Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
File: 2780ebe2-8258-4510-a848-89116418e1c7.roa (raw, json)
Hash identifier: 5MgLyo4GU5ZWsfJY3qzjHFU9faZwdMbG9M9VWKYRN9g=
Subject key identifier: 56:5F:82:36:C1:38:2C:0B:79:FB:E8:2B:5F:4F:5F:EE:98:C6:EE:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01BEEBE5C86771FE11130DF54D88EA3770FBE8B7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
Signing time: Fri 20 Feb 2026 01:51:07 +0000
ROA not before: Fri 20 Feb 2026 01:51:07 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:be:eb:e5:c8:67:71:fe:11:13:0d:f5:4d:88:ea:37:70:fb:e8:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:51:07 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=d8ad760ed4538de08c1cdbf33cd6552715cacc9ac4d49e7c24444bc6ad3b1fce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3e:b0:cd:14:c1:64:2a:ef:44:9c:16:6c:2e:
9c:65:17:62:f4:d8:e0:8b:f2:aa:13:35:88:94:2a:
82:5a:f6:ce:88:d4:20:f9:4e:56:eb:3d:8e:49:05:
85:20:29:29:f9:d7:0d:2f:24:59:7b:0b:c3:41:fa:
a8:c3:54:75:a6:63:4a:5a:4e:29:07:47:81:17:d3:
67:c7:b7:92:36:40:32:cb:83:0f:5a:ce:ad:fc:88:
23:f1:5d:d4:aa:da:fc:4e:c2:eb:61:1c:2e:db:08:
ca:ac:37:47:8b:5e:51:51:5e:01:66:dd:b7:ee:d3:
83:30:47:e2:77:99:e0:de:69:b0:aa:78:37:00:23:
b5:28:e3:7c:7e:aa:96:32:0d:af:5e:d7:66:13:64:
ef:24:36:8b:11:20:f1:3d:46:df:41:99:4b:2d:2d:
6e:ba:8d:0a:1c:37:67:a9:55:ee:da:ea:cd:44:ce:
21:c1:70:f8:ed:1f:3d:9d:c1:4b:85:a8:73:2e:d8:
a5:98:99:2c:87:1b:cb:86:9a:9e:71:3d:26:5e:c2:
4e:1e:d7:2b:bc:2c:bc:73:78:e5:33:bd:e8:0c:5d:
1a:5d:7d:21:7f:70:f9:4d:90:87:3a:9a:2f:cc:ac:
b3:d1:e9:f9:0f:80:d1:87:06:bd:e1:31:dd:20:fc:
17:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:5F:82:36:C1:38:2C:0B:79:FB:E8:2B:5F:4F:5F:EE:98:C6:EE:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/19
Signature Algorithm: sha256WithRSAEncryption
1d:b5:1e:a7:11:27:64:fc:be:71:02:ea:85:bd:88:7e:7b:af:
c9:55:22:f8:9c:36:08:32:74:7c:1f:58:ae:b5:36:15:e9:78:
e8:5e:aa:21:07:fb:6a:52:68:e6:5d:e4:d2:e6:2c:b1:c5:34:
03:a7:f6:ee:08:ea:77:c2:fd:7b:d5:63:2f:e4:d7:d2:cb:d6:
81:f5:dc:67:f1:c0:6c:97:fc:f1:f4:b0:7a:a5:af:29:ef:e1:
90:47:14:7a:23:47:df:74:1e:55:7c:08:7b:20:61:b5:22:2a:
f7:04:60:d3:15:9c:95:df:df:c7:65:7e:6c:cc:f0:f7:6e:1a:
4f:27:f1:db:a7:1d:4d:dd:ec:1e:e2:0f:4a:c1:b1:21:45:42:
bc:fe:22:6a:7e:94:d5:f6:a7:7d:bc:f6:66:19:d7:44:77:e4:
2c:54:fb:5f:4d:ee:7f:77:70:88:a2:37:ea:0b:5d:ed:b9:91:
da:7b:cd:22:bb:fd:b2:16:91:a6:af:41:84:9f:78:cb:bb:b4:
a2:af:f0:9c:fe:3c:89:03:d9:dc:9c:23:d1:74:08:b8:e0:17:
04:21:2a:2c:7d:27:49:b3:08:a2:78:85:c8:4c:1f:17:3b:0e:
cf:77:4c:d2:3a:79:cb:4d:c1:99:14:ee:9e:ca:31:7b:e7:61:
e8:e0:a8:c6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAb7r5chncf4REw31TYjqN3D76LcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUxMDdaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4YWQ3NjBlZDQ1MzhkZTA4YzFjZGJmMzNjZDY1NTI3MTVjYWNjOWFjNGQ0
OWU3YzI0NDQ0YmM2YWQzYjFmY2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMA+sM0UwWQq70ScFmwunGUXYvTY4IvyqhM1iJQqglr2zojUIPlOVus9jkkF
hSApKfnXDS8kWXsLw0H6qMNUdaZjSlpOKQdHgRfTZ8e3kjZAMsuDD1rOrfyII/Fd
1Kra/E7C62EcLtsIyqw3R4teUVFeAWbdt+7TgzBH4neZ4N5psKp4NwAjtSjjfH6q
ljINr17XZhNk7yQ2ixEg8T1G30GZSy0tbrqNChw3Z6lV7trqzUTOIcFw+O0fPZ3B
S4Wocy7YpZiZLIcby4aannE9Jl7CTh7XK7wsvHN45TO96AxdGl19IX9w+U2Qhzqa
L8yss9Hp+Q+A0YcGveEx3SD8F9kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRWX4I2
wTgsC3n76CtfT1/umMbuXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4MGViZTItODI1OC00NTEwLWE4NDgtODkxMTY0MThlMWM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEAHbUepxEnZPy+cQLqhb2IfnuvyVUi+Jw2CDJ0fB9Y
rrU2Fel46F6qIQf7alJo5l3k0uYsscU0A6f27gjqd8L9e9VjL+TX0svWgfXcZ/HA
bJf88fSweqWvKe/hkEcUeiNH33QeVXwIeyBhtSIq9wRg0xWcld/fx2V+bMzw924a
Tyfx26cdTd3sHuIPSsGxIUVCvP4ian6U1fanfbz2ZhnXRHfkLFT7X03uf3dwiKI3
6gtd7bmR2nvNIrv9shaRpq9BhJ94y7u0oq/wnP48iQPZ3Jwj0XQIuOAXBCEqLH0n
SbMIoniFyEwfFzsOz3dM0jp5y03BmRTunsoxe+dh6OCoxg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:54:44 2026 by rpki-client