Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
File: 9386a656-dfeb-4ebf-847d-bd931e09dd13.roa (raw, json)
Hash identifier: nYz9csiaVBIgs/dp9GcXm2tUCDcdMTuZZUNSG7sof34=
Subject key identifier: 3F:BD:94:14:EA:F1:5F:5C:42:4A:E9:8B:C0:D0:C1:DF:85:6D:2F:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 237F2C25D26B37565BDD7725743C4B064AC50748
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
Signing time: Sat 28 Feb 2026 05:51:29 +0000
ROA not before: Sat 28 Feb 2026 05:51:29 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:7f:2c:25:d2:6b:37:56:5b:dd:77:25:74:3c:4b:06:4a:c5:07:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:29 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=06ff9e928e8b75f5e2d31d2c5372ce9cd9b7dd026180db632e25b3be28a6ea59, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:97:1f:2b:2c:ef:fd:73:53:94:7f:ce:25:96:
ea:a6:53:f7:8a:42:87:5b:e6:9c:d6:eb:e0:b7:61:
b2:33:fd:50:77:23:c6:38:e0:d4:0e:5e:13:60:61:
d2:44:c3:99:8b:5f:57:91:b0:fa:e5:22:d3:41:70:
93:c8:7b:8f:e8:3a:3f:73:55:95:f4:69:f2:90:d7:
b2:f4:f7:d9:62:d4:7d:2d:82:f0:9f:fa:e8:77:3d:
54:88:3e:1e:32:35:69:1c:20:36:70:77:c5:f9:76:
2a:bd:d9:14:c9:bb:29:4a:eb:1e:db:f6:99:c8:3c:
7b:95:d5:4d:2c:fc:9d:ae:6d:bb:bf:ff:ee:d6:28:
ca:f9:de:78:b5:12:93:ed:9b:78:78:51:54:e8:4e:
ed:91:59:fc:e3:fc:f4:c2:b1:6e:1e:27:84:c7:8c:
ec:14:7c:bf:47:3d:db:48:b0:5f:94:ad:a6:84:91:
f5:a2:48:bb:db:1e:4a:21:43:62:6e:ac:0c:e1:b5:
d0:12:ef:cd:5f:54:f1:e2:2d:c0:c0:20:f7:29:54:
1c:ce:d9:66:30:e6:90:34:e0:51:53:53:64:3c:57:
5d:6a:27:96:9c:db:09:b0:12:7b:ba:b1:a9:b1:f5:
a6:35:4d:5d:54:a0:49:92:23:a7:4f:2e:00:5d:9c:
f2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:BD:94:14:EA:F1:5F:5C:42:4A:E9:8B:C0:D0:C1:DF:85:6D:2F:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
60:3c:2e:c6:43:2b:7d:13:0e:3b:c0:8a:c5:e6:53:25:97:bf:
f6:fc:33:b9:fd:52:5a:03:f8:06:42:36:d0:24:9e:1b:47:37:
79:a9:99:6b:10:fe:d9:34:c9:17:86:bb:e5:28:41:cd:90:dd:
9d:65:56:5d:d6:68:db:c5:7d:29:9b:35:64:87:23:5c:1e:5b:
8f:c8:75:87:06:d4:2c:c2:88:8e:25:d7:87:48:f7:32:73:3d:
19:89:fa:23:92:0c:ff:23:d7:fc:34:77:2b:a5:b5:96:ad:63:
c8:e4:53:11:11:87:ff:f8:85:f6:05:51:26:4e:f7:6a:62:65:
34:b7:14:5f:be:39:91:54:17:2d:63:5d:9d:9f:5c:31:0f:8b:
0e:df:dc:b1:4e:c1:b9:79:fb:27:d8:1e:a5:0a:6e:12:13:ed:
48:54:6b:52:cb:15:06:b8:ba:9a:1b:cf:9a:e4:e2:bc:8b:77:
48:55:01:2e:30:6f:0f:5a:5a:96:6d:12:1c:ea:b3:bb:0e:9b:
1a:a2:f1:d9:8f:4b:51:85:09:e0:94:af:49:8e:e1:35:01:f8:
f6:ea:4a:c8:9f:c2:54:ad:3c:3b:c1:df:d4:f8:1c:1e:a3:9f:
27:02:b5:a6:bb:ee:e9:29:89:db:65:f9:fa:ed:13:b2:1e:f3:
55:97:f4:7e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUI38sJdJrN1Zb3XcldDxLBkrFB0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMjlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2ZmY5ZTkyOGU4Yjc1ZjVlMmQzMWQyYzUzNzJjZTljZDliN2RkMDI2MTgw
ZGI2MzJlMjViM2JlMjhhNmVhNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJyXHyss7/1zU5R/ziWW6qZT94pCh1vmnNbr4LdhsjP9UHcjxjjg1A5eE2Bh
0kTDmYtfV5Gw+uUi00Fwk8h7j+g6P3NVlfRp8pDXsvT32WLUfS2C8J/66Hc9VIg+
HjI1aRwgNnB3xfl2Kr3ZFMm7KUrrHtv2mcg8e5XVTSz8na5tu7//7tYoyvneeLUS
k+2beHhRVOhO7ZFZ/OP89MKxbh4nhMeM7BR8v0c920iwX5StpoSR9aJIu9seSiFD
Ym6sDOG10BLvzV9U8eItwMAg9ylUHM7ZZjDmkDTgUVNTZDxXXWonlpzbCbASe7qx
qbH1pjVNXVSgSZIjp08uAF2c8nUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ/vZQU
6vFfXEJK6YvA0MHfhW0vHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM4NmE2NTYtZGZlYi00ZWJmLTg0N2QtYmQ5MzFlMDlkZDEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAYDwuxkMrfRMOO8CKxeZTJZe/9vwzuf1SWgP4BkI2
0CSeG0c3eamZaxD+2TTJF4a75ShBzZDdnWVWXdZo28V9KZs1ZIcjXB5bj8h1hwbU
LMKIjiXXh0j3MnM9GYn6I5IM/yPX/DR3K6W1lq1jyORTERGH//iF9gVRJk73amJl
NLcUX745kVQXLWNdnZ9cMQ+LDt/csU7BuXn7J9gepQpuEhPtSFRrUssVBri6mhvP
muTivIt3SFUBLjBvD1palm0SHOqzuw6bGqLx2Y9LUYUJ4JSvSY7hNQH49upKyJ/C
VK08O8Hf1PgcHqOfJwK1prvu6SmJ22X5+u0Tsh7zVZf0fg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:30 2026 by rpki-client