Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
File: 513c0075-edb1-461e-a07d-4eb5874bd9ce.roa (raw, json)
Hash identifier: ZF0wA5kdujtFBtbT0kstQ7abUyAFzcmkKgpK6tBsjkE=
Subject key identifier: 84:9A:6A:63:D3:9D:78:AC:88:5F:58:29:9A:14:04:9E:F3:BA:D2:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69A72C6461E026C84E7FB4BDB28D6E4E9ECD05C5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
Signing time: Fri 20 Feb 2026 01:51:08 +0000
ROA not before: Fri 20 Feb 2026 01:51:08 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.160.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:a7:2c:64:61:e0:26:c8:4e:7f:b4:bd:b2:8d:6e:4e:9e:cd:05:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:51:08 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=fa71182f9a2cec6db9e53d355954c9a8ffa4a21b9bd9de0b980512d4d6a515c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6a:7f:3a:f5:4b:1a:1d:25:98:91:85:9e:f1:
07:32:bc:4d:0d:94:7e:d5:95:aa:52:70:5b:3d:54:
c0:bb:5a:38:d1:7e:b1:73:a3:3c:a7:3d:03:96:24:
a4:49:1f:2e:44:af:d1:31:f0:89:12:c4:a1:c4:0b:
d2:2c:ce:a7:21:0d:c9:ef:a5:92:78:0d:7e:7b:9a:
f9:26:00:62:a3:44:24:a6:72:83:03:d3:71:98:c3:
01:61:d4:9a:f0:73:a9:fe:c5:2a:52:b2:0e:44:d1:
e9:b3:7a:e9:ab:5a:9d:b7:82:a3:2d:d1:23:84:99:
f9:57:98:82:dc:61:80:12:13:33:77:22:95:6e:34:
a8:1b:04:ec:bb:54:11:7e:e8:4c:f5:8a:70:f6:ff:
6d:54:68:b7:aa:46:3d:a0:a1:b7:16:9b:2d:01:48:
1b:0c:9a:dd:b0:4a:c3:8b:82:41:6c:67:e1:51:2c:
bf:e1:d3:4c:e9:61:97:7b:4b:15:57:26:14:ee:d4:
2f:fa:9a:74:8c:e2:f6:b1:35:9a:91:ad:e3:2f:9a:
0d:28:7e:65:60:f5:2a:0d:11:03:c3:47:e6:4f:6d:
1b:cd:71:c6:f5:6d:f3:59:91:8d:98:9b:c6:a3:8d:
c6:a5:6f:66:93:5b:a5:6a:64:f5:13:67:f3:27:c4:
fe:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:9A:6A:63:D3:9D:78:AC:88:5F:58:29:9A:14:04:9E:F3:BA:D2:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/513c0075-edb1-461e-a07d-4eb5874bd9ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.160.0/20
Signature Algorithm: sha256WithRSAEncryption
43:bd:40:4a:cb:68:ad:b0:61:90:ab:42:a8:2f:bb:3a:5e:22:
63:92:20:c0:11:23:65:4f:05:f6:01:05:dd:cf:07:f4:f7:1c:
81:74:ca:d1:5e:94:35:7c:f8:bd:df:d2:84:e2:42:7a:eb:72:
51:89:a9:10:5a:0c:76:30:2b:46:8d:7d:2a:29:7c:d2:1a:00:
bc:f7:4b:17:5d:ce:6d:9c:ef:4a:65:3d:8b:52:c3:7a:42:a2:
58:83:ec:3d:29:76:2f:43:0e:db:42:43:0c:e6:c7:b9:1f:54:
6a:ff:70:d4:db:11:27:4c:6f:94:bb:96:19:0e:ef:0c:c6:5d:
8e:de:36:d9:2b:79:b3:55:41:96:5d:97:2b:79:f7:c0:45:1b:
c4:e1:28:4d:ab:f7:5b:38:18:74:84:6c:d0:69:f3:5b:2d:c7:
df:09:01:ee:15:c8:91:bd:04:b6:7d:32:0f:33:d8:1c:6b:d9:
22:cb:91:d4:02:c9:17:7c:0e:9b:e5:23:8e:09:b7:c0:18:ff:
4a:2b:34:c1:90:cf:cb:95:c1:7f:b8:08:7c:51:4e:26:21:85:
6d:09:bb:f2:33:f9:ba:d4:5c:99:b7:47:fa:ad:62:00:21:99:
12:51:a5:40:6a:8e:e6:14:8c:d6:6d:ad:24:f0:49:d0:ab:dd:
18:99:c9:02
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaacsZGHgJshOf7S9so1uTp7NBcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUxMDhaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhNzExODJmOWEyY2VjNmRiOWU1M2QzNTU5NTRjOWE4ZmZhNGEyMWI5YmQ5
ZGUwYjk4MDUxMmQ0ZDZhNTE1YzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKVqfzr1SxodJZiRhZ7xBzK8TQ2UftWVqlJwWz1UwLtaONF+sXOjPKc9A5Yk
pEkfLkSv0THwiRLEocQL0izOpyENye+lkngNfnua+SYAYqNEJKZygwPTcZjDAWHU
mvBzqf7FKlKyDkTR6bN66atanbeCoy3RI4SZ+VeYgtxhgBITM3cilW40qBsE7LtU
EX7oTPWKcPb/bVRot6pGPaChtxabLQFIGwya3bBKw4uCQWxn4VEsv+HTTOlhl3tL
FVcmFO7UL/qadIzi9rE1mpGt4y+aDSh+ZWD1Kg0RA8NH5k9tG81xxvVt81mRjZib
xqONxqVvZpNbpWpk9RNn8yfE/jMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSEmmpj
0514rIhfWCmaFASe87rSVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTEzYzAwNzUtZWRiMS00NjFlLWEwN2QtNGViNTg3NGJkOWNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAioDAN
BgkqhkiG9w0BAQsFAAOCAQEAQ71ASstorbBhkKtCqC+7Ol4iY5IgwBEjZU8F9gEF
3c8H9PccgXTK0V6UNXz4vd/ShOJCeutyUYmpEFoMdjArRo19Kil80hoAvPdLF13O
bZzvSmU9i1LDekKiWIPsPSl2L0MO20JDDObHuR9Uav9w1NsRJ0xvlLuWGQ7vDMZd
jt422St5s1VBll2XK3n3wEUbxOEoTav3WzgYdIRs0GnzWy3H3wkB7hXIkb0Etn0y
DzPYHGvZIsuR1ALJF3wOm+Ujjgm3wBj/Sis0wZDPy5XBf7gIfFFOJiGFbQm78jP5
utRcmbdH+q1iACGZElGlQGqO5hSM1m2tJPBJ0KvdGJnJAg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:34:51 2026 by rpki-client