Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff4816c3-2e55-42d8-a2fa-8e7ac7375d0e.roa
File: ff4816c3-2e55-42d8-a2fa-8e7ac7375d0e.roa (raw, json)
Hash identifier: nazbPZ1AGlbEPorbSQxJQqzbkinht9VVosD1gUZ6YHA=
Subject key identifier: 20:BB:89:49:54:47:AE:31:0D:3B:A6:F4:5A:37:A2:30:35:BD:97:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 498F1C5F3274E73ABE28DCDAACC95F193998641F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff4816c3-2e55-42d8-a2fa-8e7ac7375d0e.roa
Signing time: Fri 08 May 2026 03:20:09 +0000
ROA not before: Fri 08 May 2026 03:20:09 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:8f:1c:5f:32:74:e7:3a:be:28:dc:da:ac:c9:5f:19:39:98:64:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:09 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=b5c467b3a7fb3bb5638e8f255bac4eeafc0c31b130688fa65425d9c219ec3e13, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b5:29:97:ed:93:bb:e1:07:2d:ed:6e:92:4c:
1b:0f:df:a2:9b:25:b4:11:f7:fe:3f:80:ba:16:ce:
5a:18:25:1d:a2:bc:3e:b2:19:b4:b0:92:d4:62:80:
cd:21:65:6b:b8:17:cd:83:9a:cd:fb:1b:0f:19:eb:
34:21:b3:89:e9:0e:c8:43:64:92:71:40:74:97:da:
2e:22:89:23:65:65:d9:e2:7d:93:ca:3a:83:8a:31:
a6:df:cd:ac:45:f5:52:68:80:b0:82:72:aa:08:4d:
d6:b8:66:c5:ef:ca:b9:45:a6:07:9d:b3:42:9e:b7:
f5:b5:64:85:03:52:9c:4c:62:ae:1f:b3:b1:e2:40:
7a:9c:c7:70:2d:89:d7:7d:37:14:f0:ae:76:59:1d:
68:e1:11:04:0a:20:7a:5f:31:5a:08:6a:f0:8a:99:
ad:cf:53:17:b6:e7:1f:a3:cc:e6:71:80:ef:33:4f:
85:d2:dc:29:ca:ae:ab:b9:81:60:cf:c9:16:ba:44:
3d:79:bf:a3:a2:1b:5c:70:2b:9b:38:12:2c:66:0d:
80:61:75:34:f1:f5:f9:79:d4:9b:23:d3:86:d9:38:
1a:46:4d:a2:d3:fb:35:1d:69:96:dc:6b:f4:0b:6c:
89:54:26:9a:b5:7d:55:e6:89:23:1f:60:67:20:b5:
74:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:BB:89:49:54:47:AE:31:0D:3B:A6:F4:5A:37:A2:30:35:BD:97:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff4816c3-2e55-42d8-a2fa-8e7ac7375d0e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:a000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:70:68:d1:48:d0:d2:ea:01:35:a7:2e:a1:26:b6:b8:52:c3:
4e:e4:f4:30:c4:93:d5:65:09:a0:6d:84:ac:c6:cf:ca:78:54:
ea:1b:d1:68:d4:8f:b7:de:8f:3b:9a:c6:1c:2a:70:30:8f:e3:
cf:a0:65:70:2a:cc:d9:81:ef:8d:08:31:22:f2:74:d7:b7:58:
74:e1:91:75:c8:cc:4d:c6:4e:0f:e4:74:03:ad:4f:2b:45:88:
28:82:92:42:8e:34:c3:e9:95:4d:1e:49:0d:3a:3e:c1:a1:79:
8b:f5:f5:a9:9b:3c:69:c1:cd:f9:9d:4a:d6:0f:b7:7c:d8:a7:
3f:7a:c7:ef:ae:3e:75:3a:33:37:0f:d0:85:32:6d:bd:0f:93:
52:68:79:cb:d4:18:bd:f1:15:5a:26:55:95:42:79:1e:a8:33:
c3:dd:bd:83:0e:35:ff:a7:8c:02:ae:61:4a:3d:24:5c:38:3a:
d4:47:63:33:92:88:20:fe:d5:7d:17:a3:63:be:c2:59:ee:2c:
c1:b9:bb:c6:dc:47:0f:6a:da:e5:89:07:9a:bf:a9:cc:c7:29:
33:fb:c9:52:ce:c0:fa:95:c3:db:63:b4:41:48:69:c8:a6:23:
0f:58:91:75:d1:6d:31:0d:cd:74:30:4a:f7:fc:16:6e:f2:2d:
42:04:c1:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSY8cXzJ05zq+KNzarMlfGTmYZB8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMDlaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1YzQ2N2IzYTdmYjNiYjU2MzhlOGYyNTViYWM0ZWVhZmMwYzMxYjEzMDY4
OGZhNjU0MjVkOWMyMTllYzNlMTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANO1KZftk7vhBy3tbpJMGw/fopsltBH3/j+AuhbOWhglHaK8PrIZtLCS1GKA
zSFla7gXzYOazfsbDxnrNCGziekOyENkknFAdJfaLiKJI2Vl2eJ9k8o6g4oxpt/N
rEX1UmiAsIJyqghN1rhmxe/KuUWmB52zQp639bVkhQNSnExirh+zseJAepzHcC2J
1303FPCudlkdaOERBAogel8xWghq8IqZrc9TF7bnH6PM5nGA7zNPhdLcKcquq7mB
YM/JFrpEPXm/o6IbXHArmzgSLGYNgGF1NPH1+XnUmyPThtk4GkZNotP7NR1pltxr
9AtsiVQmmrV9VeaJIx9gZyC1dBUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQgu4lJ
VEeuMQ07pvRaN6IwNb2XWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmY0ODE2YzMtMmU1NS00MmQ4LWEyZmEtOGU3YWM3Mzc1ZDBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSg
MA0GCSqGSIb3DQEBCwUAA4IBAQA+cGjRSNDS6gE1py6hJra4UsNO5PQwxJPVZQmg
bYSsxs/KeFTqG9Fo1I+33o87msYcKnAwj+PPoGVwKszZge+NCDEi8nTXt1h04ZF1
yMxNxk4P5HQDrU8rRYgogpJCjjTD6ZVNHkkNOj7BoXmL9fWpmzxpwc35nUrWD7d8
2Kc/esfvrj51OjM3D9CFMm29D5NSaHnL1Bi98RVaJlWVQnkeqDPD3b2DDjX/p4wC
rmFKPSRcODrUR2Mzkogg/tV9F6NjvsJZ7izBubvG3EcPatrliQeav6nMxykz+8lS
zsD6lcPbY7RBSGnIpiMPWJF10W0xDc10MEr3/BZu8i1CBMGe
-----END CERTIFICATE-----
Generated at Tue May 12 22:29:22 2026 by rpki-client