Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
File: db2d9177-e3d4-459e-980d-b68f027facc9.roa (raw, json)
Hash identifier: 1f0q4DB2E/GKI6qGDB+gjmimDNl+4HZ2Ce2p9/27s9E=
Subject key identifier: 76:E9:93:C2:7E:22:D8:52:19:40:5B:89:44:79:1E:B7:B5:F6:2F:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F229A223342B278B261CBE74F0DD77331E493DD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
Signing time: Tue 19 May 2026 05:10:08 +0000
ROA not before: Tue 19 May 2026 05:10:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:22:9a:22:33:42:b2:78:b2:61:cb:e7:4f:0d:d7:73:31:e4:93:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=cd35f4a4f6ee1a199a356b3cf34839e75fd0d507e39676ad97baf131ebe4cb8c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:43:f9:7e:aa:cb:6c:d0:29:95:a3:c8:85:6c:
57:38:59:3a:4d:08:f0:cb:b3:9a:c5:19:e3:9a:7f:
8b:09:5d:63:35:b9:b4:7d:7d:a8:a5:7f:ed:bc:75:
b0:61:67:ba:9a:d4:5b:b6:c3:f6:a8:d5:f0:f6:42:
34:41:d4:16:c5:28:02:cb:ec:2f:5b:c3:e8:57:82:
ac:f9:43:0e:a9:7d:d8:16:cf:3d:6d:a5:35:43:ee:
42:16:2b:01:e3:25:22:8e:16:73:b5:b3:47:fc:c7:
d0:cd:1a:e2:f3:4e:4f:f4:53:9a:61:2f:62:9a:ad:
97:10:c0:cd:83:65:7a:3e:d5:82:46:2a:a4:20:a2:
17:44:ae:1c:4e:bc:af:b2:32:a7:95:b0:86:29:81:
a8:b2:f8:1e:0d:95:70:57:47:b1:c3:a1:74:26:7a:
7b:1a:3a:44:76:63:49:f2:39:17:27:be:15:7a:19:
1b:74:09:08:f5:b9:51:77:bb:c7:0d:a4:ca:2f:9c:
88:bf:78:5f:4d:d4:d5:08:37:2f:fa:d7:96:cc:c1:
8d:56:aa:f3:e6:d9:52:73:bc:41:35:d4:38:b5:a0:
c2:ce:03:6d:0f:10:6a:be:b0:73:94:94:61:19:8e:
bc:b5:02:e1:41:98:ed:8b:d4:18:2c:16:bd:00:a3:
51:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E9:93:C2:7E:22:D8:52:19:40:5B:89:44:79:1E:B7:B5:F6:2F:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
ba:72:51:21:03:64:e6:88:a5:dc:6c:5e:4b:e8:a5:d6:8b:c4:
04:34:37:79:4c:48:97:cc:17:0e:46:87:ed:ad:15:6b:19:ed:
a7:6f:84:63:7e:46:b5:bb:eb:3f:cb:9b:5c:c3:fa:46:56:5f:
35:71:c6:55:81:8c:2b:0f:04:4b:21:94:f5:6f:f1:b4:95:5a:
f5:fc:d9:a4:8f:40:b0:a2:7f:9a:9c:61:73:c3:d7:e2:18:34:
27:03:b6:e6:c3:93:b3:81:d0:7a:d4:13:0a:4c:7d:b3:40:03:
45:1d:75:b4:df:16:ce:b1:df:0e:fb:1e:65:20:9d:e2:26:5c:
f4:26:19:b9:61:fc:65:05:43:c3:ae:4c:ac:95:ac:94:72:66:
24:39:45:62:3b:94:73:82:39:e5:b6:ea:09:89:d4:69:08:ac:
2d:7d:73:df:cd:dc:49:10:6b:4f:5b:2a:0d:80:1f:27:53:7e:
ae:98:8a:05:c2:d9:98:16:b2:df:5b:05:c7:84:d7:fe:de:fc:
5e:8b:1a:98:40:16:cd:08:6e:84:ea:a3:8b:11:2c:a5:d8:0b:
93:7c:ce:57:c5:6d:d8:0a:dd:74:c0:1d:d3:90:ce:04:73:23:
ff:1d:4a:99:23:f1:60:ef:47:43:d5:26:29:5f:78:b7:9c:94:
86:c0:04:09
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDyKaIjNCsniyYcvnTw3XczHkk90wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkMzVmNGE0ZjZlZTFhMTk5YTM1NmIzY2YzNDgzOWU3NWZkMGQ1MDdlMzk2
NzZhZDk3YmFmMTMxZWJlNGNiOGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZD+X6qy2zQKZWjyIVsVzhZOk0I8MuzmsUZ45p/iwldYzW5tH19qKV/7bx1
sGFnuprUW7bD9qjV8PZCNEHUFsUoAsvsL1vD6FeCrPlDDql92BbPPW2lNUPuQhYr
AeMlIo4Wc7WzR/zH0M0a4vNOT/RTmmEvYpqtlxDAzYNlej7VgkYqpCCiF0SuHE68
r7Iyp5WwhimBqLL4Hg2VcFdHscOhdCZ6exo6RHZjSfI5Fye+FXoZG3QJCPW5UXe7
xw2kyi+ciL94X03U1Qg3L/rXlszBjVaq8+bZUnO8QTXUOLWgws4DbQ8Qar6wc5SU
YRmOvLUC4UGY7YvUGCwWvQCjUTsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR26ZPC
fiLYUhlAW4lEeR63tfYvrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGIyZDkxNzctZTNkNC00NTllLTk4MGQtYjY4ZjAyN2ZhY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAunJRIQNk5oil3GxeS+il1ovEBDQ3eUxIl8wXDkaH
7a0Vaxntp2+EY35GtbvrP8ubXMP6RlZfNXHGVYGMKw8ESyGU9W/xtJVa9fzZpI9A
sKJ/mpxhc8PX4hg0JwO25sOTs4HQetQTCkx9s0ADRR11tN8WzrHfDvseZSCd4iZc
9CYZuWH8ZQVDw65MrJWslHJmJDlFYjuUc4I55bbqCYnUaQisLX1z383cSRBrT1sq
DYAfJ1N+rpiKBcLZmBay31sFx4TX/t78XosamEAWzQhuhOqjixEspdgLk3zOV8Vt
2ArddMAd05DOBHMj/x1KmSPxYO9HQ9UmKV94t5yUhsAECQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:43:17 2026 by rpki-client