Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
File: 27619839-e7af-4103-a7dd-056323333518.roa (raw, json)
Hash identifier: 5G6ltWbFrTwdcMtSZ9GWnmy1V0uumKqywRltd90/HvI=
Subject key identifier: 7F:67:66:CE:34:60:2C:9C:1A:D8:C4:A4:B6:24:9C:BD:67:54:DA:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AAD9835FA3008602AB63AFAC64E22FC87BE95D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
Signing time: Fri 20 Feb 2026 01:50:37 +0000
ROA not before: Fri 20 Feb 2026 01:50:37 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.88.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:ad:98:35:fa:30:08:60:2a:b6:3a:fa:c6:4e:22:fc:87:be:95:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:37 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=a86ea2920316c6d872f6eba3c5db2d4c66b56268ecfadc04db713789354f0b98, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:64:6c:bb:ec:b9:90:c6:7a:81:43:d4:5f:36:
45:83:eb:fd:1e:1b:33:e5:f7:8f:0d:7c:d9:b1:ef:
7d:0c:5f:83:b9:27:6d:1a:da:04:ad:4f:02:dc:f3:
ef:63:cb:88:2d:5e:fd:43:dd:38:cf:a6:c0:e7:c0:
c9:84:fb:d8:24:ff:39:c9:8f:f3:13:ef:a9:99:3e:
e3:a9:bf:3d:f8:a4:cf:4c:2b:40:0f:26:6c:80:be:
b5:0b:17:2b:ef:b0:b1:8b:f5:1b:d4:1c:09:f0:c1:
04:0e:31:5b:40:9c:1b:37:fb:43:a6:35:52:a6:14:
9c:88:c4:bc:3e:8e:cf:30:56:59:2b:fe:9e:cc:2b:
a1:04:47:ea:a8:88:d5:d7:03:34:d3:6a:5d:2d:21:
bf:d9:51:c6:07:15:89:b3:78:36:e9:f2:3e:c6:5c:
94:0b:ed:e3:34:ac:ef:a4:b8:18:06:db:29:ff:4b:
3f:56:cc:bc:40:34:bd:dc:f2:31:58:e1:57:14:11:
c9:03:2c:c8:3d:26:94:84:f9:81:29:36:4d:9f:03:
63:c4:ca:ae:27:f9:03:92:7f:6c:46:7f:b0:0f:1d:
5f:fe:44:09:b8:dc:e2:a4:c4:ae:16:23:8f:05:57:
42:ba:f7:59:1b:ef:cf:66:4a:08:cf:52:6e:ef:49:
71:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:67:66:CE:34:60:2C:9C:1A:D8:C4:A4:B6:24:9C:BD:67:54:DA:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.88.0/21
Signature Algorithm: sha256WithRSAEncryption
49:93:57:55:55:1d:2b:e0:59:54:82:27:e8:25:fc:3f:d8:54:
0e:7d:f3:6b:17:4e:29:64:33:2f:cd:2c:9d:f6:b5:b2:2d:70:
c1:22:38:2f:6d:3e:a4:e9:7d:40:ff:7e:a4:2a:23:91:bc:67:
75:9c:3d:69:d2:73:53:b0:61:63:dd:21:23:05:5f:71:20:3e:
54:3e:a2:2e:49:13:e0:0f:96:55:d0:7f:ca:08:ff:5d:4a:9f:
52:df:ce:f0:14:c6:dc:ec:70:39:3c:cf:d9:cc:72:97:8f:5e:
29:56:25:a3:56:97:c1:b2:ad:61:f2:cc:2e:2d:64:ee:40:11:
00:95:68:b8:70:d5:a3:65:a8:35:dc:8a:da:36:9c:a0:10:06:
21:d9:bc:5a:99:6a:0b:2f:da:61:aa:aa:0d:01:47:ce:61:0d:
5f:ef:5b:42:5d:af:05:ca:19:b2:ea:34:ad:08:25:e7:9c:f9:
a3:d7:65:8d:e0:17:80:56:77:39:39:17:78:e9:71:a2:d0:ee:
a9:07:fd:b0:b8:bd:0d:5a:55:d5:40:be:20:35:cc:af:57:f6:
a9:93:a3:41:44:8c:d0:a8:62:72:c7:1c:b4:1a:fb:ac:48:a6:
7c:a2:12:9b:cd:e5:54:7f:ac:21:12:96:3a:49:f7:5c:60:48:
77:6d:d5:a3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaq2YNfowCGAqtjr6xk4i/Ie+ldAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMzdaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4NmVhMjkyMDMxNmM2ZDg3MmY2ZWJhM2M1ZGIyZDRjNjZiNTYyNjhlY2Zh
ZGMwNGRiNzEzNzg5MzU0ZjBiOTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJkbLvsuZDGeoFD1F82RYPr/R4bM+X3jw182bHvfQxfg7knbRraBK1PAtzz
72PLiC1e/UPdOM+mwOfAyYT72CT/OcmP8xPvqZk+46m/Pfikz0wrQA8mbIC+tQsX
K++wsYv1G9QcCfDBBA4xW0CcGzf7Q6Y1UqYUnIjEvD6OzzBWWSv+nswroQRH6qiI
1dcDNNNqXS0hv9lRxgcVibN4NunyPsZclAvt4zSs76S4GAbbKf9LP1bMvEA0vdzy
MVjhVxQRyQMsyD0mlIT5gSk2TZ8DY8TKrif5A5J/bEZ/sA8dX/5ECbjc4qTErhYj
jwVXQrr3WRvvz2ZKCM9Sbu9JcRMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR/Z2bO
NGAsnBrYxKS2JJy9Z1TaVjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc2MTk4MzktZTdhZi00MTAzLWE3ZGQtMDU2MzIzMzMzNTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgWDAN
BgkqhkiG9w0BAQsFAAOCAQEASZNXVVUdK+BZVIIn6CX8P9hUDn3zaxdOKWQzL80s
nfa1si1wwSI4L20+pOl9QP9+pCojkbxndZw9adJzU7BhY90hIwVfcSA+VD6iLkkT
4A+WVdB/ygj/XUqfUt/O8BTG3OxwOTzP2cxyl49eKVYlo1aXwbKtYfLMLi1k7kAR
AJVouHDVo2WoNdyK2jacoBAGIdm8WplqCy/aYaqqDQFHzmENX+9bQl2vBcoZsuo0
rQgl55z5o9dljeAXgFZ3OTkXeOlxotDuqQf9sLi9DVpV1UC+IDXMr1f2qZOjQUSM
0KhicscctBr7rEimfKISm83lVH+sIRKWOkn3XGBId23Vow==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:19 2026 by rpki-client