Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
File: 9386a656-dfeb-4ebf-847d-bd931e09dd13.roa (raw, json)
Hash identifier: ZAqz7kjpnBEYUiAdp/3SCMbEyMF0x6pnF6L4FNL+B3Q=
Subject key identifier: 2B:34:74:65:E6:B4:9D:51:05:12:75:B2:99:1F:89:F8:A6:62:22:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E398377BEC73A5A62805FC24A6E2089269712B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
Signing time: Tue 19 May 2026 05:10:08 +0000
ROA not before: Tue 19 May 2026 05:10:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:39:83:77:be:c7:3a:5a:62:80:5f:c2:4a:6e:20:89:26:97:12:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=7b935cf44a65431c3764b2d8a55523a8cbd33643883edf023270e6dc38c90c97, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:11:bb:5e:d6:7d:b7:0d:97:bc:2b:2a:99:84:
60:2e:0e:2c:dd:1b:4d:9b:6f:a4:4e:ab:a3:17:4d:
6c:32:65:1d:fe:4c:a1:b1:57:f7:a4:f9:3c:e3:7f:
c7:c3:e2:ce:c9:a6:37:76:0b:8e:f6:25:4d:07:57:
4b:2c:c6:68:ef:04:2d:21:d1:25:b6:61:d6:6e:75:
e6:58:a2:0f:a7:cd:55:71:bd:4f:0e:83:ef:0a:2a:
6f:31:50:67:d1:26:ee:02:c1:71:4f:08:82:da:7f:
76:ef:02:75:06:36:93:7a:54:4b:40:2e:4d:58:44:
8b:52:0f:6c:ce:dc:e4:aa:61:0e:0f:69:8d:dc:06:
49:03:40:d1:fc:9c:02:0f:1e:ff:65:bc:70:73:f2:
7e:00:62:ba:48:4f:d7:14:9e:8b:84:89:6f:55:7e:
0a:9a:47:b2:1b:95:6b:87:8f:c4:06:ba:8c:0e:8c:
8d:41:cd:a9:16:52:a3:28:61:25:4c:d7:79:ab:d7:
8e:8b:fc:e7:15:c9:39:9d:2a:4d:7b:c7:1f:8b:32:
1e:8b:aa:d8:de:11:2e:d5:59:2c:b5:7b:9e:58:8b:
b7:33:ff:75:62:24:c2:f5:bb:c1:6b:d5:1b:b3:95:
37:fa:26:ac:b4:dd:a8:7a:26:78:1f:8f:58:f2:65:
c8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:34:74:65:E6:B4:9D:51:05:12:75:B2:99:1F:89:F8:A6:62:22:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
9d:31:67:d1:98:70:3f:91:cc:10:4b:b7:1b:6c:a0:74:65:2d:
d7:73:b6:ee:b5:d1:c5:2e:35:be:dc:0f:aa:9d:fc:6e:59:38:
94:99:5b:4f:70:3d:6e:2b:b0:48:78:5a:ab:f1:1a:b8:0e:8e:
98:05:8c:d2:2f:23:95:f0:d4:10:ca:3e:d0:aa:67:ef:c0:42:
11:22:ba:1d:ac:a2:a7:95:24:c5:df:71:93:0a:09:79:6b:30:
3a:20:8f:19:c1:37:ce:d5:a2:c6:9e:66:17:84:ea:bd:6e:23:
2e:c5:60:44:5e:7f:ba:60:3d:89:65:7a:9e:a5:fa:c0:b3:71:
c6:85:b4:39:21:ce:c7:60:17:8a:87:65:1b:82:3f:be:bf:96:
d5:23:89:a3:2b:16:e4:20:9c:31:77:3e:29:9b:ef:af:b3:0e:
b5:50:ba:93:69:79:17:c7:0e:b3:b0:98:47:32:2f:f9:1c:5d:
ca:3b:c6:f1:78:04:cc:1e:4d:55:fe:ff:7d:17:6a:86:d1:a5:
39:ac:6c:d9:c8:3e:9e:ec:ec:c0:35:ad:52:16:c7:d4:27:43:
58:10:0f:0f:fe:c8:6a:b8:17:b8:62:ac:87:27:c0:4c:96:2e:
1e:8a:53:d9:60:2d:6a:0a:ef:dd:71:12:2c:e4:b4:b1:55:cc:
5a:2a:25:3b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXjmDd77HOlpigF/CSm4giSaXErUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiOTM1Y2Y0NGE2NTQzMWMzNzY0YjJkOGE1NTUyM2E4Y2JkMzM2NDM4ODNl
ZGYwMjMyNzBlNmRjMzhjOTBjOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMRu17WfbcNl7wrKpmEYC4OLN0bTZtvpE6roxdNbDJlHf5MobFX96T5PON/
x8PizsmmN3YLjvYlTQdXSyzGaO8ELSHRJbZh1m515liiD6fNVXG9Tw6D7woqbzFQ
Z9Em7gLBcU8Igtp/du8CdQY2k3pUS0AuTVhEi1IPbM7c5KphDg9pjdwGSQNA0fyc
Ag8e/2W8cHPyfgBiukhP1xSei4SJb1V+CppHshuVa4ePxAa6jA6MjUHNqRZSoyhh
JUzXeavXjov85xXJOZ0qTXvHH4syHouq2N4RLtVZLLV7nliLtzP/dWIkwvW7wWvV
G7OVN/omrLTdqHomeB+PWPJlyJcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQrNHRl
5rSdUQUSdbKZH4n4pmIiVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM4NmE2NTYtZGZlYi00ZWJmLTg0N2QtYmQ5MzFlMDlkZDEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAnTFn0ZhwP5HMEEu3G2ygdGUt13O27rXRxS41vtwP
qp38blk4lJlbT3A9biuwSHhaq/EauA6OmAWM0i8jlfDUEMo+0Kpn78BCESK6Hayi
p5Ukxd9xkwoJeWswOiCPGcE3ztWixp5mF4TqvW4jLsVgRF5/umA9iWV6nqX6wLNx
xoW0OSHOx2AXiodlG4I/vr+W1SOJoysW5CCcMXc+KZvvr7MOtVC6k2l5F8cOs7CY
RzIv+RxdyjvG8XgEzB5NVf7/fRdqhtGlOaxs2cg+nuzswDWtUhbH1CdDWBAPD/7I
argXuGKshyfATJYuHopT2WAtagrv3XESLOS0sVXMWiolOw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:54 2026 by rpki-client