Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
File: 8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa (raw, json)
Hash identifier: QdVkXmW7FL5A9PbIAJlkbOYpm2ZbwcRiVaJg2kQ6W7Q=
Subject key identifier: 16:D1:74:3D:DB:4A:EB:8E:8E:10:7A:00:DF:6D:4A:50:8D:88:9B:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06358B2F00A2DC1522580B4AA0A083272B01EBD6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
Signing time: Fri 20 Feb 2026 01:50:32 +0000
ROA not before: Fri 20 Feb 2026 01:50:32 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:35:8b:2f:00:a2:dc:15:22:58:0b:4a:a0:a0:83:27:2b:01:eb:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:32 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=6a121fe845d729cf70dbc3e56d149792b9ceff48a367e6bc79ce3d08cde7eccb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7a:9e:08:4b:69:25:0a:4d:13:a1:fa:18:59:
a8:8b:73:ca:2d:42:99:a1:7e:32:36:c9:bd:0d:f5:
22:f6:b9:f0:2e:d9:82:f3:9f:df:a5:91:f1:64:f1:
61:0f:31:9d:e1:a5:8e:09:c9:a0:14:95:f4:00:3f:
ea:a0:f0:9d:fb:ac:d1:2b:74:66:d9:62:55:86:9e:
7f:ef:f3:40:79:b6:4a:ce:0e:b7:2f:87:ac:3f:9c:
f5:93:10:3a:66:00:f9:98:4b:b8:d6:57:5d:8e:67:
ae:ee:30:91:8f:aa:b5:85:70:d4:07:fd:02:49:ce:
7b:1e:87:62:b8:73:09:2c:15:0f:15:3a:ec:d6:3b:
7c:4b:27:a8:6d:01:2a:bd:ea:7c:33:62:66:68:15:
5e:b5:e4:41:ac:7d:2e:96:29:e5:74:60:a5:3f:ea:
ef:0a:64:78:6e:d4:20:6a:03:fa:c6:35:c2:7f:d2:
47:c6:f5:d6:bd:e7:0e:b6:a4:26:0b:a6:8d:c1:44:
5c:a7:7f:74:83:b4:10:42:68:06:5f:e1:69:ed:d7:
f1:a7:d9:c9:d7:b7:ba:c8:a8:29:34:a8:99:a2:45:
cc:c4:a8:f7:d0:dd:5f:ef:23:63:41:50:50:c6:a8:
bf:0c:9c:1c:86:02:3f:ff:59:35:65:23:e8:73:c0:
be:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D1:74:3D:DB:4A:EB:8E:8E:10:7A:00:DF:6D:4A:50:8D:88:9B:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/19
Signature Algorithm: sha256WithRSAEncryption
4a:6c:f9:b2:c5:32:0a:d7:4c:0a:08:b3:3e:da:78:ff:a8:c1:
c7:3d:32:89:d7:7e:f0:da:1c:1c:a9:bf:48:aa:46:26:57:ee:
59:e9:1e:5a:73:18:b1:cd:f1:2c:ca:cb:d2:ca:96:31:32:ed:
c7:5f:7b:41:14:3b:b1:44:61:a2:ec:79:f8:d6:4f:c9:e3:ec:
df:fc:bd:92:be:d7:ce:19:b8:c7:3a:53:03:f1:5f:ce:f1:16:
f9:95:31:7b:ff:6c:3d:18:f8:61:c4:57:38:e2:43:91:82:b1:
06:dc:d5:83:00:a3:2b:60:7d:42:40:08:c7:f9:08:5b:d6:83:
32:12:20:54:bc:41:fa:45:41:33:42:f2:cb:88:ec:f6:37:a3:
02:29:b5:fb:81:ce:f3:8e:32:76:ca:9e:bf:32:e9:58:71:88:
a0:3b:22:1b:26:37:d3:3d:14:bf:1f:51:cb:27:f6:de:23:98:
30:69:dd:e7:2b:1c:ab:46:56:a3:f7:49:b3:6a:d9:63:3f:c6:
90:7a:93:bb:c7:a1:36:ec:a7:31:90:20:2f:88:e1:7c:36:ff:
73:56:b0:32:f0:5c:9d:de:10:a9:70:b8:6e:7a:60:32:82:f0:
63:e7:22:be:7d:bd:b7:41:79:55:41:3e:e4:a7:e5:a5:ef:2f:
03:13:f4:47
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBjWLLwCi3BUiWAtKoKCDJysB69YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMzJaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhMTIxZmU4NDVkNzI5Y2Y3MGRiYzNlNTZkMTQ5NzkyYjljZWZmNDhhMzY3
ZTZiYzc5Y2UzZDA4Y2RlN2VjY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIx6nghLaSUKTROh+hhZqItzyi1CmaF+MjbJvQ31Iva58C7ZgvOf36WR8WTx
YQ8xneGljgnJoBSV9AA/6qDwnfus0St0ZtliVYaef+/zQHm2Ss4Oty+HrD+c9ZMQ
OmYA+ZhLuNZXXY5nru4wkY+qtYVw1Af9AknOex6HYrhzCSwVDxU67NY7fEsnqG0B
Kr3qfDNiZmgVXrXkQax9LpYp5XRgpT/q7wpkeG7UIGoD+sY1wn/SR8b11r3nDrak
JgumjcFEXKd/dIO0EEJoBl/hae3X8afZyde3usioKTSomaJFzMSo99DdX+8jY0FQ
UMaovwycHIYCP/9ZNWUj6HPAvvUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQW0XQ9
20rrjo4QegDfbUpQjYibGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGVlNmE0M2ItYjRlNC00ODlhLTljZDItMjFhNzJmMWNmNmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAigDAN
BgkqhkiG9w0BAQsFAAOCAQEASmz5ssUyCtdMCgizPtp4/6jBxz0yidd+8NocHKm/
SKpGJlfuWekeWnMYsc3xLMrL0sqWMTLtx197QRQ7sURhoux5+NZPyePs3/y9kr7X
zhm4xzpTA/FfzvEW+ZUxe/9sPRj4YcRXOOJDkYKxBtzVgwCjK2B9QkAIx/kIW9aD
MhIgVLxB+kVBM0Lyy4js9jejAim1+4HO844ydsqevzLpWHGIoDsiGyY30z0Uvx9R
yyf23iOYMGnd5yscq0ZWo/dJs2rZYz/GkHqTu8ehNuynMZAgL4jhfDb/c1awMvBc
nd4QqXC4bnpgMoLwY+civn29t0F5VUE+5Kflpe8vAxP0Rw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:21:25 2026 by rpki-client