Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
File: b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa (raw, json)
Hash identifier: jsSkHrFZLNSnWP6JP7dg3L9NXJon/dgDtUX+iv4lt5M=
Subject key identifier: B5:39:9B:24:FA:C6:F6:DE:4E:71:29:5E:1D:EF:7E:7D:AC:13:2D:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18E9D369B1060E4C77C54FB473006241EF7DAE8C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
Signing time: Fri 20 Feb 2026 01:50:03 +0000
ROA not before: Fri 20 Feb 2026 01:50:03 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:e9:d3:69:b1:06:0e:4c:77:c5:4f:b4:73:00:62:41:ef:7d:ae:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:03 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=1faaea9c2508d414fb1f9b2cda26a96200b656000d20a569acb9fad00bf0e77f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:01:52:32:16:88:f1:df:8b:48:8d:49:5f:62:
c2:ed:6c:2b:24:a7:15:7d:c0:21:31:5b:8a:19:9f:
a2:77:27:68:1a:f2:e7:c8:e3:ba:cc:25:9e:bb:e2:
2b:64:92:f9:6f:5c:c5:6c:57:6b:c1:c6:fc:0b:51:
60:21:95:ec:44:e7:b4:4e:88:25:ed:01:78:4f:4a:
62:0f:ab:ba:43:ad:ef:b7:10:1a:c7:ef:1a:b1:99:
84:6e:fd:0c:81:37:fe:23:2d:5c:d1:ea:0e:a4:7c:
ba:de:6f:e0:05:a7:84:1c:5d:b5:64:0e:49:4e:f7:
8e:42:49:58:94:67:76:28:b3:29:5c:6c:80:17:60:
78:10:31:49:35:d8:50:4f:c9:e9:28:4e:84:58:af:
ec:cf:e6:20:d5:ff:e5:9d:6d:d6:e2:c4:95:70:a3:
19:5f:65:10:5b:26:7d:2c:c1:14:ae:39:03:c9:d9:
39:c5:4d:d9:d2:80:74:d4:53:17:1a:79:0b:80:f4:
d6:17:82:22:59:c3:44:c0:cd:74:96:cf:75:81:25:
db:a2:26:bf:52:82:30:08:1e:d1:e3:1b:42:56:3d:
02:e0:35:87:4a:57:9b:4b:0d:c9:6e:7b:69:00:f4:
61:2f:b4:cc:ad:cc:da:aa:e7:e2:d7:a8:ee:dc:1c:
bc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:39:9B:24:FA:C6:F6:DE:4E:71:29:5E:1D:EF:7E:7D:AC:13:2D:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/19
Signature Algorithm: sha256WithRSAEncryption
00:7e:13:df:ba:36:1e:0a:fa:8f:86:f6:13:e7:d3:60:ac:5a:
00:b7:ab:f3:bb:fc:a1:b0:f4:51:66:88:32:2c:52:12:a7:b0:
1d:eb:4e:ba:e8:30:b6:2e:15:f1:88:14:42:33:c9:50:f6:09:
89:ac:79:fd:be:06:56:b8:41:02:25:9a:ee:4f:87:c0:86:dd:
a4:e5:c1:0e:97:7e:23:b2:07:18:7a:9f:53:d3:27:a7:bd:2e:
ec:66:8a:fe:0e:94:b6:0d:34:76:99:41:64:4f:e6:ea:3f:43:
25:6d:eb:b6:d8:c3:6f:ac:29:a6:ed:e2:b6:9f:d7:d1:46:7b:
74:4c:da:1c:e2:3f:4e:38:9d:34:5e:71:55:6b:18:da:8c:37:
e4:0a:3c:78:38:bc:ff:a3:a6:f1:da:8b:f8:60:44:7a:e6:45:
84:19:e6:4d:58:4a:18:8b:64:b4:7c:2e:2e:dc:3f:2e:31:dc:
7a:b3:65:5e:c5:6a:e7:b4:c9:9b:04:08:1b:8f:68:c9:d0:72:
65:90:4f:74:44:c1:8b:f1:bd:64:d0:80:57:d5:c1:6e:f3:a8:
2e:d9:cf:c9:2e:7c:f8:12:37:1d:d3:6b:e6:c2:29:40:4b:4f:
24:20:5f:b2:34:1b:14:ff:0d:7b:b6:e2:99:a0:22:34:37:5d:
ab:5d:b6:f6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGOnTabEGDkx3xU+0cwBiQe99rowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMDNaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmYWFlYTljMjUwOGQ0MTRmYjFmOWIyY2RhMjZhOTYyMDBiNjU2MDAwZDIw
YTU2OWFjYjlmYWQwMGJmMGU3N2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUBUjIWiPHfi0iNSV9iwu1sKySnFX3AITFbihmfoncnaBry58jjuswlnrvi
K2SS+W9cxWxXa8HG/AtRYCGV7ETntE6IJe0BeE9KYg+rukOt77cQGsfvGrGZhG79
DIE3/iMtXNHqDqR8ut5v4AWnhBxdtWQOSU73jkJJWJRndiizKVxsgBdgeBAxSTXY
UE/J6ShOhFiv7M/mINX/5Z1t1uLElXCjGV9lEFsmfSzBFK45A8nZOcVN2dKAdNRT
Fxp5C4D01heCIlnDRMDNdJbPdYEl26Imv1KCMAge0eMbQlY9AuA1h0pXm0sNyW57
aQD0YS+0zK3M2qrn4teo7twcvEMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS1OZsk
+sb23k5xKV4d7359rBMtTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjlmZjM5MmUtMDljMC00YjdjLWJkZDUtNWZiMTMxNmUzOThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAAH4T37o2Hgr6j4b2E+fTYKxaALer87v8obD0UWaI
MixSEqewHetOuugwti4V8YgUQjPJUPYJiax5/b4GVrhBAiWa7k+HwIbdpOXBDpd+
I7IHGHqfU9Mnp70u7GaK/g6Utg00dplBZE/m6j9DJW3rttjDb6wppu3itp/X0UZ7
dEzaHOI/TjidNF5xVWsY2ow35Ao8eDi8/6Om8dqL+GBEeuZFhBnmTVhKGItktHwu
Ltw/LjHcerNlXsVq57TJmwQIG49oydByZZBPdETBi/G9ZNCAV9XBbvOoLtnPyS58
+BI3HdNr5sIpQEtPJCBfsjQbFP8Ne7bimaAiNDddq1229g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:51:12 2026 by rpki-client