Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
File: 9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa (raw, json)
Hash identifier: tAuI/4CvWww0CxI9y77bUmH70l4/Go/8aKIqIAkwBR4=
Subject key identifier: D4:E0:38:77:5E:0C:43:57:0B:69:9F:80:49:09:16:38:A0:32:84:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A64C8A3F5C6D954D4A649E1A55355EB68743E3C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
Signing time: Thu 14 May 2026 01:40:06 +0000
ROA not before: Thu 14 May 2026 01:40:06 +0000
ROA not after: Wed 12 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:64:c8:a3:f5:c6:d9:54:d4:a6:49:e1:a5:53:55:eb:68:74:3e:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 14 01:40:06 2026 GMT
Not After : Aug 12 23:59:59 2026 GMT
Subject: serialNumber=fcf2bc6e5714070e6d447811937d43c2991c5784a30bca7594f4c73c5609e21f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d8:45:8e:86:6c:ff:b8:25:ad:16:15:75:df:
40:c0:f8:48:df:fa:23:07:7a:cd:9d:94:f4:f3:d2:
dc:e9:4f:84:87:9c:17:a0:48:f7:07:55:c5:8e:60:
d1:4d:4c:4c:a0:ff:c3:65:ab:77:a2:ed:a7:c3:78:
44:f0:0f:15:c5:16:26:3c:ad:7c:5d:ee:e0:b9:9f:
41:4d:19:5d:cf:c5:df:b9:0c:ef:5c:e4:85:84:e0:
a9:b6:cc:21:83:7b:13:4a:c4:bb:76:41:a2:ba:03:
e7:a4:38:d4:c8:9e:28:8b:ce:c2:76:e9:25:e1:74:
60:d0:b1:dc:57:73:52:19:a1:57:7f:ef:0a:e9:49:
85:c1:be:8e:f8:51:21:96:1b:38:22:d7:bc:aa:89:
84:e9:fd:a2:2e:2f:a3:9a:31:31:56:92:0e:37:12:
ac:fb:9c:29:2f:9e:76:24:35:f4:0e:73:ec:22:8b:
01:3b:15:45:a7:e2:0a:0e:0e:ef:dd:7d:91:49:9b:
22:a6:45:8b:bc:cf:d7:07:c6:18:95:f0:7d:c0:cc:
72:b9:de:2f:5c:65:66:46:81:1b:38:47:7d:82:39:
28:8b:d9:aa:a6:cd:8e:99:69:c3:a4:7c:8c:ee:13:
66:f6:98:86:b1:2b:b9:80:37:2b:ba:42:ad:76:1e:
ac:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E0:38:77:5E:0C:43:57:0B:69:9F:80:49:09:16:38:A0:32:84:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/20
Signature Algorithm: sha256WithRSAEncryption
43:f1:88:db:c7:3e:d7:5a:b4:7c:9c:29:78:a4:0d:12:23:c3:
b2:d7:ed:59:77:e4:e2:33:74:22:8f:8a:20:80:af:b2:93:1c:
0f:06:0f:b9:f7:82:00:30:cc:52:4e:8e:c2:ac:2f:be:82:e8:
c8:0a:1e:b9:65:87:1b:02:f2:ca:0c:63:fc:4a:12:9d:ff:8b:
06:9d:36:0b:b1:0e:9e:7a:62:08:12:14:e2:e6:4c:eb:d6:6b:
d2:ff:d7:31:9b:0d:52:93:c0:0a:c8:d0:1f:44:ea:4a:96:c5:
bb:6f:a1:3f:6f:8a:98:b7:54:fc:e8:80:c7:35:00:f3:3b:98:
b6:23:0e:c1:64:db:6d:c5:41:12:ee:ed:0c:bb:d4:87:5a:d7:
0a:f7:f8:94:5f:de:23:24:67:ed:84:32:1a:a5:ea:87:e7:02:
20:a2:e3:1f:8d:9b:31:3f:c2:93:0f:48:fd:1e:d2:51:8e:23:
a5:0c:b9:df:d7:fd:f2:ad:b6:f0:09:3b:11:21:71:f7:89:28:
c8:9c:e5:bb:2f:fe:58:b0:fc:c1:44:41:1a:66:2f:44:0f:a4:
7e:bb:0c:18:2b:34:4d:aa:99:ed:2f:fd:25:df:f3:ad:4c:22:
71:23:68:37:e8:a9:08:89:06:3f:04:b5:b4:e1:91:09:1a:be:
ac:b0:dd:57
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWmTIo/XG2VTUpknhpVNV62h0PjwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTQwMTQwMDZaFw0yNjA4MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjZjJiYzZlNTcxNDA3MGU2ZDQ0NzgxMTkzN2Q0M2MyOTkxYzU3ODRhMzBi
Y2E3NTk0ZjRjNzNjNTYwOWUyMWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7YRY6GbP+4Ja0WFXXfQMD4SN/6Iwd6zZ2U9PPS3OlPhIecF6BI9wdVxY5g
0U1MTKD/w2Wrd6Ltp8N4RPAPFcUWJjytfF3u4LmfQU0ZXc/F37kM71zkhYTgqbbM
IYN7E0rEu3ZBoroD56Q41MieKIvOwnbpJeF0YNCx3FdzUhmhV3/vCulJhcG+jvhR
IZYbOCLXvKqJhOn9oi4vo5oxMVaSDjcSrPucKS+ediQ19A5z7CKLATsVRafiCg4O
7919kUmbIqZFi7zP1wfGGJXwfcDMcrneL1xlZkaBGzhHfYI5KIvZqqbNjplpw6R8
jO4TZvaYhrEruYA3K7pCrXYerBUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTU4Dh3
XgxDVwtpn4BJCRY4oDKELDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM5NzI4NWYtZGRiZS00NTI1LWFjNjItYTk2ZDJmYmI1Y2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAQ/GI28c+11q0fJwpeKQNEiPDstftWXfk4jN0Io+K
IICvspMcDwYPufeCADDMUk6OwqwvvoLoyAoeuWWHGwLyygxj/EoSnf+LBp02C7EO
nnpiCBIU4uZM69Zr0v/XMZsNUpPACsjQH0TqSpbFu2+hP2+KmLdU/OiAxzUA8zuY
tiMOwWTbbcVBEu7tDLvUh1rXCvf4lF/eIyRn7YQyGqXqh+cCIKLjH42bMT/Ckw9I
/R7SUY4jpQy539f98q228Ak7ESFx94koyJzluy/+WLD8wURBGmYvRA+kfrsMGCs0
TaqZ7S/9Jd/zrUwicSNoN+ipCIkGPwS1tOGRCRq+rLDdVw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:34:14 2026 by rpki-client