Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
File: 4b12830e-a860-4a14-b52f-5284626c1a96.roa (raw, json)
Hash identifier: nykF3ORf+1sxi7Lxj8BNa025vdpAhYXuEf2FlKcXuqk=
Subject key identifier: 91:F0:F7:39:59:44:3F:4E:DB:57:EC:1D:AC:C8:74:CF:83:71:FD:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 797673B55C137B3CDA7728FF7C39C1CEB3238BB8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
Signing time: Fri 20 Feb 2026 01:50:09 +0000
ROA not before: Fri 20 Feb 2026 01:50:09 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:76:73:b5:5c:13:7b:3c:da:77:28:ff:7c:39:c1:ce:b3:23:8b:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:09 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=651951d52b2fbafe5d48a34729003deee4208a1563c09515876c8f455596407f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:52:1e:29:f9:2d:fd:7b:8d:ee:14:72:18:db:
67:a5:c7:f1:e7:b0:69:aa:dd:a5:dc:6c:65:0c:2c:
7c:70:44:0a:2b:ac:a3:14:e5:72:4f:2b:70:be:8b:
79:3a:03:99:22:75:33:61:17:72:48:77:2f:02:b9:
23:35:19:25:f7:c8:86:08:3f:c8:cc:39:ab:ed:cf:
07:95:31:d3:61:ab:24:97:3a:63:bf:1b:8a:78:8e:
e5:cb:5d:ab:5c:ea:b1:77:ae:a7:83:bf:8d:21:2e:
0d:49:9b:3a:d1:d1:ae:0c:22:6d:fa:44:90:0d:fe:
63:4c:98:e9:82:9f:1a:49:2b:df:3f:55:4f:14:f3:
a1:f8:66:58:2b:32:8d:40:cb:22:8f:f3:5b:9c:4d:
5b:4c:07:da:56:24:3e:89:af:11:b6:6b:64:8d:6c:
3d:e0:ba:97:b9:25:73:04:26:ce:ab:4d:c0:b1:3d:
45:88:19:c8:fe:64:db:a9:4b:88:1c:35:fc:a2:07:
43:a6:30:e9:a4:12:b4:7a:0d:67:ed:38:3a:0d:78:
a8:cc:22:e7:90:da:0c:ac:16:09:44:f4:6d:9f:3a:
48:dd:77:30:fd:5e:3d:63:47:93:0d:41:8f:5e:39:
56:a2:59:eb:f0:78:2d:fd:e0:8c:2d:8b:42:30:ed:
46:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F0:F7:39:59:44:3F:4E:DB:57:EC:1D:AC:C8:74:CF:83:71:FD:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
79:55:b6:23:ac:96:8a:d2:95:1b:69:81:f7:c8:a9:02:df:01:
c3:d7:64:e8:f5:bc:78:fa:b6:56:49:cf:48:d5:4d:e9:22:8a:
2f:08:85:33:90:9b:6f:2f:32:74:94:8c:94:33:b5:6c:32:35:
b8:8b:a0:1b:ac:af:84:cd:01:74:6c:63:17:b0:0b:85:4c:0c:
d5:ed:d5:8a:92:88:b4:19:2b:89:42:f9:af:1c:d2:eb:d2:2b:
3b:ef:68:d2:40:44:a7:10:0d:c7:0b:d9:9b:a5:22:54:3b:1b:
e6:8a:a0:75:3a:be:58:9f:69:b4:bc:a7:75:37:59:82:e6:85:
1c:e3:cc:28:eb:a6:5e:5a:9a:d3:c4:04:15:7e:ed:a9:08:ae:
82:73:b3:c5:09:02:30:f7:02:bc:12:29:96:f6:68:a2:48:1d:
8f:65:73:79:e8:5c:4f:90:e3:d6:f0:7d:58:88:27:19:d9:04:
88:33:8a:ef:6a:d9:c6:1c:d6:cc:58:18:0d:df:e2:25:ad:5e:
f2:17:0e:47:61:5f:38:e2:55:8b:8e:50:d6:9b:d3:10:d0:e2:
4d:fe:f8:9f:32:b6:fb:80:7b:5e:5d:a0:72:f8:4f:6b:a2:5f:
1f:30:1f:cb:ac:cb:bf:74:2d:65:a0:fe:13:c4:d6:c9:89:08:
91:19:94:40
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeXZztVwTezzadyj/fDnBzrMji7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMDlaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1MTk1MWQ1MmIyZmJhZmU1ZDQ4YTM0NzI5MDAzZGVlZTQyMDhhMTU2M2Mw
OTUxNTg3NmM4ZjQ1NTU5NjQwN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlSHin5Lf17je4UchjbZ6XH8eewaardpdxsZQwsfHBECiusoxTlck8rcL6L
eToDmSJ1M2EXckh3LwK5IzUZJffIhgg/yMw5q+3PB5Ux02GrJJc6Y78biniO5ctd
q1zqsXeup4O/jSEuDUmbOtHRrgwibfpEkA3+Y0yY6YKfGkkr3z9VTxTzofhmWCsy
jUDLIo/zW5xNW0wH2lYkPomvEbZrZI1sPeC6l7klcwQmzqtNwLE9RYgZyP5k26lL
iBw1/KIHQ6Yw6aQStHoNZ+04Og14qMwi55DaDKwWCUT0bZ86SN13MP1ePWNHkw1B
j145VqJZ6/B4Lf3gjC2LQjDtRgsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSR8Pc5
WUQ/TttX7B2syHTPg3H9CDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGIxMjgzMGUtYTg2MC00YTE0LWI1MmYtNTI4NDYyNmMxYTk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDALAiMA0G
CSqGSIb3DQEBCwUAA4IBAQB5VbYjrJaK0pUbaYH3yKkC3wHD12To9bx4+rZWSc9I
1U3pIoovCIUzkJtvLzJ0lIyUM7VsMjW4i6AbrK+EzQF0bGMXsAuFTAzV7dWKkoi0
GSuJQvmvHNLr0is772jSQESnEA3HC9mbpSJUOxvmiqB1Or5Yn2m0vKd1N1mC5oUc
48wo66ZeWprTxAQVfu2pCK6Cc7PFCQIw9wK8EimW9miiSB2PZXN56FxPkOPW8H1Y
iCcZ2QSIM4rvatnGHNbMWBgN3+IlrV7yFw5HYV844lWLjlDWm9MQ0OJN/vifMrb7
gHteXaBy+E9rol8fMB/LrMu/dC1loP4TxNbJiQiRGZRA
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:37 2026 by rpki-client