Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
File: 9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa (raw, json)
Hash identifier: 6kNiBvjCzG5jiu+6xf+1XgEauYsrCmshu3JJvT4W1DM=
Subject key identifier: E8:AF:4B:08:19:1C:7A:B7:6B:EF:C6:28:6B:31:F1:54:DC:46:1F:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B68029E05B8C0B32EF573A4BE6D43A2A29654E2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
Signing time: Mon 23 Feb 2026 01:00:07 +0000
ROA not before: Mon 23 Feb 2026 01:00:07 +0000
ROA not after: Sun 24 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:68:02:9e:05:b8:c0:b3:2e:f5:73:a4:be:6d:43:a2:a2:96:54:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 23 01:00:07 2026 GMT
Not After : May 24 23:59:59 2026 GMT
Subject: serialNumber=42bde478a29e547fc5ba5cfb9ba2901bf25aca0da26942ab468a61513b0d2b9e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3c:08:49:07:c4:c0:49:40:c0:0d:f8:0a:00:
9c:e9:88:15:ff:dd:86:95:22:4d:88:7d:f9:cc:8f:
ea:7f:49:36:65:92:06:21:67:2f:66:c7:51:d0:fc:
ef:3d:d2:0d:e5:03:07:24:dd:32:a7:9f:ed:67:1d:
bc:23:76:64:9f:6e:53:ee:28:c9:2a:78:b2:95:d2:
d7:3f:b7:ad:38:5a:74:d3:75:26:45:41:01:70:2d:
e9:b4:f2:1b:3d:31:af:be:32:d2:fd:0e:d1:2f:50:
2c:08:e4:4f:03:ce:98:da:51:ff:31:9f:0c:38:9a:
19:64:4f:61:e9:00:72:9c:0f:d5:ac:6a:fa:1d:1f:
c7:8b:36:ec:f6:4a:0b:35:82:a0:27:b2:07:87:fa:
df:11:86:39:90:51:31:d5:f4:76:6f:c1:11:e7:6d:
91:4d:c0:67:92:66:de:77:49:d7:c0:00:62:01:2c:
29:4c:97:ba:93:79:81:8e:37:57:38:b9:a5:09:43:
d1:ff:f9:8c:32:4e:3f:12:c1:54:b3:29:1f:4b:52:
4c:9a:9b:51:10:7e:dc:97:cb:02:72:55:f5:00:38:
a5:c5:d7:8e:c0:24:9a:be:3b:eb:1a:2a:87:4f:f7:
13:92:56:f0:8b:7f:7f:37:25:6e:cc:f1:07:93:19:
f5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:AF:4B:08:19:1C:7A:B7:6B:EF:C6:28:6B:31:F1:54:DC:46:1F:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/20
Signature Algorithm: sha256WithRSAEncryption
b1:74:0f:b7:bc:56:80:ed:e2:03:3b:d4:ad:67:f9:b0:af:07:
85:ab:b9:56:23:c8:8e:81:6d:ec:1d:ee:8a:bc:6a:a4:57:bb:
76:aa:5a:66:02:8e:c9:dd:4e:f9:f6:55:8d:26:25:5d:94:9a:
62:fc:45:f0:31:68:cf:c2:4d:fc:11:c2:6a:82:f5:02:f3:fd:
be:cf:9d:c8:4d:d7:6f:7a:9e:fd:0b:a4:f3:05:22:9c:f6:a1:
c1:b1:11:80:e4:78:1e:a2:50:d6:56:5f:bc:4c:c7:60:8b:3e:
de:40:ce:74:f0:b1:c5:80:16:68:ef:d3:af:32:3a:d6:8e:78:
fa:79:0b:fc:44:69:a6:0d:ff:db:42:0a:60:f3:43:46:6e:9e:
90:ab:0a:79:6d:58:58:c4:a6:cf:da:54:16:a7:64:18:de:fe:
c8:e4:a9:21:10:ba:1e:2e:0e:85:20:3e:57:65:65:4b:67:f5:
7a:64:78:9b:67:47:c0:29:fd:34:d4:9c:bd:32:9e:b9:c7:6b:
4f:d7:96:a3:bf:ab:32:26:01:cb:8e:c7:04:c2:1b:d5:17:8e:
1b:06:8c:14:c6:79:00:1d:3f:89:6c:23:40:dd:f6:75:62:f0:
71:c4:6c:7b:cf:25:f0:98:5a:46:b8:7d:7a:93:9b:8a:a4:2a:
da:61:80:cb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUG2gCngW4wLMu9XOkvm1DoqKWVOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjMwMTAwMDdaFw0yNjA1MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyYmRlNDc4YTI5ZTU0N2ZjNWJhNWNmYjliYTI5MDFiZjI1YWNhMGRhMjY5
NDJhYjQ2OGE2MTUxM2IwZDJiOWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM48CEkHxMBJQMAN+AoAnOmIFf/dhpUiTYh9+cyP6n9JNmWSBiFnL2bHUdD8
7z3SDeUDByTdMqef7WcdvCN2ZJ9uU+4oySp4spXS1z+3rThadNN1JkVBAXAt6bTy
Gz0xr74y0v0O0S9QLAjkTwPOmNpR/zGfDDiaGWRPYekAcpwP1axq+h0fx4s27PZK
CzWCoCeyB4f63xGGOZBRMdX0dm/BEedtkU3AZ5Jm3ndJ18AAYgEsKUyXupN5gY43
Vzi5pQlD0f/5jDJOPxLBVLMpH0tSTJqbURB+3JfLAnJV9QA4pcXXjsAkmr476xoq
h0/3E5JW8It/fzclbszxB5MZ9RkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTor0sI
GRx6t2vvxihrMfFU3EYfpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM5NzI4NWYtZGRiZS00NTI1LWFjNjItYTk2ZDJmYmI1Y2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAsXQPt7xWgO3iAzvUrWf5sK8Hhau5ViPIjoFt7B3u
irxqpFe7dqpaZgKOyd1O+fZVjSYlXZSaYvxF8DFoz8JN/BHCaoL1AvP9vs+dyE3X
b3qe/Quk8wUinPahwbERgOR4HqJQ1lZfvEzHYIs+3kDOdPCxxYAWaO/TrzI61o54
+nkL/ERppg3/20IKYPNDRm6ekKsKeW1YWMSmz9pUFqdkGN7+yOSpIRC6Hi4OhSA+
V2VlS2f1emR4m2dHwCn9NNScvTKeucdrT9eWo7+rMiYBy47HBMIb1ReOGwaMFMZ5
AB0/iWwjQN32dWLwccRse88l8JhaRrh9epObiqQq2mGAyw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:46:29 2026 by rpki-client