Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
File: c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa (raw, json)
Hash identifier: 28HDz6HtEr1wWHCuwRHMTr5W2mPlXnoTqmTyKfLV10Q=
Subject key identifier: F1:35:26:28:F8:96:6C:13:3B:39:9B:9E:1F:62:2F:D9:43:71:9E:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73F6792BC2AB7AD74C989B15E0D0D2140FEAC691
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
Signing time: Fri 20 Feb 2026 01:50:04 +0000
ROA not before: Fri 20 Feb 2026 01:50:04 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:f6:79:2b:c2:ab:7a:d7:4c:98:9b:15:e0:d0:d2:14:0f:ea:c6:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:04 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=b3111534401910c65496a1d315e3126443ad129a7856c7e9a6a314ca3744019d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:48:48:fa:e1:37:f7:db:55:e5:fe:3b:82:a4:
21:96:85:96:0f:2e:63:0f:87:b5:26:dd:bf:04:4f:
23:c9:26:3d:6c:fe:05:0f:71:34:b2:3f:40:b2:34:
f0:89:12:cb:8c:7b:5f:ec:29:e5:71:74:b0:d5:63:
bc:25:87:58:d7:46:5a:fd:05:ca:85:1e:df:62:d0:
c1:20:de:65:09:6f:d2:50:9f:91:05:6d:c6:d6:af:
68:7d:11:24:8d:d9:7c:e0:fe:47:5f:a3:25:ca:9d:
43:53:94:93:f1:64:e4:f1:95:04:f0:fe:c5:9e:75:
64:8f:8a:46:84:1f:a5:20:0b:f1:9d:a5:2a:78:b8:
96:7f:d1:5f:59:46:61:85:db:a8:02:5a:46:e0:68:
f8:82:75:b9:9a:fc:e9:5f:9e:41:f7:b4:a7:15:61:
f1:9e:81:65:83:d9:75:96:01:50:f8:d3:93:79:30:
03:e3:fe:a0:a4:fa:96:0c:46:04:25:fa:1d:c6:ca:
1b:d8:2d:29:ae:c0:39:46:a3:d2:1f:57:8c:24:31:
29:20:5c:7b:ed:2f:1b:c3:2a:0c:e9:e2:1a:75:7d:
bf:7e:75:da:ab:73:03:20:b3:a9:f8:db:80:93:ad:
07:4a:e2:a1:04:a1:e5:54:6f:35:29:59:b4:17:e6:
27:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:35:26:28:F8:96:6C:13:3B:39:9B:9E:1F:62:2F:D9:43:71:9E:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/20
Signature Algorithm: sha256WithRSAEncryption
59:ed:84:8b:46:f6:e3:19:68:35:cc:e0:a9:6a:fc:09:c1:d3:
25:ef:46:0c:82:1b:d7:a2:6a:15:3d:6b:de:93:a9:0a:a6:cb:
61:ba:ca:3f:07:d0:06:0a:f6:95:2c:fe:53:d9:1a:0f:bf:bc:
40:58:a5:a2:68:eb:8b:e0:e8:ab:87:9f:99:85:32:12:1c:84:
0f:97:94:93:28:b1:82:3e:1b:df:ef:8e:51:d4:fd:73:aa:7d:
da:7b:28:26:ba:60:01:4a:80:1e:de:b8:7f:f7:66:4f:fd:06:
79:28:d8:0c:a4:04:a0:6c:4a:fe:59:39:4a:f4:57:9e:a9:27:
20:f2:5e:f3:c0:72:3a:15:fe:6b:8d:21:58:98:56:e7:82:46:
ae:4e:93:4b:8c:a0:24:3e:43:d4:1e:f0:9b:9b:47:b5:e3:72:
7e:c8:05:54:82:72:9d:09:a8:42:ae:53:2f:e6:a1:7c:3f:70:
a3:ae:ee:31:c1:47:dd:ca:1b:70:d5:85:5f:80:ea:da:c5:c9:
d1:ff:d9:49:6d:a0:41:6e:44:8c:d4:7e:bd:50:9d:f5:01:30:
f8:9d:fc:3c:13:d5:89:9b:30:28:6b:dd:22:3b:1f:ab:a5:08:
ba:d5:a3:ff:15:62:cf:9d:6f:1b:58:4c:de:ea:17:c9:da:95:
3c:c0:e9:0d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUc/Z5K8KretdMmJsV4NDSFA/qxpEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMDRaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzMTExNTM0NDAxOTEwYzY1NDk2YTFkMzE1ZTMxMjY0NDNhZDEyOWE3ODU2
YzdlOWE2YTMxNGNhMzc0NDAxOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJdISPrhN/fbVeX+O4KkIZaFlg8uYw+HtSbdvwRPI8kmPWz+BQ9xNLI/QLI0
8IkSy4x7X+wp5XF0sNVjvCWHWNdGWv0FyoUe32LQwSDeZQlv0lCfkQVtxtavaH0R
JI3ZfOD+R1+jJcqdQ1OUk/Fk5PGVBPD+xZ51ZI+KRoQfpSAL8Z2lKni4ln/RX1lG
YYXbqAJaRuBo+IJ1uZr86V+eQfe0pxVh8Z6BZYPZdZYBUPjTk3kwA+P+oKT6lgxG
BCX6HcbKG9gtKa7AOUaj0h9XjCQxKSBce+0vG8MqDOniGnV9v3512qtzAyCzqfjb
gJOtB0rioQSh5VRvNSlZtBfmJy8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTxNSYo
+JZsEzs5m54fYi/ZQ3Ge4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzJjZDRkZGYtOWEzOC00MjVhLTgwMjEtYzQ1ZWQ5NmM1MGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAigDAN
BgkqhkiG9w0BAQsFAAOCAQEAWe2Ei0b24xloNczgqWr8CcHTJe9GDIIb16JqFT1r
3pOpCqbLYbrKPwfQBgr2lSz+U9kaD7+8QFilomjri+Doq4efmYUyEhyED5eUkyix
gj4b3++OUdT9c6p92nsoJrpgAUqAHt64f/dmT/0GeSjYDKQEoGxK/lk5SvRXnqkn
IPJe88ByOhX+a40hWJhW54JGrk6TS4ygJD5D1B7wm5tHteNyfsgFVIJynQmoQq5T
L+ahfD9wo67uMcFH3cobcNWFX4Dq2sXJ0f/ZSW2gQW5EjNR+vVCd9QEw+J38PBPV
iZswKGvdIjsfq6UIutWj/xViz51vG1hM3uoXydqVPMDpDQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:18 2026 by rpki-client