2MWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HPA
MA0GCSqGSIb3DQEBCwUAA4IBAQBk4O2jpmXCAWvaVMFCm1vFAg2SdLCKplInDUD7
P3OChySmtjoOhpqI6O/mdf72vwnXFT5lbcpc6ftH+17drgCuzIGVQjDMa9JnQdDc
iSt44g+JHMhLjxjzVTMZ78fQHsw8yKqE0NPQH571Xw+8Knqpv78vMVr62St+nC13
FawuTo1I4SnquyfUGfzu3Ntr+hPaZXAtr0w6bmEZkai+lr9JJk+6o1JgPDXvMDb5
fOSNSGvgw49dKGa7hYcTuzDgQzWWViXia24mmvBxvEtNKDCPW5hreT02OFgQ8mmp
ldiEdLEJe4FR0A1UKv2wy8aa7gI/4iidOPGB+LAU9u/e3AhW
-----END CERTIFICATE-----
Generated at Tue May 12 22:58:43 2026 by rpki-client