Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe23a487-e74a-4340-a0c6-7710a2393d63.roa
File: fe23a487-e74a-4340-a0c6-7710a2393d63.roa (raw, json)
Hash identifier: ZVcGI9VbsU6X7VGzZX3s/Ukisli6uNSnChrzGcKWBd0=
Subject key identifier: F7:8E:C1:DE:0B:6F:F3:A3:5F:C3:D8:FF:1A:22:C1:D9:09:A1:8C:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F84BDC738F4C62094E25AA6067F74186AA2FFB1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe23a487-e74a-4340-a0c6-7710a2393d63.roa
Signing time: Sat 02 May 2026 01:30:38 +0000
ROA not before: Sat 02 May 2026 01:30:38 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:84:bd:c7:38:f4:c6:20:94:e2:5a:a6:06:7f:74:18:6a:a2:ff:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:38 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=4e43e34903da7c3553d0ddd81a35e35bc7821a3d93f4d4f33cd1185ef235b445, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:da:4a:c2:07:b8:ea:2b:51:4c:b1:bc:f0:e0:
7c:6a:f1:39:38:cb:a0:cf:2a:d6:2d:02:ea:a9:c2:
98:71:f8:d3:f5:a1:ca:24:18:bc:37:a5:cc:6d:ce:
2e:bc:e8:cc:68:b3:f0:b9:77:19:0b:5d:00:6d:90:
56:40:f9:dc:2f:e4:6e:dc:b0:cb:ec:a3:8a:08:be:
97:2d:04:2d:80:db:29:cb:94:23:5d:7c:46:f3:6d:
65:39:8f:7b:e1:7d:da:5a:56:4e:9e:9b:0d:fd:56:
e7:b5:b3:9d:1b:31:9f:a6:cb:58:0b:83:d8:0e:da:
28:58:af:53:de:b9:ee:29:b4:e1:56:a4:ef:5a:50:
42:72:cf:c9:cc:8e:fd:7d:64:85:24:cb:ff:34:50:
5d:e0:58:68:79:46:dc:02:11:e5:54:74:2c:30:bf:
b9:4f:92:fb:b7:4c:1d:d9:55:00:78:af:d4:28:11:
97:38:cd:a7:fa:ab:5a:1b:db:f7:32:da:3d:26:d5:
df:70:04:c2:e2:50:ba:2d:6c:24:ed:60:e7:49:6a:
d3:25:ae:9f:c6:55:35:b8:cc:7e:87:92:00:81:af:
dc:97:30:f6:2f:dd:ab:0a:b2:d0:74:7d:10:d4:c7:
7b:32:b0:80:fe:41:5b:53:19:fa:79:56:cc:d8:75:
fb:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:8E:C1:DE:0B:6F:F3:A3:5F:C3:D8:FF:1A:22:C1:D9:09:A1:8C:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe23a487-e74a-4340-a0c6-7710a2393d63.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:5080::/48
Signature Algorithm: sha256WithRSAEncryption
53:59:6e:26:49:9b:75:7b:ea:87:7c:29:21:4a:b1:f7:d9:3d:
36:f3:50:51:57:5c:59:5d:d1:af:91:d5:d8:2e:95:ca:57:07:
51:62:15:5d:bb:8c:5d:f9:41:90:b7:5c:07:37:26:63:ce:cf:
18:45:62:48:3f:8f:7d:39:cb:e0:76:1e:ad:99:81:45:54:0f:
6c:eb:0e:9d:1d:d2:3d:bc:bb:ef:b3:73:19:6c:0d:03:a6:cd:
cc:e7:41:4c:88:70:61:6b:7d:63:ee:77:3a:29:8c:ab:3e:d3:
82:ed:55:ba:8f:2d:69:59:dc:73:97:41:59:e8:50:4d:82:ea:
11:35:5e:56:05:1f:da:6f:57:89:ba:71:60:ce:99:85:0c:a4:
cc:8a:84:1e:d2:c2:ea:77:2b:a3:d1:1c:cd:fa:59:07:e7:43:
b0:f2:3c:29:de:be:a0:08:f2:ca:a2:d4:5f:45:7f:0d:e2:46:
fc:73:b5:77:66:a3:ec:cb:52:e3:a4:cb:f6:21:73:5f:21:a7:
2a:98:b1:94:41:c2:71:b9:ce:46:03:d2:52:b0:28:ce:0d:a2:
28:c6:d4:4d:73:8d:20:2a:cb:cb:fa:44:11:2c:4d:93:4b:6d:
bf:4b:10:a5:0b:25:5d:d4:a5:c8:fa:34:80:4f:95:1b:95:e0:
3f:3a:97:61
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUH4S9xzj0xiCU4lqmBn90GGqi/7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwMzhaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlNDNlMzQ5MDNkYTdjMzU1M2QwZGRkODFhMzVlMzViYzc4MjFhM2Q5M2Y0
ZDRmMzNjZDExODVlZjIzNWI0NDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOHaSsIHuOorUUyxvPDgfGrxOTjLoM8q1i0C6qnCmHH40/WhyiQYvDelzG3O
LrzozGiz8Ll3GQtdAG2QVkD53C/kbtywy+yjigi+ly0ELYDbKcuUI118RvNtZTmP
e+F92lpWTp6bDf1W57WznRsxn6bLWAuD2A7aKFivU9657im04Vak71pQQnLPycyO
/X1khSTL/zRQXeBYaHlG3AIR5VR0LDC/uU+S+7dMHdlVAHiv1CgRlzjNp/qrWhvb
9zLaPSbV33AEwuJQui1sJO1g50lq0yWun8ZVNbjMfoeSAIGv3Jcw9i/dqwqy0HR9
ENTHezKwgP5BW1MZ+nlWzNh1+60CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT3jsHe
C2/zo1/D2P8aIsHZCaGMzDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmUyM2E0ODctZTc0YS00MzQwLWEwYzYtNzcxMGEyMzkzZDYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GpQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAU1luJkmbdXvqh3wpIUqx99k9NvNQUVdcWV3R
r5HV2C6VylcHUWIVXbuMXflBkLdcBzcmY87PGEViSD+PfTnL4HYerZmBRVQPbOsO
nR3SPby777NzGWwNA6bNzOdBTIhwYWt9Y+53OimMqz7Tgu1Vuo8taVncc5dBWehQ
TYLqETVeVgUf2m9XibpxYM6ZhQykzIqEHtLC6ncro9EczfpZB+dDsPI8Kd6+oAjy
yqLUX0V/DeJG/HO1d2aj7MtS46TL9iFzXyGnKpixlEHCcbnORgPSUrAozg2iKMbU
TXONICrLy/pEESxNk0ttv0sQpQslXdSlyPo0gE+VG5XgPzqXYQ==
-----END CERTIFICATE-----
Generated at Wed May 13 00:09:49 2026 by rpki-client