Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
File: b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa (raw, json)
Hash identifier: QhyBOZtMSXHlzZ154wzhQ0VUzY9BuHcYUc0pHMWSBhw=
Subject key identifier: 8D:75:B3:E0:FB:58:3D:77:36:65:ED:BF:5B:AB:1A:12:8E:9A:CB:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12D1825FCF798A7C27F858F2E12A9E7C01B79763
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
Signing time: Fri 20 Feb 2026 01:40:08 +0000
ROA not before: Fri 20 Feb 2026 01:40:08 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.44.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:d1:82:5f:cf:79:8a:7c:27:f8:58:f2:e1:2a:9e:7c:01:b7:97:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:40:08 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=65b82120eacea610ba5053b583c6587295f5b40936953c413664292ae73d0cfe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ca:29:fb:81:1b:6f:ec:46:15:0d:e8:11:d3:
9d:5e:36:22:51:a0:cf:e5:cf:88:db:3c:d2:24:d7:
e3:da:5d:5f:f9:e3:d1:3e:09:ff:29:de:88:90:83:
96:5d:80:66:22:35:89:74:96:de:0e:d6:6a:c4:80:
ef:1b:66:9a:fd:12:db:f0:c3:c8:36:d5:18:73:f8:
e6:d1:1c:b8:26:22:55:7c:6d:31:45:07:84:71:8d:
26:c8:47:a4:42:01:0d:a6:56:ab:4e:28:4b:25:74:
60:53:4e:7c:ce:03:b4:80:c0:a5:f9:2a:98:a9:cb:
46:2a:14:86:71:ff:7f:64:77:77:4f:3a:d8:aa:5c:
6b:41:20:34:f6:02:a7:5c:84:03:1d:a0:34:3b:18:
cc:53:4b:77:91:a0:77:ff:e5:bb:83:48:5d:82:b2:
91:54:63:1b:f2:36:6a:f3:30:9e:c9:83:9c:22:1b:
92:11:e0:6b:82:0e:a0:14:c8:30:bb:ac:d3:d6:f7:
9a:42:72:6c:89:a9:b3:1c:3a:eb:a5:50:24:bd:08:
b8:dd:04:df:65:83:8c:62:1f:f4:f0:ce:91:f1:74:
13:13:49:4c:66:7d:07:43:b8:8d:62:4b:15:68:de:
bf:d4:ad:d2:0b:23:3b:5f:44:ea:db:ff:ee:af:ac:
35:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:75:B3:E0:FB:58:3D:77:36:65:ED:BF:5B:AB:1A:12:8E:9A:CB:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.44.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:7e:08:7a:e1:13:8d:b9:fa:dc:c8:21:85:cb:0f:30:01:44:
bf:f2:ff:51:af:a9:d9:4e:a5:8d:fc:3e:81:34:d6:33:49:9c:
db:d4:60:9d:b1:83:b2:02:50:38:da:e7:8d:13:53:d3:b0:af:
c2:f4:ba:28:40:83:c9:ce:91:b7:b2:28:da:e8:01:56:cb:37:
0a:f8:1d:73:b0:b1:bb:c8:47:11:b8:4f:ed:ff:8d:f4:6d:de:
40:eb:f5:cf:5b:0a:78:b1:c2:64:d0:41:94:4a:c8:f8:cb:94:
1a:11:56:bd:0a:7f:d2:56:ac:1e:b3:a1:86:7d:bf:06:e9:89:
2b:3a:d7:a3:d5:2b:4f:13:b6:0a:8e:54:ee:e7:fd:3a:71:69:
3e:d3:ad:08:25:bf:fb:0e:c4:e6:21:2c:67:63:ee:52:f4:90:
78:77:ee:a5:12:a9:27:28:68:22:b6:4b:59:56:61:0d:e9:42:
00:31:b9:6d:6b:9a:09:04:74:f6:ac:ea:5e:92:e2:51:91:8e:
f1:00:a3:de:fd:9c:78:fb:ae:c6:78:6d:f8:6b:6b:c9:1f:bf:
c8:84:99:cb:38:ba:ca:a9:7b:db:c0:3b:f9:3c:97:16:4b:8d:
3e:1c:0d:d0:f9:4a:92:b1:22:52:c8:25:3e:04:8f:d8:51:c5:
9b:1b:66:68
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEtGCX895inwn+Fjy4SqefAG3l2MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTQwMDhaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1YjgyMTIwZWFjZWE2MTBiYTUwNTNiNTgzYzY1ODcyOTVmNWI0MDkzNjk1
M2M0MTM2NjQyOTJhZTczZDBjZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOTKKfuBG2/sRhUN6BHTnV42IlGgz+XPiNs80iTX49pdX/nj0T4J/yneiJCD
ll2AZiI1iXSW3g7WasSA7xtmmv0S2/DDyDbVGHP45tEcuCYiVXxtMUUHhHGNJshH
pEIBDaZWq04oSyV0YFNOfM4DtIDApfkqmKnLRioUhnH/f2R3d0862Kpca0EgNPYC
p1yEAx2gNDsYzFNLd5Ggd//lu4NIXYKykVRjG/I2avMwnsmDnCIbkhHga4IOoBTI
MLus09b3mkJybImpsxw666VQJL0IuN0E32WDjGIf9PDOkfF0ExNJTGZ9B0O4jWJL
FWjev9St0gsjO19E6tv/7q+sNcUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSNdbPg
+1g9dzZl7b9bqxoSjprLDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjhkNTVlOWQtMjczMC00ZWMyLTkxZDUtYWY5OGE1YTUxMzQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiLDAN
BgkqhkiG9w0BAQsFAAOCAQEAf34IeuETjbn63MghhcsPMAFEv/L/Ua+p2U6ljfw+
gTTWM0mc29RgnbGDsgJQONrnjRNT07CvwvS6KECDyc6Rt7Io2ugBVss3Cvgdc7Cx
u8hHEbhP7f+N9G3eQOv1z1sKeLHCZNBBlErI+MuUGhFWvQp/0lasHrOhhn2/BumJ
KzrXo9UrTxO2Co5U7uf9OnFpPtOtCCW/+w7E5iEsZ2PuUvSQeHfupRKpJyhoIrZL
WVZhDelCADG5bWuaCQR09qzqXpLiUZGO8QCj3v2cePuuxnht+GtryR+/yISZyzi6
yql728A7+TyXFkuNPhwN0PlKkrEiUsglPgSP2FHFmxtmaA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:26:27 2026 by rpki-client