Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
File: 65fd1736-b3cd-4b5b-abca-9d430a70e064.roa (raw, json)
Hash identifier: FaH9FY3EfqH0a91gOoSropRAUNjYknnXGoHxqbTJ4nk=
Subject key identifier: 61:BD:2D:B3:4A:5D:65:43:12:11:B3:A7:CF:15:4F:AC:64:0E:58:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68471F4D7222F77509451BEDD26A730A9507CBF9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
Signing time: Fri 20 Feb 2026 01:50:53 +0000
ROA not before: Fri 20 Feb 2026 01:50:53 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:47:1f:4d:72:22:f7:75:09:45:1b:ed:d2:6a:73:0a:95:07:cb:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:53 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=79404f6006c0917329c8a8227415bddd5be79876ba0bdd4b95ff7a13e4cc0743, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:14:ec:ff:b1:31:26:42:23:f8:50:8f:86:48:
01:23:2f:52:7b:52:3e:39:b1:33:ad:f3:33:c2:41:
17:64:9e:32:da:93:c5:d8:1a:17:23:7e:49:3b:69:
06:b6:0d:48:37:d8:3d:f0:f5:3d:0b:bd:fd:8c:29:
e4:72:f8:de:06:17:b2:e8:d5:15:08:56:8d:c2:2f:
b7:73:0a:32:57:d9:d7:0e:b2:e2:27:41:5d:d0:98:
9b:3e:e7:92:cc:4d:ee:e4:f1:a5:ee:9a:c0:df:cc:
1d:03:14:60:6e:ac:1c:2b:e2:a1:44:06:db:18:2f:
7d:fb:9b:3e:0e:4a:53:37:44:e5:d8:a2:3d:a1:11:
64:52:3e:f2:4a:4b:9a:ec:de:31:1a:ab:02:94:4e:
7c:23:75:ef:50:3e:94:6d:20:a9:b9:2f:5b:12:df:
76:62:b3:ff:ed:ea:22:0f:7c:30:c6:cc:c0:ef:47:
0d:79:9d:25:16:e6:25:98:a7:9f:e4:58:d1:61:0c:
17:4d:ee:eb:0b:90:f2:36:ec:fd:ad:2b:ce:38:12:
d8:79:b2:94:e3:9e:62:83:27:e9:18:83:9e:85:51:
c6:6b:88:1f:80:74:24:ab:27:71:9f:73:ec:f3:f1:
14:df:ff:ce:fd:11:ee:d1:5a:eb:50:bd:f9:f3:d8:
af:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:BD:2D:B3:4A:5D:65:43:12:11:B3:A7:CF:15:4F:AC:64:0E:58:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.192.0/18
Signature Algorithm: sha256WithRSAEncryption
c7:3b:18:6e:81:85:90:ec:57:a5:84:8d:37:24:eb:7e:f4:56:
3a:24:e4:7d:42:cd:1e:e1:b6:7f:51:4b:c0:15:4d:f0:78:6e:
86:da:cb:79:41:7b:ef:84:2c:b0:99:4d:f5:63:99:08:8d:c3:
d1:fb:5d:02:04:23:af:8a:2e:97:6f:19:4e:8e:6d:3d:fc:09:
df:a0:d9:bd:fb:de:93:30:af:44:bf:c2:44:89:b6:e8:b4:8e:
36:85:ee:de:4c:99:19:88:10:ab:41:bb:34:8e:69:48:ab:a9:
5e:70:d9:9d:66:f7:6a:f9:7d:7c:85:6b:c4:37:41:fe:bc:3d:
8a:47:0e:15:1b:fd:a9:26:d5:70:87:3b:ea:50:78:86:69:5a:
fa:46:4b:9f:39:09:c0:da:52:8e:f3:00:8e:27:55:c2:11:f3:
5b:8d:0c:c7:65:66:d4:03:e2:f9:71:3d:b3:f6:2b:be:a0:bf:
83:9b:4b:64:9b:77:50:23:36:15:73:4a:c8:31:27:1d:1f:c5:
19:7b:ee:a6:51:5b:26:11:33:29:e7:e5:20:56:bc:9b:29:86:
e5:78:64:e2:cb:63:0a:e4:cc:e0:bb:90:87:b7:08:6e:10:97:
d1:ea:82:74:98:f8:51:de:2e:ec:9a:11:80:4b:65:2a:08:ba:
9d:80:b9:3b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaEcfTXIi93UJRRvt0mpzCpUHy/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwNTNaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5NDA0ZjYwMDZjMDkxNzMyOWM4YTgyMjc0MTViZGRkNWJlNzk4NzZiYTBi
ZGQ0Yjk1ZmY3YTEzZTRjYzA3NDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIU7P+xMSZCI/hQj4ZIASMvUntSPjmxM63zM8JBF2SeMtqTxdgaFyN+STtp
BrYNSDfYPfD1PQu9/Ywp5HL43gYXsujVFQhWjcIvt3MKMlfZ1w6y4idBXdCYmz7n
ksxN7uTxpe6awN/MHQMUYG6sHCvioUQG2xgvffubPg5KUzdE5diiPaERZFI+8kpL
muzeMRqrApROfCN171A+lG0gqbkvWxLfdmKz/+3qIg98MMbMwO9HDXmdJRbmJZin
n+RY0WEMF03u6wuQ8jbs/a0rzjgS2HmylOOeYoMn6RiDnoVRxmuIH4B0JKsncZ9z
7PPxFN//zv0R7tFa61C9+fPYr8MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRhvS2z
Sl1lQxIRs6fPFU+sZA5YtjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjVmZDE3MzYtYjNjZC00YjViLWFiY2EtOWQ0MzBhNzBlMDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAiwDAN
BgkqhkiG9w0BAQsFAAOCAQEAxzsYboGFkOxXpYSNNyTrfvRWOiTkfULNHuG2f1FL
wBVN8HhuhtrLeUF774QssJlN9WOZCI3D0ftdAgQjr4oul28ZTo5tPfwJ36DZvfve
kzCvRL/CRIm26LSONoXu3kyZGYgQq0G7NI5pSKupXnDZnWb3avl9fIVrxDdB/rw9
ikcOFRv9qSbVcIc76lB4hmla+kZLnzkJwNpSjvMAjidVwhHzW40Mx2Vm1APi+XE9
s/YrvqC/g5tLZJt3UCM2FXNKyDEnHR/FGXvuplFbJhEzKeflIFa8mymG5Xhk4stj
CuTM4LuQh7cIbhCX0eqCdJj4Ud4u7JoRgEtlKgi6nYC5Ow==
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:05:29 2026 by rpki-client