Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ff479c7-35c9-43ea-ab99-712ce7537beb.roa
File: 9ff479c7-35c9-43ea-ab99-712ce7537beb.roa (raw, json)
Hash identifier: Czl94pfSgzToNOPILACcTwwVd6yXjnhpwr4/ZKLORzE=
Subject key identifier: 4C:C2:DE:C9:A5:10:5A:E5:3D:17:97:C4:2F:3D:49:E6:CB:E1:0C:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 092F57BE880BB4CE99103CC63348FEDDD913CF86
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ff479c7-35c9-43ea-ab99-712ce7537beb.roa
Signing time: Mon 11 May 2026 01:51:09 +0000
ROA not before: Mon 11 May 2026 01:51:09 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:2f:57:be:88:0b:b4:ce:99:10:3c:c6:33:48:fe:dd:d9:13:cf:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:51:09 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=b1a35d03ba68f7416335534a89c3b2b19ca0dd2e051e05d09e9457df6c8d8948, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2a:ba:03:7f:02:05:1f:8e:e5:ba:c4:fc:d2:
5b:cd:71:d4:4e:50:65:a1:d7:08:f9:d5:51:c5:4b:
88:8b:81:34:85:83:2f:93:5e:39:00:e7:8e:56:23:
1f:93:b3:10:3c:18:aa:a4:b2:0b:89:82:04:ae:74:
26:05:b0:cd:03:e8:d0:d1:61:3f:19:c7:4b:f5:e7:
75:6a:62:b7:7c:36:62:9b:b5:e3:b4:1b:31:38:12:
90:1b:06:af:08:c2:8f:0a:66:cf:d1:21:8b:64:d2:
17:94:45:6a:35:74:13:c0:cd:d2:9a:14:4d:ac:aa:
bc:0c:77:1d:3e:16:6a:22:f5:28:24:43:f2:df:08:
4d:50:06:46:7d:e7:65:68:e3:6c:07:88:00:88:96:
11:9f:a0:58:fa:f4:9b:51:75:e8:47:58:19:69:62:
ff:9e:1e:4b:09:18:8e:3d:e0:f5:ab:11:f9:f3:20:
93:ff:5e:14:c2:8b:61:e5:c2:8f:3d:22:36:8e:d7:
dd:30:83:3b:f8:1a:c9:5a:4d:f5:c7:7c:53:77:9f:
f6:d7:bc:89:df:1e:3c:f3:7b:a9:14:4a:91:b2:d2:
6d:39:9c:20:9e:7d:9d:21:f3:50:2d:f1:b8:c6:64:
e5:e1:76:08:a5:82:85:c5:03:7a:c2:28:24:78:dd:
b6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C2:DE:C9:A5:10:5A:E5:3D:17:97:C4:2F:3D:49:E6:CB:E1:0C:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ff479c7-35c9-43ea-ab99-712ce7537beb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:2000::/40
Signature Algorithm: sha256WithRSAEncryption
5d:0e:c9:4e:7f:c1:24:14:0d:64:97:df:75:41:f9:b4:e1:87:
1c:be:19:d1:23:e5:f4:25:2f:7d:fb:a8:d8:06:37:bf:54:d0:
0d:b5:85:25:ab:7e:f5:e7:68:ce:37:d1:43:af:15:8c:59:b6:
0d:f0:ec:33:b7:c1:2a:2c:e4:ae:45:fd:41:cf:78:93:18:6f:
cc:f2:d6:36:04:a3:07:d0:8d:8f:68:2c:45:10:db:24:5d:99:
7a:89:f1:9d:36:23:9b:c9:f7:b8:cd:30:8e:e9:7a:c1:a1:25:
9a:6b:1b:8e:0c:af:cb:e3:76:60:9c:be:74:a4:ef:4c:15:23:
ad:bb:31:96:99:ff:f5:94:9c:7f:30:df:d6:3c:6a:99:36:db:
ed:7e:32:97:b1:d6:c2:a3:03:1c:4a:08:5c:6f:8c:7d:77:74:
1f:ba:a6:27:df:43:73:9c:7b:3f:ce:12:45:b0:2c:63:df:d4:
2b:b6:a4:d1:89:8e:86:95:90:38:89:1b:52:94:6d:cf:0e:1e:
5c:81:d5:bf:0f:0a:e9:34:75:8c:5d:c4:d9:0c:1d:b6:05:ce:
17:d8:1f:e7:b0:8c:16:69:fe:8d:e5:11:b2:0a:e7:2e:7b:90:
a2:dc:27:68:c4:40:9c:34:16:ea:84:18:e1:12:49:16:a3:19:
62:b4:d9:64
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCS9XvogLtM6ZEDzGM0j+3dkTz4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUxMDlaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxYTM1ZDAzYmE2OGY3NDE2MzM1NTM0YTg5YzNiMmIxOWNhMGRkMmUwNTFl
MDVkMDllOTQ1N2RmNmM4ZDg5NDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4qugN/AgUfjuW6xPzSW81x1E5QZaHXCPnVUcVLiIuBNIWDL5NeOQDnjlYj
H5OzEDwYqqSyC4mCBK50JgWwzQPo0NFhPxnHS/XndWpit3w2Ypu147QbMTgSkBsG
rwjCjwpmz9Ehi2TSF5RFajV0E8DN0poUTayqvAx3HT4WaiL1KCRD8t8ITVAGRn3n
ZWjjbAeIAIiWEZ+gWPr0m1F16EdYGWli/54eSwkYjj3g9asR+fMgk/9eFMKLYeXC
jz0iNo7X3TCDO/gayVpN9cd8U3ef9te8id8ePPN7qRRKkbLSbTmcIJ59nSHzUC3x
uMZk5eF2CKWChcUDesIoJHjdtukCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRMwt7J
pRBa5T0Xl8QvPUnmy+EMyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZmNDc5YzctMzVjOS00M2VhLWFiOTktNzEyY2U3NTM3YmViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAg
MA0GCSqGSIb3DQEBCwUAA4IBAQBdDslOf8EkFA1kl991Qfm04YccvhnRI+X0JS99
+6jYBje/VNANtYUlq37152jON9FDrxWMWbYN8Owzt8EqLOSuRf1Bz3iTGG/M8tY2
BKMH0I2PaCxFENskXZl6ifGdNiObyfe4zTCO6XrBoSWaaxuODK/L43ZgnL50pO9M
FSOtuzGWmf/1lJx/MN/WPGqZNtvtfjKXsdbCowMcSghcb4x9d3QfuqYn30NznHs/
zhJFsCxj39QrtqTRiY6GlZA4iRtSlG3PDh5cgdW/DwrpNHWMXcTZDB22Bc4X2B/n
sIwWaf6N5RGyCucue5Ci3CdoxECcNBbqhBjhEkkWoxlitNlk
-----END CERTIFICATE-----
Generated at Wed May 13 00:24:52 2026 by rpki-client