Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
File: 9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa (raw, json)
Hash identifier: 5LWDoj8Ble8/uzDHIz9E42qhp6MS/D2CvvzBuJN4eRo=
Subject key identifier: 50:C2:73:5C:70:E4:7D:43:8B:D6:C0:0E:9F:B2:8D:7C:B1:CF:44:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7930DA9D0AD569BD5A4AB0B183BB90FBFCFE3400
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
Signing time: Tue 19 May 2026 05:00:37 +0000
ROA not before: Tue 19 May 2026 05:00:37 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:30:da:9d:0a:d5:69:bd:5a:4a:b0:b1:83:bb:90:fb:fc:fe:34:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:37 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=232530100cae54ecd0441b5fbf811bcbacc7d6c7b44c064e667984709facc97a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6a:66:19:a8:57:5f:c7:f5:e4:da:ed:02:be:
90:f6:16:1d:e5:3c:22:ad:07:f6:f5:b9:1c:69:61:
e2:2c:18:46:52:8c:47:0d:77:11:c9:93:0c:69:ca:
50:73:64:51:89:df:d2:99:1c:3d:ce:02:67:d8:93:
08:74:74:f6:3e:29:71:4d:34:ff:f8:e1:d1:8f:1b:
8c:b7:f5:7d:df:45:d9:54:34:9d:8c:f0:e1:ee:c8:
c3:83:37:ff:c2:1a:ba:0f:24:aa:9e:9a:56:7f:02:
57:74:6f:da:9c:73:ba:e0:be:1e:3d:40:03:83:36:
55:f8:26:25:ba:5e:25:db:63:99:32:0f:ec:f9:71:
02:10:2f:ad:12:1c:46:ee:10:40:97:45:7f:8c:2f:
2a:d7:ad:cd:52:fd:27:34:a7:73:1c:37:8b:84:44:
e1:ec:61:3f:70:15:07:84:cd:87:9f:dd:f8:70:71:
ad:04:ec:69:c6:7a:0d:90:7c:e2:bd:b7:26:ec:13:
1e:b9:cd:79:bc:6c:bf:b5:fc:48:b1:20:76:5c:84:
0b:36:21:26:f4:15:1e:f0:23:bb:0d:d2:b0:4f:ac:
bb:54:bc:83:dc:ad:68:2a:5d:aa:ea:67:90:d3:34:
83:8f:3a:81:e1:3a:b0:44:98:be:05:0e:ef:48:41:
50:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:C2:73:5C:70:E4:7D:43:8B:D6:C0:0E:9F:B2:8D:7C:B1:CF:44:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.104.0/21
Signature Algorithm: sha256WithRSAEncryption
a1:b7:7b:50:f6:7f:af:01:91:39:9f:b2:28:a4:84:41:34:70:
a8:9e:29:ad:ca:d6:a0:c4:bf:21:98:2b:22:5c:d0:a4:7f:e3:
81:aa:20:fa:e3:56:0a:b2:34:f6:05:bd:6a:9a:de:f5:21:52:
46:b5:40:a3:ec:aa:8e:c5:6e:1f:72:a6:84:0e:df:c2:28:0d:
c6:52:d4:6d:77:82:ad:84:2a:6e:4f:77:ae:34:23:98:97:07:
a5:5c:04:6c:50:c7:e3:c0:fa:7e:9c:46:d4:3e:bc:31:3d:75:
83:15:68:fa:d5:32:aa:96:c9:8e:4c:53:df:85:c7:49:69:60:
47:55:63:8a:bb:7e:9f:72:e9:41:3c:c8:35:f0:c2:4b:31:c8:
2b:b5:19:15:79:37:47:06:72:2e:94:b8:ae:73:ea:1a:ad:13:
06:17:4f:39:25:2d:99:55:50:17:ef:4f:5e:83:08:fd:27:b0:
3f:da:47:6d:82:66:d5:fa:f1:94:08:85:52:32:23:93:c5:7a:
27:54:3e:d9:1e:1f:fa:34:45:91:29:ef:d1:2a:ea:ba:f9:51:
f7:5f:85:4e:dc:3c:6e:3a:19:51:9b:bd:38:5b:4e:7a:aa:e7:
7c:4d:c8:99:46:31:4a:a3:c7:f1:92:b3:47:94:20:61:89:95:
e5:61:8c:b8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeTDanQrVab1aSrCxg7uQ+/z+NAAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMzdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzMjUzMDEwMGNhZTU0ZWNkMDQ0MWI1ZmJmODExYmNiYWNjN2Q2YzdiNDRj
MDY0ZTY2Nzk4NDcwOWZhY2M5N2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhqZhmoV1/H9eTa7QK+kPYWHeU8Iq0H9vW5HGlh4iwYRlKMRw13EcmTDGnK
UHNkUYnf0pkcPc4CZ9iTCHR09j4pcU00//jh0Y8bjLf1fd9F2VQ0nYzw4e7Iw4M3
/8Iaug8kqp6aVn8CV3Rv2pxzuuC+Hj1AA4M2VfgmJbpeJdtjmTIP7PlxAhAvrRIc
Ru4QQJdFf4wvKtetzVL9JzSncxw3i4RE4exhP3AVB4TNh5/d+HBxrQTsacZ6DZB8
4r23JuwTHrnNebxsv7X8SLEgdlyECzYhJvQVHvAjuw3SsE+su1S8g9ytaCpdqupn
kNM0g486geE6sESYvgUO70hBUO0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRQwnNc
cOR9Q4vWwA6fso18sc9EqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVlY2ZhNmQtZWIxYi00ZjExLTllZDMtNDUwYTIxYWJkYzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgaDAN
BgkqhkiG9w0BAQsFAAOCAQEAobd7UPZ/rwGROZ+yKKSEQTRwqJ4prcrWoMS/IZgr
IlzQpH/jgaog+uNWCrI09gW9apre9SFSRrVAo+yqjsVuH3KmhA7fwigNxlLUbXeC
rYQqbk93rjQjmJcHpVwEbFDH48D6fpxG1D68MT11gxVo+tUyqpbJjkxT34XHSWlg
R1Vjirt+n3LpQTzINfDCSzHIK7UZFXk3RwZyLpS4rnPqGq0TBhdPOSUtmVVQF+9P
XoMI/SewP9pHbYJm1frxlAiFUjIjk8V6J1Q+2R4f+jRFkSnv0SrquvlR91+FTtw8
bjoZUZu9OFtOeqrnfE3ImUYxSqPH8ZKzR5QgYYmV5WGMuA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:44 2026 by rpki-client