Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
File: 1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa (raw, json)
Hash identifier: F70ysB1qaK79UiL1ozDT9VSVcGWd3GLckscFhD/EUa4=
Subject key identifier: 2D:EE:A5:D8:68:FA:02:C9:D4:D5:BE:F3:93:99:04:CC:67:AA:D3:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A9CD0F121217049B220EE2D8EC9F143D48E7163
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
Signing time: Fri 20 Feb 2026 01:51:12 +0000
ROA not before: Fri 20 Feb 2026 01:51:12 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:9c:d0:f1:21:21:70:49:b2:20:ee:2d:8e:c9:f1:43:d4:8e:71:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:51:12 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=7e32e95a071952e86b2362d3f5f24fa89e590dca8d2e2b812f2b635bbb65041e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:4e:e2:77:83:b0:a0:51:8e:f2:ad:44:9f:c1:
03:80:01:4b:04:f0:0d:8e:9f:d7:16:2b:2d:9a:c8:
f6:98:a3:09:64:54:fb:e6:fd:26:0c:a6:b6:2b:dd:
c1:66:44:9f:fb:8b:6b:ef:78:22:39:13:dc:85:02:
19:1c:d1:df:20:07:a3:1f:83:9c:8e:43:01:1f:90:
b6:6b:49:a0:93:b9:e5:f1:eb:9a:30:24:38:dc:18:
12:22:51:a9:0a:13:be:de:dc:48:cb:1c:1a:9c:e7:
b6:a2:89:d0:28:6f:1c:4a:f6:9e:7d:8a:7a:a9:f8:
c8:83:f0:09:40:68:96:f0:5b:34:c7:04:3e:9c:5c:
48:9a:b6:b4:ae:e8:51:88:c7:75:30:6c:f5:aa:75:
30:b9:1d:9b:a6:87:02:ff:f8:e8:60:53:94:ba:1e:
ec:b9:a3:3a:17:14:aa:e7:3c:f4:14:ad:3e:a7:e0:
52:e2:b8:77:ad:f8:49:61:38:fd:6e:93:d5:f4:f5:
4f:bf:3a:28:0b:7d:3a:70:da:d8:80:0d:c3:c7:f1:
18:74:17:9c:8e:89:c0:52:8a:03:57:7f:82:4c:d6:
a6:ca:bc:90:c4:0b:49:25:06:e8:df:47:12:f0:ad:
36:1b:d8:dc:86:8a:7b:50:56:a5:05:f9:83:e6:77:
16:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:EE:A5:D8:68:FA:02:C9:D4:D5:BE:F3:93:99:04:CC:67:AA:D3:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.124.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:50:af:b5:20:21:0b:6a:0e:92:60:a2:b7:18:50:ab:85:ef:
31:04:90:b8:0d:18:7d:90:97:92:5a:e2:37:b2:01:2a:e6:65:
fd:75:de:6c:2d:31:52:cb:f3:61:8a:09:50:9e:c3:03:11:d8:
5f:0d:ec:91:b8:f1:05:71:a2:b0:06:b8:d5:84:03:5c:de:5f:
77:b7:23:82:16:e2:03:a7:bc:74:1a:5d:4b:15:e5:2d:a8:4e:
b6:b2:db:7f:67:86:f6:d4:ae:c2:18:c8:99:32:a9:3c:30:88:
ff:ea:db:a5:98:e6:42:40:3f:17:12:b0:5e:a9:dd:64:03:cd:
1f:5b:71:e0:46:2e:52:9d:03:f4:b4:5d:04:77:6b:9c:c6:90:
cc:50:48:ff:2d:00:56:8d:f6:51:b2:d6:a6:64:87:c9:8e:2a:
e6:bd:cd:46:87:ac:8b:93:4f:ed:42:1d:d4:f6:63:d2:39:97:
92:8c:38:60:28:0c:0a:91:45:d4:de:ba:4e:0f:68:54:31:3a:
44:79:ed:f8:0d:af:9d:4e:19:fc:8b:03:7f:66:ac:79:9e:c7:
a7:49:5f:1a:b9:e0:23:18:6f:d4:f5:ac:e3:e9:87:29:59:3e:
2d:ed:93:48:c6:72:97:9e:5c:05:d6:bb:ee:97:a1:d2:db:3d:
d4:c7:03:ba
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWpzQ8SEhcEmyIO4tjsnxQ9SOcWMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUxMTJaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlMzJlOTVhMDcxOTUyZTg2YjIzNjJkM2Y1ZjI0ZmE4OWU1OTBkY2E4ZDJl
MmI4MTJmMmI2MzViYmI2NTA0MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOFO4neDsKBRjvKtRJ/BA4ABSwTwDY6f1xYrLZrI9pijCWRU++b9Jgymtivd
wWZEn/uLa+94IjkT3IUCGRzR3yAHox+DnI5DAR+QtmtJoJO55fHrmjAkONwYEiJR
qQoTvt7cSMscGpzntqKJ0ChvHEr2nn2Keqn4yIPwCUBolvBbNMcEPpxcSJq2tK7o
UYjHdTBs9ap1MLkdm6aHAv/46GBTlLoe7LmjOhcUquc89BStPqfgUuK4d634SWE4
/W6T1fT1T786KAt9OnDa2IANw8fxGHQXnI6JwFKKA1d/gkzWpsq8kMQLSSUG6N9H
EvCtNhvY3IaKe1BWpQX5g+Z3FvkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQt7qXY
aPoCydTVvvOTmQTMZ6rToDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4YTcwNzYtMGM3OC00YWE2LTljMWUtZGZlYjk0NzE4OWY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbAgfDAN
BgkqhkiG9w0BAQsFAAOCAQEAPVCvtSAhC2oOkmCitxhQq4XvMQSQuA0YfZCXklri
N7IBKuZl/XXebC0xUsvzYYoJUJ7DAxHYXw3skbjxBXGisAa41YQDXN5fd7cjghbi
A6e8dBpdSxXlLahOtrLbf2eG9tSuwhjImTKpPDCI/+rbpZjmQkA/FxKwXqndZAPN
H1tx4EYuUp0D9LRdBHdrnMaQzFBI/y0AVo32UbLWpmSHyY4q5r3NRoesi5NP7UId
1PZj0jmXkow4YCgMCpFF1N66Tg9oVDE6RHnt+A2vnU4Z/IsDf2aseZ7Hp0lfGrng
Ixhv1PWs4+mHKVk+Le2TSMZyl55cBda77peh0ts91McDug==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:54 2026 by rpki-client