Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
File: 54957543-b22c-43fb-b523-8f40c64fe15d.roa (raw, json)
Hash identifier: jW2Wjr7XA7vr8mgf0p0pUfNqlgOwzq0s0wZjQSYLvUM=
Subject key identifier: 13:75:F7:4E:1B:9B:26:B1:5D:0D:01:3D:44:2F:DB:9B:25:96:E1:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1CE32865D5D089282FFA3AFE3F9D6058BFEF4B7A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
Signing time: Mon 23 Feb 2026 01:00:07 +0000
ROA not before: Mon 23 Feb 2026 01:00:07 +0000
ROA not after: Sun 24 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:e3:28:65:d5:d0:89:28:2f:fa:3a:fe:3f:9d:60:58:bf:ef:4b:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 23 01:00:07 2026 GMT
Not After : May 24 23:59:59 2026 GMT
Subject: serialNumber=c0d5496a646502bea9323d287322a1d822a4da0c5c4e7e2ddcde55063e853294, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:93:0d:46:8b:6c:37:b9:71:16:19:7f:22:ae:
44:2f:7d:f3:48:d1:e9:87:b8:ce:d0:16:1e:3d:ca:
3b:bb:65:20:ed:fa:bb:d7:cd:e1:6d:7c:8f:73:9a:
49:0a:61:e7:04:6a:91:5e:66:0e:47:f8:ca:d5:42:
8e:84:55:3d:87:b7:20:b7:1e:cd:94:01:fb:73:b3:
ac:23:63:db:ce:3d:34:be:27:d1:f5:2e:20:9b:c5:
c5:d5:3c:f2:4e:2c:7c:11:b2:b5:4d:d4:57:cd:99:
56:14:fb:9a:17:0b:aa:fe:9e:1c:f7:87:a4:fc:68:
4f:84:58:50:49:fd:f4:42:c1:51:96:a1:ce:e2:9e:
36:62:6c:5b:93:c1:c9:ce:39:56:35:48:8b:b2:5d:
30:e4:53:76:f3:36:f2:a4:13:fd:c4:7b:50:54:fe:
27:e2:54:fe:59:e3:f7:02:92:df:e7:60:3b:ae:33:
6c:4f:20:f4:e1:f0:66:50:b1:54:c6:e9:ea:7b:f9:
c2:5c:27:fe:50:35:21:8a:99:64:98:84:ff:59:90:
ce:92:78:81:43:65:02:1c:6b:b9:8c:5a:cb:9d:9b:
fe:8f:74:80:87:ec:1a:da:70:38:0c:e0:fd:25:b7:
5b:9e:1b:03:bc:4e:9f:8f:c0:7f:4f:9e:0b:71:93:
73:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:75:F7:4E:1B:9B:26:B1:5D:0D:01:3D:44:2F:DB:9B:25:96:E1:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.192.0/19
Signature Algorithm: sha256WithRSAEncryption
27:dc:9e:db:95:e7:c3:56:ca:58:6a:8e:25:3f:9c:b0:30:a0:
20:ad:e1:7e:b7:a9:79:26:ce:70:f1:28:35:15:be:5f:9d:a8:
0c:48:c4:37:73:8c:37:db:4c:5b:32:0d:d5:ce:b6:84:77:2b:
91:59:33:43:0f:da:8b:0e:f5:a5:4f:f4:be:2c:55:6f:75:86:
f7:38:c0:bf:ef:29:0c:3f:cb:de:d7:f1:a5:ee:5c:19:bb:a2:
ae:5f:4c:a8:4e:71:d6:3c:24:a2:a4:97:db:71:6b:df:cd:ed:
87:8b:13:44:45:e5:12:6b:ac:79:65:ea:02:db:e8:7a:7e:f2:
4f:16:98:a5:a1:b7:49:bd:71:df:ca:65:03:e1:14:0a:bb:d7:
99:7f:09:d1:51:35:5b:ce:db:37:dd:4f:ff:ce:be:4c:5b:74:
42:54:2d:6c:43:ff:5a:ee:24:45:cd:de:20:40:30:2d:62:c5:
b9:fc:e7:39:39:e4:2d:5a:df:77:7c:cd:84:3c:9f:65:1a:b0:
73:ea:61:7a:ae:b9:0c:77:db:e5:02:93:26:e9:c2:df:a5:2a:
fe:54:d3:f2:d2:23:69:d2:ec:e8:a0:29:02:bc:c4:52:cd:90:
15:52:95:f7:3e:2b:83:5d:32:c5:90:4f:85:dc:21:17:09:2e:
cd:58:7b:4e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHOMoZdXQiSgv+jr+P51gWL/vS3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjMwMTAwMDdaFw0yNjA1MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwZDU0OTZhNjQ2NTAyYmVhOTMyM2QyODczMjJhMWQ4MjJhNGRhMGM1YzRl
N2UyZGRjZGU1NTA2M2U4NTMyOTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPKTDUaLbDe5cRYZfyKuRC9980jR6Ye4ztAWHj3KO7tlIO36u9fN4W18j3Oa
SQph5wRqkV5mDkf4ytVCjoRVPYe3ILcezZQB+3OzrCNj2849NL4n0fUuIJvFxdU8
8k4sfBGytU3UV82ZVhT7mhcLqv6eHPeHpPxoT4RYUEn99ELBUZahzuKeNmJsW5PB
yc45VjVIi7JdMORTdvM28qQT/cR7UFT+J+JU/lnj9wKS3+dgO64zbE8g9OHwZlCx
VMbp6nv5wlwn/lA1IYqZZJiE/1mQzpJ4gUNlAhxruYxay52b/o90gIfsGtpwOAzg
/SW3W54bA7xOn4/Af0+eC3GTc4UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQTdfdO
G5smsV0NAT1EL9ubJZbh2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQ5NTc1NDMtYjIyYy00M2ZiLWI1MjMtOGY0MGM2NGZlMTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiwDAN
BgkqhkiG9w0BAQsFAAOCAQEAJ9ye25Xnw1bKWGqOJT+csDCgIK3hfrepeSbOcPEo
NRW+X52oDEjEN3OMN9tMWzIN1c62hHcrkVkzQw/aiw71pU/0vixVb3WG9zjAv+8p
DD/L3tfxpe5cGbuirl9MqE5x1jwkoqSX23Fr383th4sTREXlEmuseWXqAtvoen7y
TxaYpaG3Sb1x38plA+EUCrvXmX8J0VE1W87bN91P/86+TFt0QlQtbEP/Wu4kRc3e
IEAwLWLFufznOTnkLVrfd3zNhDyfZRqwc+pheq65DHfb5QKTJunC36Uq/lTT8tIj
adLs6KApArzEUs2QFVKV9z4rg10yxZBPhdwhFwkuzVh7Tg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:55:15 2026 by rpki-client