Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
File: b2048b1c-363b-4b59-9d56-dc72187194a3.roa (raw, json)
Hash identifier: CK5/FX41L87dOwuiiQaXH/QZdSXA+U19rXyZ9wrMfpQ=
Subject key identifier: E8:DF:F1:7A:88:E3:75:CE:DB:E9:BB:CE:88:D7:A9:71:0F:CE:35:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5434679E3DB9E8D7B4EBC21A18E7A0A71D59C9F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
Signing time: Fri 20 Feb 2026 01:50:55 +0000
ROA not before: Fri 20 Feb 2026 01:50:55 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:34:67:9e:3d:b9:e8:d7:b4:eb:c2:1a:18:e7:a0:a7:1d:59:c9:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:55 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=b3716430248f37e59a956a6041959a0919aa9f2ae6873b39494d0c52ace5100d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:63:4c:a7:ec:e8:96:cb:4f:01:0c:c2:b7:b2:
28:a4:63:8d:ae:a9:d6:17:9e:de:1b:f5:2c:6e:31:
30:f0:d2:8d:d5:52:c3:6e:38:19:6b:d4:12:c0:4d:
0f:d9:9a:12:6c:cf:12:4b:a9:06:9e:d1:6b:64:ff:
c9:cd:9b:c5:dd:09:45:64:94:c4:3d:86:4e:86:1f:
76:4e:88:54:87:60:78:65:42:93:c2:31:09:36:3a:
20:dc:84:8b:a5:29:4d:04:78:39:db:b4:34:ce:11:
ce:7d:46:60:7d:a0:20:d3:be:4f:46:e0:14:e0:74:
e6:47:69:3d:6c:33:e6:12:04:d0:7f:6f:db:e4:76:
53:e6:c7:19:a2:b7:c3:bb:25:1d:e3:3d:79:44:e5:
27:41:31:31:c2:3d:a3:e4:cb:8d:cb:70:9c:00:ce:
9e:a2:92:59:0b:db:71:d8:78:47:65:c5:92:7c:c7:
ed:43:ca:22:92:c3:4b:04:65:3c:7a:c6:c8:7b:5a:
49:d8:0e:2b:18:fb:a8:d7:f3:40:65:85:f4:a6:1d:
a7:bf:5c:67:a5:47:fc:21:cb:69:5e:44:4c:e9:3f:
40:6a:ab:2b:20:39:6f:07:8a:5d:39:c8:15:42:97:
c3:dc:2e:49:73:32:e4:44:4f:f4:fc:5a:da:7a:3b:
2e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:DF:F1:7A:88:E3:75:CE:DB:E9:BB:CE:88:D7:A9:71:0F:CE:35:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2048b1c-363b-4b59-9d56-dc72187194a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.20.0/22
Signature Algorithm: sha256WithRSAEncryption
17:d0:3e:e4:15:ca:95:3c:50:17:75:d8:a2:00:97:82:52:99:
87:09:fc:07:49:4a:97:b7:e6:4e:e9:72:87:ee:88:ff:a4:74:
71:cf:ec:41:dd:93:6a:b4:31:00:19:e9:ed:c5:3a:da:aa:eb:
5b:0c:65:4e:e8:f0:53:a8:cb:53:7d:aa:5f:6b:07:89:8a:c4:
6f:93:3f:17:01:5d:8c:8f:0a:e9:6b:f9:dd:7a:46:ce:54:24:
c4:dd:98:ce:ec:e0:54:78:19:5f:0e:5c:e9:2d:4a:c8:82:e4:
6d:5b:55:39:c8:ab:a0:7f:8c:3b:a6:c4:7b:6b:a0:dd:99:a5:
5c:36:c2:d7:67:62:06:ab:64:60:52:88:bc:08:60:f3:95:a0:
30:e9:a5:e8:06:b8:e5:98:5f:5a:ef:ab:c9:3d:b1:f5:90:b5:
d1:d8:9d:9d:6f:09:7b:19:f3:14:60:69:2d:e5:c6:67:83:de:
48:cc:28:ce:37:71:5d:4e:2a:6a:70:65:ee:f8:f1:77:94:29:
b3:2b:34:e9:6a:ff:e0:d1:17:86:1e:5e:46:c8:d2:cd:88:fd:
25:ba:42:d4:0e:a9:a5:9e:35:38:d7:05:f8:f6:09:03:97:df:
6a:fb:1c:49:9a:b5:09:ee:18:1b:0c:97:f9:87:0f:b4:da:32:
03:13:0b:33
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVDRnnj256Ne068IaGOegpx1ZyfcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwNTVaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzNzE2NDMwMjQ4ZjM3ZTU5YTk1NmE2MDQxOTU5YTA5MTlhYTlmMmFlNjg3
M2IzOTQ5NGQwYzUyYWNlNTEwMGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNjTKfs6JbLTwEMwreyKKRjja6p1hee3hv1LG4xMPDSjdVSw244GWvUEsBN
D9maEmzPEkupBp7Ra2T/yc2bxd0JRWSUxD2GToYfdk6IVIdgeGVCk8IxCTY6INyE
i6UpTQR4Odu0NM4Rzn1GYH2gINO+T0bgFOB05kdpPWwz5hIE0H9v2+R2U+bHGaK3
w7slHeM9eUTlJ0ExMcI9o+TLjctwnADOnqKSWQvbcdh4R2XFknzH7UPKIpLDSwRl
PHrGyHtaSdgOKxj7qNfzQGWF9KYdp79cZ6VH/CHLaV5ETOk/QGqrKyA5bweKXTnI
FUKXw9wuSXMy5ERP9Pxa2no7Lk0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTo3/F6
iON1ztvpu86I16lxD8414DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjIwNDhiMWMtMzYzYi00YjU5LTlkNTYtZGM3MjE4NzE5NGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiFDAN
BgkqhkiG9w0BAQsFAAOCAQEAF9A+5BXKlTxQF3XYogCXglKZhwn8B0lKl7fmTuly
h+6I/6R0cc/sQd2TarQxABnp7cU62qrrWwxlTujwU6jLU32qX2sHiYrEb5M/FwFd
jI8K6Wv53XpGzlQkxN2YzuzgVHgZXw5c6S1KyILkbVtVOciroH+MO6bEe2ug3Zml
XDbC12diBqtkYFKIvAhg85WgMOml6Aa45ZhfWu+ryT2x9ZC10didnW8JexnzFGBp
LeXGZ4PeSMwozjdxXU4qanBl7vjxd5Qpsys06Wr/4NEXhh5eRsjSzYj9JbpC1A6p
pZ41ONcF+PYJA5ffavscSZq1Ce4YGwyX+YcPtNoyAxMLMw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:38:48 2026 by rpki-client