Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/880d0334-daaa-445a-9c06-7402ba023a86.roa
File: 880d0334-daaa-445a-9c06-7402ba023a86.roa (raw, json)
Hash identifier: FNMGsWXjn9+O7hXLFfcdPyoft0SAA2c8PFtjzcimj3I=
Subject key identifier: 68:F1:84:0F:15:A0:A7:91:3F:21:CC:42:5C:25:54:08:AE:F7:C4:12
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 512B0B5E12444E118BC4462A8B7D1CD1FD09D03B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/880d0334-daaa-445a-9c06-7402ba023a86.roa
Signing time: Mon 04 May 2026 15:21:01 +0000
ROA not before: Mon 04 May 2026 15:21:01 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:2b:0b:5e:12:44:4e:11:8b:c4:46:2a:8b:7d:1c:d1:fd:09:d0:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:21:01 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=d9005eebf9133b417aa609c1daa0fc717b6e86b6720e016b0429ca57b48c21e4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0c:dc:6a:83:cb:58:bc:e8:ea:6e:2a:64:31:
fb:0b:cb:d5:93:1d:6e:3b:52:f4:c1:9c:e4:29:65:
ba:d0:d8:6b:ce:9a:d4:7e:80:5e:90:f4:6e:d3:0c:
c3:d7:c2:73:f6:b5:27:92:2b:0d:68:23:71:39:94:
18:ba:39:f2:05:67:fe:20:b3:13:e8:f6:2f:e3:98:
b2:a3:35:09:23:a1:fa:74:70:5f:31:97:41:8e:fc:
f4:e4:27:83:2f:37:d1:79:c7:65:42:6d:34:1d:1d:
81:41:bc:a7:a6:ae:18:3b:72:4a:7c:9a:69:98:69:
7e:e5:e6:e9:95:a9:c7:8d:47:e4:a3:12:9a:ce:c3:
33:f2:b3:e5:ee:4f:dc:2b:9f:3e:b1:4a:5d:28:d9:
ff:5c:1b:67:63:5f:1a:2c:de:6f:5a:59:83:63:6a:
e0:18:da:57:56:25:73:e8:ea:51:26:99:b2:cc:41:
89:f6:27:3d:91:b9:c3:b5:05:e0:0a:8f:16:81:e7:
88:2a:53:09:e6:02:4f:64:02:85:c1:8c:bd:71:06:
7d:d9:b9:ec:6c:5f:9e:49:b9:b8:67:5b:ae:6e:81:
0a:dd:e1:97:08:fe:86:72:25:bb:f2:56:33:50:d2:
94:19:03:aa:01:11:9a:05:d2:ac:16:4a:fb:21:c0:
55:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F1:84:0F:15:A0:A7:91:3F:21:CC:42:5C:25:54:08:AE:F7:C4:12
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/880d0334-daaa-445a-9c06-7402ba023a86.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:6040::/46
Signature Algorithm: sha256WithRSAEncryption
0d:c2:02:24:80:e7:3b:fa:9b:0c:b5:5a:34:b7:ba:bf:ef:1b:
3f:c6:35:de:2c:ba:40:9d:9b:18:dd:c9:ed:8c:5d:b1:56:b4:
f6:6e:6d:28:0e:2a:7f:cd:0e:97:df:b4:9e:77:1f:db:19:5e:
b4:6c:70:bc:75:14:ba:42:13:14:e5:fd:ec:af:60:1f:9f:25:
90:1f:83:8d:e3:9c:15:0f:90:2c:e2:3f:b4:ab:b2:31:8b:31:
1c:a8:6e:01:97:c3:19:cc:d1:1d:ab:40:61:b3:bb:4f:c4:b3:
70:84:f3:ae:8a:e4:2f:09:6a:22:3a:c9:7d:59:31:70:2f:38:
49:d3:08:d9:c4:7f:26:28:e5:6c:b2:02:f0:8c:a3:d9:04:50:
5d:15:85:6d:eb:d7:a9:1e:94:dc:79:5e:25:8c:37:1f:e5:68:
27:8a:e1:de:8b:01:34:95:7f:29:13:ab:0a:57:57:6d:98:9a:
a3:9e:01:82:97:c0:5b:6c:42:1a:1e:b2:dd:60:91:20:ac:35:
18:d7:65:8c:be:3f:77:fe:d1:26:ff:5d:43:18:4b:49:c8:ac:
75:97:f6:c8:4a:65:87:98:34:ea:e0:58:86:9a:79:6b:0e:f3:
d5:70:c1:73:b4:1f:e8:30:44:ad:6a:74:df:b6:f9:2b:2d:47:
52:f8:4f:95
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUSsLXhJEThGLxEYqi30c0f0J0DswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIxMDFaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5MDA1ZWViZjkxMzNiNDE3YWE2MDljMWRhYTBmYzcxN2I2ZTg2YjY3MjBl
MDE2YjA0MjljYTU3YjQ4YzIxZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYM3GqDy1i86OpuKmQx+wvL1ZMdbjtS9MGc5CllutDYa86a1H6AXpD0btMM
w9fCc/a1J5IrDWgjcTmUGLo58gVn/iCzE+j2L+OYsqM1CSOh+nRwXzGXQY789OQn
gy830XnHZUJtNB0dgUG8p6auGDtySnyaaZhpfuXm6ZWpx41H5KMSms7DM/Kz5e5P
3CufPrFKXSjZ/1wbZ2NfGizeb1pZg2Nq4BjaV1Ylc+jqUSaZssxBifYnPZG5w7UF
4AqPFoHniCpTCeYCT2QChcGMvXEGfdm57Gxfnkm5uGdbrm6BCt3hlwj+hnIlu/JW
M1DSlBkDqgERmgXSrBZK+yHAVdECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRo8YQP
FaCnkT8hzEJcJVQIrvfEEjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODgwZDAzMzQtZGFhYS00NDVhLTljMDYtNzQwMmJhMDIzYTg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNg
QDANBgkqhkiG9w0BAQsFAAOCAQEADcICJIDnO/qbDLVaNLe6v+8bP8Y13iy6QJ2b
GN3J7YxdsVa09m5tKA4qf80Ol9+0nncf2xletGxwvHUUukITFOX97K9gH58lkB+D
jeOcFQ+QLOI/tKuyMYsxHKhuAZfDGczRHatAYbO7T8SzcITzrorkLwlqIjrJfVkx
cC84SdMI2cR/JijlbLIC8Iyj2QRQXRWFbevXqR6U3HleJYw3H+VoJ4rh3osBNJV/
KROrCldXbZiao54BgpfAW2xCGh6y3WCRIKw1GNdljL4/d/7RJv9dQxhLScisdZf2
yEplh5g06uBYhpp5aw7z1XDBc7Qf6DBErWp037b5Ky1HUvhPlQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:43 2026 by rpki-client