Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
File: b2928b95-2f30-4b39-bb79-f70b43a46278.roa (raw, json)
Hash identifier: +roJ5htQyvfmDGP80OGsUaKEbeK3QfziFKSNV3tBekw=
Subject key identifier: 7B:45:95:BB:8B:8C:22:09:6C:F4:86:69:3D:12:F7:E9:A2:74:AE:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61D2C4F8F2777E99C1824DB4864A6F40EC61E857
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
Signing time: Fri 20 Feb 2026 01:50:36 +0000
ROA not before: Fri 20 Feb 2026 01:50:36 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:d2:c4:f8:f2:77:7e:99:c1:82:4d:b4:86:4a:6f:40:ec:61:e8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:36 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=e264347d0bc0f571bd4d316fb5e63e745078d6dda0952c09ebd14d03ae2adc46, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:a7:9b:ff:29:68:e1:33:8c:6b:9c:56:0f:d2:
d0:11:f4:74:1f:13:db:21:c1:bb:e8:78:99:80:33:
88:61:d4:34:9e:40:73:c3:97:81:8b:7f:28:93:ce:
d3:9a:fa:7f:03:fb:69:d4:e3:a9:00:03:9f:9f:ce:
65:92:8f:73:52:ef:89:66:8c:40:38:45:ad:94:32:
41:e5:62:e1:0e:07:45:f5:1f:da:0c:cf:51:71:c2:
c9:d7:c2:74:07:26:75:c1:c4:f7:df:80:db:7e:bb:
31:78:73:96:4a:72:25:4b:5b:dd:5a:7e:0d:d8:e5:
00:2a:27:92:b8:b9:58:54:6f:cf:6e:c7:8d:79:dd:
11:59:9f:01:5c:fa:cb:af:91:8a:ac:6a:50:0f:08:
a9:9a:17:27:9e:67:d7:29:16:48:6a:74:c5:a2:c5:
c2:ba:29:9a:d5:35:51:29:2d:ed:07:ed:f9:43:e1:
d4:83:72:97:fe:84:84:70:52:f0:68:02:db:75:1f:
1b:12:8a:8d:95:01:78:e5:55:24:fa:78:8c:39:a4:
65:98:0b:7e:73:41:5d:fa:2a:14:58:ac:8d:b9:52:
2b:ba:d5:5a:48:2c:b2:04:e8:17:f6:cd:2a:3e:ef:
9d:37:58:80:e0:bf:16:49:ad:84:b0:bd:9d:b3:39:
2f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:45:95:BB:8B:8C:22:09:6C:F4:86:69:3D:12:F7:E9:A2:74:AE:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.84.0/22
Signature Algorithm: sha256WithRSAEncryption
07:23:a8:92:2a:4f:d7:cc:ab:e0:21:22:3f:e3:05:8c:f3:5c:
b1:aa:d3:d0:60:8d:66:71:4a:71:f2:3a:30:06:9f:2c:48:49:
6b:be:6c:62:2c:e5:36:f3:12:06:89:90:ec:4b:c9:80:92:7d:
7f:08:37:1d:bc:af:70:57:08:c1:b5:b2:8c:14:9e:b8:0e:8f:
f2:35:47:55:85:a2:25:51:78:dd:51:a1:0b:7e:55:ec:83:42:
d1:ee:d0:d1:13:6d:63:bd:59:24:6d:71:e9:ea:23:bf:6e:8f:
de:b2:1b:23:cc:2c:19:9b:ee:c6:72:2b:01:6f:8c:c4:a5:d7:
74:d3:2a:64:b3:37:49:8d:67:60:cc:ee:3b:43:16:76:1d:22:
13:e3:1a:32:89:8b:f7:e2:d8:3c:18:2d:22:d3:36:f5:29:65:
00:18:3a:71:10:d8:7a:53:d9:55:5b:5f:a3:1b:4d:9f:54:5f:
23:fd:91:de:8c:d8:df:b2:1d:44:e6:7a:16:fb:4c:c6:c9:69:
ff:25:87:2d:6c:04:fe:41:78:f2:bb:7c:76:b5:18:89:fd:0b:
9b:cf:3d:40:bb:fe:cc:8b:a0:ac:0a:b2:9f:30:fb:bd:86:c4:
d8:4e:19:aa:30:36:00:9c:bf:f8:07:cb:8c:66:2e:8b:58:a7:
7f:26:24:1f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYdLE+PJ3fpnBgk20hkpvQOxh6FcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMzZaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyNjQzNDdkMGJjMGY1NzFiZDRkMzE2ZmI1ZTYzZTc0NTA3OGQ2ZGRhMDk1
MmMwOWViZDE0ZDAzYWUyYWRjNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOmnm/8paOEzjGucVg/S0BH0dB8T2yHBu+h4mYAziGHUNJ5Ac8OXgYt/KJPO
05r6fwP7adTjqQADn5/OZZKPc1LviWaMQDhFrZQyQeVi4Q4HRfUf2gzPUXHCydfC
dAcmdcHE99+A2367MXhzlkpyJUtb3Vp+DdjlAConkri5WFRvz27HjXndEVmfAVz6
y6+RiqxqUA8IqZoXJ55n1ykWSGp0xaLFwropmtU1USkt7Qft+UPh1INyl/6EhHBS
8GgC23UfGxKKjZUBeOVVJPp4jDmkZZgLfnNBXfoqFFisjblSK7rVWkgssgToF/bN
Kj7vnTdYgOC/FkmthLC9nbM5LxUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR7RZW7
i4wiCWz0hmk9EvfponSuQzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjI5MjhiOTUtMmYzMC00YjM5LWJiNzktZjcwYjQzYTQ2Mjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgVDAN
BgkqhkiG9w0BAQsFAAOCAQEAByOokipP18yr4CEiP+MFjPNcsarT0GCNZnFKcfI6
MAafLEhJa75sYizlNvMSBomQ7EvJgJJ9fwg3HbyvcFcIwbWyjBSeuA6P8jVHVYWi
JVF43VGhC35V7INC0e7Q0RNtY71ZJG1x6eojv26P3rIbI8wsGZvuxnIrAW+MxKXX
dNMqZLM3SY1nYMzuO0MWdh0iE+MaMomL9+LYPBgtItM29SllABg6cRDYelPZVVtf
oxtNn1RfI/2R3ozY37IdROZ6FvtMxslp/yWHLWwE/kF48rt8drUYif0Lm889QLv+
zIugrAqynzD7vYbE2E4ZqjA2AJy/+AfLjGYui1infyYkHw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:48:25 2026 by rpki-client