Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
File: 049fd671-de95-4496-9712-c56affcb2b27.roa (raw, json)
Hash identifier: EAOHPfzhZSm0QWJyE94vzEFj1+WznmF7xdEQKWjw4TM=
Subject key identifier: EE:A8:0B:A1:79:A3:11:35:37:1F:98:F7:D4:0B:2D:F4:9B:A6:C4:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0BE0E7AD2E910695FEA2B246D0BAF274C6C12AB4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
Signing time: Fri 20 Feb 2026 01:50:08 +0000
ROA not before: Fri 20 Feb 2026 01:50:08 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.24.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:e0:e7:ad:2e:91:06:95:fe:a2:b2:46:d0:ba:f2:74:c6:c1:2a:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:08 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=2fb690a652a3ee235256913787f0181c1b9bba2cc669d68d836f939276c021c1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:66:ef:82:5c:12:0d:17:1a:40:29:63:b1:45:
4c:6e:47:f1:65:bd:72:f4:f4:f4:b0:e9:3a:16:6a:
11:99:ba:e0:9b:90:2e:5f:fa:e7:ea:64:4a:e8:18:
0c:ed:8a:6c:52:ee:b2:ee:f2:08:dd:d8:d5:d5:75:
6f:df:8b:30:11:32:89:84:e5:a0:65:bb:06:4a:35:
d5:35:de:ce:91:d5:91:69:88:8c:47:34:b4:b5:55:
24:9f:b6:a4:66:29:ce:58:e0:9f:87:f5:b9:7d:d5:
74:1a:10:df:4d:03:d9:4b:f8:f9:93:db:af:ad:81:
ca:e0:7a:85:22:63:d0:bb:3a:52:54:48:36:aa:0f:
d0:8d:51:48:34:f2:52:a8:d4:df:4b:71:fc:56:e9:
d9:08:26:d8:8a:98:b4:23:3c:3f:54:7e:03:42:0b:
65:b7:68:05:37:ac:fe:e8:b9:e9:be:43:4f:84:a7:
ff:92:36:a0:f2:2d:f6:85:5f:16:fe:94:76:6c:4a:
d3:ad:fb:87:19:5e:7d:78:4d:cb:55:1a:ad:d0:47:
a3:57:69:61:7d:20:97:6c:10:5e:d3:52:a6:08:eb:
c5:af:bc:fc:98:57:ab:63:05:c8:ca:78:e7:7e:4e:
f7:81:27:49:97:d3:ef:b2:1d:a9:10:47:41:56:0d:
4c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A8:0B:A1:79:A3:11:35:37:1F:98:F7:D4:0B:2D:F4:9B:A6:C4:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.24.0/21
Signature Algorithm: sha256WithRSAEncryption
29:35:1b:6e:86:05:0a:ea:b9:ee:45:0e:57:75:30:84:6d:4f:
83:73:a2:72:6f:94:aa:0c:4b:62:c4:33:3e:21:c9:4d:72:ce:
5f:41:80:72:94:77:c6:7b:38:3f:98:41:11:23:a3:f4:ba:1a:
b5:f1:d3:cf:b6:77:c5:78:50:6f:95:51:d4:31:ea:2b:2b:a0:
d4:70:96:6d:cb:59:d6:c8:5f:63:cf:cd:da:18:c4:9c:2f:13:
d3:05:9b:05:db:dc:51:48:6a:03:1b:95:82:71:5d:37:92:18:
3c:d4:1c:cf:61:91:bd:14:32:10:94:c1:4e:f1:c9:b0:49:6a:
f8:a3:a3:27:2b:00:7e:09:d4:fe:17:cc:5e:f3:11:1d:70:b9:
5e:f8:29:57:31:71:af:6a:e5:8e:2b:24:e1:34:37:a4:39:13:
19:1f:e1:85:bb:0c:44:25:f8:7a:79:14:55:48:32:85:f1:5d:
0f:96:6e:6c:99:11:9f:33:72:f0:5b:6b:c3:20:fd:2f:03:56:
1f:f8:6a:80:42:05:37:b8:a9:12:1e:d8:79:08:85:ee:ce:37:
0b:a0:eb:57:c2:5c:24:75:39:3e:af:b3:25:61:a0:56:c9:17:
02:c7:e6:23:ef:c0:64:19:d3:38:3c:90:fd:fd:a1:52:2b:24:
14:b3:d8:8d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUC+DnrS6RBpX+orJG0LrydMbBKrQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMDhaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmYjY5MGE2NTJhM2VlMjM1MjU2OTEzNzg3ZjAxODFjMWI5YmJhMmNjNjY5
ZDY4ZDgzNmY5MzkyNzZjMDIxYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJNm74JcEg0XGkApY7FFTG5H8WW9cvT09LDpOhZqEZm64JuQLl/65+pkSugY
DO2KbFLusu7yCN3Y1dV1b9+LMBEyiYTloGW7Bko11TXezpHVkWmIjEc0tLVVJJ+2
pGYpzljgn4f1uX3VdBoQ300D2Uv4+ZPbr62ByuB6hSJj0Ls6UlRINqoP0I1RSDTy
UqjU30tx/Fbp2Qgm2IqYtCM8P1R+A0ILZbdoBTes/ui56b5DT4Sn/5I2oPIt9oVf
Fv6UdmxK0637hxlefXhNy1UardBHo1dpYX0gl2wQXtNSpgjrxa+8/JhXq2MFyMp4
535O94EnSZfT77IdqRBHQVYNTHcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTuqAuh
eaMRNTcfmPfUCy30m6bEcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ5ZmQ2NzEtZGU5NS00NDk2LTk3MTItYzU2YWZmY2IyYjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AiGDAN
BgkqhkiG9w0BAQsFAAOCAQEAKTUbboYFCuq57kUOV3UwhG1Pg3Oicm+UqgxLYsQz
PiHJTXLOX0GAcpR3xns4P5hBESOj9LoatfHTz7Z3xXhQb5VR1DHqKyug1HCWbctZ
1shfY8/N2hjEnC8T0wWbBdvcUUhqAxuVgnFdN5IYPNQcz2GRvRQyEJTBTvHJsElq
+KOjJysAfgnU/hfMXvMRHXC5XvgpVzFxr2rljisk4TQ3pDkTGR/hhbsMRCX4enkU
VUgyhfFdD5ZubJkRnzNy8FtrwyD9LwNWH/hqgEIFN7ipEh7YeQiF7s43C6DrV8Jc
JHU5Pq+zJWGgVskXAsfmI+/AZBnTODyQ/f2hUiskFLPYjQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:47:54 2026 by rpki-client