Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
File: 9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa (raw, json)
Hash identifier: LEwEP6vqH+NPKD4Uwic+D0vN3CW8mbmt0e0+58QxqII=
Subject key identifier: 21:26:90:8E:3A:91:13:83:CF:C4:A9:52:9B:39:78:17:E1:00:B8:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49D11858DE42003411499EF69C44449E6EDAF4C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
Signing time: Sat 28 Feb 2026 05:41:05 +0000
ROA not before: Sat 28 Feb 2026 05:41:05 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:d1:18:58:de:42:00:34:11:49:9e:f6:9c:44:44:9e:6e:da:f4:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:41:05 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=e8c352efa4877031accd3b9c5faa61cd4c566b929d87d1600479f1d98b87ab74, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b2:2c:e4:75:40:b1:7a:82:cf:1f:37:ae:12:
90:55:86:8e:a6:0a:4d:28:58:9f:53:a8:04:65:0a:
1b:b6:43:31:73:fe:a0:0e:b8:ba:9e:e9:8a:11:90:
5d:f8:fb:f3:71:e0:f7:09:02:9d:2f:d7:88:2a:22:
f0:b6:03:b8:d2:55:56:69:ab:e7:5c:f0:d6:32:ac:
e6:ab:50:95:cc:d2:36:b6:94:80:54:81:b2:71:1b:
c2:73:74:08:09:c8:c2:d9:1c:a7:45:91:34:a7:b9:
d8:0f:6d:75:24:4f:5c:f5:51:5a:fa:bb:b6:a6:e4:
3f:83:b7:c6:bf:20:37:6f:62:b7:8c:4e:3d:40:53:
dc:5a:9b:73:88:44:93:e6:1d:e7:84:d7:c7:2b:63:
2a:f2:7f:8b:3f:a4:d5:a3:d9:04:3a:82:5c:08:a9:
f7:14:84:2a:d2:30:85:68:9b:c0:3d:ac:51:d5:fe:
36:b5:e9:06:7b:0c:f0:a8:ce:98:67:24:ab:c5:37:
76:3a:81:90:04:10:f4:cb:97:50:55:c6:a9:4b:e3:
c4:9a:aa:ef:bc:8b:d4:8b:8e:4c:3a:f0:59:94:c4:
90:3a:89:90:f6:74:cf:6d:ef:db:38:97:71:7d:fb:
3c:58:72:e8:89:f9:1b:91:86:79:1d:db:1a:54:45:
e8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:26:90:8E:3A:91:13:83:CF:C4:A9:52:9B:39:78:17:E1:00:B8:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.104.0/21
Signature Algorithm: sha256WithRSAEncryption
95:59:23:06:c5:e3:89:89:70:07:db:c9:aa:7f:8b:37:96:68:
7e:ba:4a:fc:49:9f:c1:ec:d1:c9:be:97:7a:0c:51:5d:3d:86:
24:26:9c:93:c7:d0:c1:93:8e:94:ab:f8:4f:7f:17:95:ca:cf:
68:97:d6:4a:4d:df:18:14:fb:cc:f2:63:4b:ee:40:11:0b:24:
b3:6b:7e:71:d6:a1:64:d1:8a:5b:a5:73:a1:1b:5e:0a:5f:e4:
73:1d:ee:b0:99:32:bd:62:22:ff:18:2b:ab:11:f0:5f:aa:dd:
e8:d6:4f:c7:f6:5a:71:07:60:7e:50:0c:1f:62:2b:d5:18:6c:
82:34:9b:e9:16:ba:19:d9:03:08:e9:5e:79:64:cd:8d:87:a1:
1b:b5:43:b2:cf:52:ca:59:2c:43:97:f9:78:36:70:d6:96:71:
ef:c7:02:a2:89:b0:36:9a:cb:2c:e9:5f:87:61:49:5c:f9:70:
af:53:3a:d8:e4:ee:11:d9:87:da:49:20:b5:9c:b1:51:bb:85:
0b:90:59:7a:37:fc:b7:47:52:23:45:10:c1:76:18:69:09:9f:
27:6e:27:6e:21:3c:7e:8b:0c:66:33:fe:93:cc:1f:a6:97:ff:
21:67:9a:f3:57:d0:fa:79:c2:ba:06:c5:8d:59:83:18:fd:ca:
fa:f8:8b:24
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSdEYWN5CADQRSZ72nEREnm7a9MkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTQxMDVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4YzM1MmVmYTQ4NzcwMzFhY2NkM2I5YzVmYWE2MWNkNGM1NjZiOTI5ZDg3
ZDE2MDA0NzlmMWQ5OGI4N2FiNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWyLOR1QLF6gs8fN64SkFWGjqYKTShYn1OoBGUKG7ZDMXP+oA64up7pihGQ
Xfj783Hg9wkCnS/XiCoi8LYDuNJVVmmr51zw1jKs5qtQlczSNraUgFSBsnEbwnN0
CAnIwtkcp0WRNKe52A9tdSRPXPVRWvq7tqbkP4O3xr8gN29it4xOPUBT3Fqbc4hE
k+Yd54TXxytjKvJ/iz+k1aPZBDqCXAip9xSEKtIwhWibwD2sUdX+NrXpBnsM8KjO
mGckq8U3djqBkAQQ9MuXUFXGqUvjxJqq77yL1IuOTDrwWZTEkDqJkPZ0z23v2ziX
cX37PFhy6In5G5GGeR3bGlRF6CUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQhJpCO
OpETg8/EqVKbOXgX4QC4PTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVlY2ZhNmQtZWIxYi00ZjExLTllZDMtNDUwYTIxYWJkYzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgaDAN
BgkqhkiG9w0BAQsFAAOCAQEAlVkjBsXjiYlwB9vJqn+LN5ZofrpK/EmfwezRyb6X
egxRXT2GJCack8fQwZOOlKv4T38XlcrPaJfWSk3fGBT7zPJjS+5AEQsks2t+cdah
ZNGKW6VzoRteCl/kcx3usJkyvWIi/xgrqxHwX6rd6NZPx/ZacQdgflAMH2Ir1Rhs
gjSb6Ra6GdkDCOleeWTNjYehG7VDss9SylksQ5f5eDZw1pZx78cCoomwNprLLOlf
h2FJXPlwr1M62OTuEdmH2kkgtZyxUbuFC5BZejf8t0dSI0UQwXYYaQmfJ24nbiE8
fosMZjP+k8wfppf/IWea81fQ+nnCugbFjVmDGP3K+viLJA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:46:11 2026 by rpki-client