Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
File: db2d9177-e3d4-459e-980d-b68f027facc9.roa (raw, json)
Hash identifier: C8yn7i1yBPq0Hvgl+VaHWI8ArwNyInKBVrTbDK4avhQ=
Subject key identifier: 4C:C2:66:25:C5:D8:41:EB:2E:88:1A:B7:E5:27:E4:3F:F9:43:DC:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59AA095A35C4C68E9DDE27C9A8E6C6455DB1FACD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
Signing time: Sat 28 Feb 2026 05:51:28 +0000
ROA not before: Sat 28 Feb 2026 05:51:28 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:aa:09:5a:35:c4:c6:8e:9d:de:27:c9:a8:e6:c6:45:5d:b1:fa:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:51:28 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=ea8e3e8043bc8b506a2492f3db677a189a8df36458e568423ef5710f7c1f2a57, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b2:7b:30:22:0e:56:b4:b0:39:b3:f6:9c:16:
61:58:53:75:d5:12:16:8c:6e:b5:e4:23:68:7a:28:
96:c6:18:7a:fc:a1:0f:6f:4b:06:8e:a3:f4:af:4b:
6c:45:6e:c8:fe:4b:39:8f:e3:0c:ad:80:c9:37:d9:
2f:27:80:20:f3:cc:7a:eb:ea:01:8e:5c:00:0e:b2:
10:88:b8:5c:a5:bc:f8:86:4b:e7:0b:45:19:87:b6:
da:58:13:0a:67:a0:68:dc:b4:68:f3:d2:eb:6c:2a:
f5:46:3f:ce:f1:20:fd:7e:1a:78:4f:ea:40:54:2e:
91:39:6f:b2:95:e7:64:3f:6e:03:09:3d:3c:d6:c9:
a1:ec:c2:6c:da:e0:8b:6b:08:46:e4:8f:f4:7b:98:
8b:57:98:b5:20:ba:e6:a6:50:1e:98:7e:59:d6:cb:
b9:9a:1c:a7:fc:89:46:b3:ab:bc:e7:fc:d3:88:88:
3d:23:63:6e:79:0d:a8:e9:9a:4f:ae:c2:c7:f6:4c:
52:52:72:1c:a0:a7:71:99:7b:35:31:9a:66:37:c1:
39:4c:c4:7e:1f:8b:a0:b5:53:95:96:5b:b2:9a:2c:
07:43:70:35:b6:b1:16:3b:61:d4:b1:f2:02:0c:19:
5a:70:3a:a1:ec:7d:a5:48:a0:f0:21:80:0c:2f:9a:
d1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C2:66:25:C5:D8:41:EB:2E:88:1A:B7:E5:27:E4:3F:F9:43:DC:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
30:c9:dc:cf:b0:b4:ef:09:2a:66:84:ce:ef:92:5f:be:e2:17:
61:ba:16:16:db:d4:e7:08:d4:63:2b:bd:80:11:e2:3b:95:dd:
05:64:92:fa:2b:4e:89:9b:13:fb:fe:9c:59:1e:0b:f4:b3:e0:
d6:fc:17:70:9d:a7:e2:f4:d8:b0:e4:87:33:41:93:eb:ca:b6:
2b:97:12:6b:42:da:a6:59:c8:9c:18:ce:73:9c:14:78:08:c3:
3f:b2:59:a5:36:e6:a0:f2:dd:00:30:88:07:f6:d5:fa:8f:26:
e6:10:c1:01:dc:ca:3a:b9:e4:f7:5b:dc:59:4d:80:84:00:09:
fb:60:c4:6f:15:c3:f0:13:b3:4d:6c:88:22:43:bd:25:75:a9:
b2:03:8d:53:0c:22:4c:78:ba:61:08:f6:73:06:10:30:81:6b:
5e:13:eb:30:65:b3:4f:8f:9f:70:e0:45:63:f4:95:54:cd:ef:
f9:89:75:03:13:88:a1:61:b2:e2:e2:37:42:3c:bd:61:29:96:
89:e0:e0:57:c7:1e:3d:5d:91:66:f3:4d:5a:95:5a:20:b3:58:
8c:0c:f6:a4:78:a8:c1:01:f1:a6:04:81:86:0b:16:39:dc:5d:
a0:26:87:dd:eb:26:f3:13:65:4c:b6:dd:ed:3f:f2:2b:1b:47:
bc:c0:a0:b3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWaoJWjXExo6d3ifJqObGRV2x+s0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUxMjhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhOGUzZTgwNDNiYzhiNTA2YTI0OTJmM2RiNjc3YTE4OWE4ZGYzNjQ1OGU1
Njg0MjNlZjU3MTBmN2MxZjJhNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOyezAiDla0sDmz9pwWYVhTddUSFoxuteQjaHoolsYYevyhD29LBo6j9K9L
bEVuyP5LOY/jDK2AyTfZLyeAIPPMeuvqAY5cAA6yEIi4XKW8+IZL5wtFGYe22lgT
CmegaNy0aPPS62wq9UY/zvEg/X4aeE/qQFQukTlvspXnZD9uAwk9PNbJoezCbNrg
i2sIRuSP9HuYi1eYtSC65qZQHph+WdbLuZocp/yJRrOrvOf804iIPSNjbnkNqOma
T67Cx/ZMUlJyHKCncZl7NTGaZjfBOUzEfh+LoLVTlZZbsposB0NwNbaxFjth1LHy
AgwZWnA6oex9pUig8CGADC+a0RkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRMwmYl
xdhB6y6IGrflJ+Q/+UPcczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGIyZDkxNzctZTNkNC00NTllLTk4MGQtYjY4ZjAyN2ZhY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAMMncz7C07wkqZoTO75JfvuIXYboWFtvU5wjUYyu9
gBHiO5XdBWSS+itOiZsT+/6cWR4L9LPg1vwXcJ2n4vTYsOSHM0GT68q2K5cSa0La
plnInBjOc5wUeAjDP7JZpTbmoPLdADCIB/bV+o8m5hDBAdzKOrnk91vcWU2AhAAJ
+2DEbxXD8BOzTWyIIkO9JXWpsgONUwwiTHi6YQj2cwYQMIFrXhPrMGWzT4+fcOBF
Y/SVVM3v+Yl1AxOIoWGy4uI3Qjy9YSmWieDgV8cePV2RZvNNWpVaILNYjAz2pHio
wQHxpgSBhgsWOdxdoCaH3esm8xNlTLbd7T/yKxtHvMCgsw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:49:28 2026 by rpki-client