Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
File: ca3047ed-6074-479d-9d85-26334085e41c.roa (raw, json)
Hash identifier: cIfabtwLFrAWYT4KQdMbU+MntkJ3xZ56wmAC2OqdAVI=
Subject key identifier: E9:EC:8D:6A:A7:5F:FB:1A:D4:0D:CE:F2:76:34:17:80:DF:21:3A:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 673C7A2EB3FA960DBF254DC7475621373906BEE2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
Signing time: Mon 23 Feb 2026 01:00:06 +0000
ROA not before: Mon 23 Feb 2026 01:00:06 +0000
ROA not after: Sun 24 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:3c:7a:2e:b3:fa:96:0d:bf:25:4d:c7:47:56:21:37:39:06:be:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 23 01:00:06 2026 GMT
Not After : May 24 23:59:59 2026 GMT
Subject: serialNumber=682bf12cc57e082f0ece2268011fa3c4ed901ba5facd00901b455fa7e47aee02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f8:02:cf:40:63:9a:dd:06:5c:34:1a:83:f2:
29:2c:6c:1b:9b:ce:64:28:4a:82:bb:98:42:a2:69:
1f:66:69:e3:fa:21:01:d2:63:c2:5d:7a:e2:75:dd:
3c:e0:51:62:f4:eb:a2:b0:a5:d9:d8:4e:b6:fe:87:
61:b1:7e:bd:a5:1b:5f:a8:c9:a9:2f:b3:0c:e6:52:
f1:0e:5c:23:e2:56:cc:fa:a8:87:89:08:e3:84:11:
0e:d1:3b:0a:ba:98:c2:f3:39:2b:a8:1a:b4:6c:f6:
93:39:5f:3b:0b:c5:36:37:41:d6:f1:62:6c:4c:1f:
37:dc:71:61:fc:90:ad:96:44:c3:ae:4f:dd:7e:59:
dc:2e:6d:ad:54:1a:b1:eb:73:96:19:c5:a7:9e:42:
98:7f:ba:a4:2d:ea:a9:61:e0:60:b8:53:7b:4a:b0:
aa:a8:36:23:4f:33:bf:51:cf:25:af:fe:af:4a:a5:
08:35:1b:b1:15:34:f2:fc:4d:8c:c1:e4:a4:ea:dd:
36:4c:22:1a:7c:1d:84:06:d1:49:bb:ad:c9:e9:ce:
ca:45:85:1a:36:3e:89:5d:aa:65:8a:a6:1c:c1:1c:
a4:61:5d:21:77:5d:41:27:be:93:9e:1b:41:77:50:
3a:18:68:c2:5a:8f:c5:c0:6b:95:7d:90:c0:31:33:
8f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:EC:8D:6A:A7:5F:FB:1A:D4:0D:CE:F2:76:34:17:80:DF:21:3A:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4a:3e:8d:1f:d9:bc:53:e4:61:da:ac:9a:91:7e:c7:3f:f8:dd:
5a:66:4b:18:8c:a9:2b:d1:3d:60:d6:86:3d:69:f4:f2:50:fc:
1b:c4:fa:ff:8b:32:b1:9b:3c:4b:19:6f:b6:bc:fe:5e:67:47:
4b:5d:79:34:78:a3:b4:12:55:14:be:c2:01:59:7c:8f:29:54:
d5:fe:61:25:ac:6f:df:e3:16:14:27:8e:d7:6a:ca:29:9e:0d:
72:41:d2:c7:e2:82:8e:90:7e:a7:4a:3c:90:a4:3a:4b:b9:cd:
35:3a:4d:f5:da:28:0a:12:54:bf:a7:0f:44:c5:3c:a4:fd:dc:
d8:87:a5:53:ba:a6:f5:37:7a:fc:28:97:c1:92:4a:fc:7f:22:
22:db:ba:81:3e:85:bb:5e:38:4a:99:6c:d8:e2:d2:ce:5f:6c:
c7:67:9a:d9:4e:19:cd:4e:70:18:a5:1e:bb:ff:82:6c:a1:27:
89:25:f2:9a:4a:bf:df:42:c4:cf:fb:ed:0b:80:b8:3b:aa:32:
f5:90:90:5e:35:e1:ef:bb:57:cf:28:60:0c:e2:65:af:70:fb:
c2:42:29:9e:c1:06:83:84:26:68:c5:ed:7b:f9:3d:e2:9d:ed:
42:97:7d:75:f8:9f:35:a8:31:bf:3a:f1:99:f1:4d:22:88:a5:
07:67:45:df
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZzx6LrP6lg2/JU3HR1YhNzkGvuIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjMwMTAwMDZaFw0yNjA1MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4MmJmMTJjYzU3ZTA4MmYwZWNlMjI2ODAxMWZhM2M0ZWQ5MDFiYTVmYWNk
MDA5MDFiNDU1ZmE3ZTQ3YWVlMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJD4As9AY5rdBlw0GoPyKSxsG5vOZChKgruYQqJpH2Zp4/ohAdJjwl164nXd
POBRYvTrorCl2dhOtv6HYbF+vaUbX6jJqS+zDOZS8Q5cI+JWzPqoh4kI44QRDtE7
CrqYwvM5K6gatGz2kzlfOwvFNjdB1vFibEwfN9xxYfyQrZZEw65P3X5Z3C5trVQa
setzlhnFp55CmH+6pC3qqWHgYLhTe0qwqqg2I08zv1HPJa/+r0qlCDUbsRU08vxN
jMHkpOrdNkwiGnwdhAbRSbutyenOykWFGjY+iV2qZYqmHMEcpGFdIXddQSe+k54b
QXdQOhhowlqPxcBrlX2QwDEzj38CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTp7I1q
p1/7GtQNzvJ2NBeA3yE6BzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2EzMDQ3ZWQtNjA3NC00NzlkLTlkODUtMjYzMzQwODVlNDFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEASj6NH9m8U+Rh2qyakX7HP/jdWmZLGIypK9E9YNaG
PWn08lD8G8T6/4sysZs8Sxlvtrz+XmdHS115NHijtBJVFL7CAVl8jylU1f5hJaxv
3+MWFCeO12rKKZ4NckHSx+KCjpB+p0o8kKQ6S7nNNTpN9dooChJUv6cPRMU8pP3c
2IelU7qm9Td6/CiXwZJK/H8iItu6gT6Fu144Spls2OLSzl9sx2ea2U4ZzU5wGKUe
u/+CbKEniSXymkq/30LEz/vtC4C4O6oy9ZCQXjXh77tXzyhgDOJlr3D7wkIpnsEG
g4QmaMXte/k94p3tQpd9dfifNagxvzrxmfFNIoilB2dF3w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:09 2026 by rpki-client