Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
File: e00516db-a674-4a02-8de9-e0ad569ecc6f.roa (raw, json)
Hash identifier: O1TmvxLANbOg3NbgVV5sB9SU7YuAt4F8SlS7rNuGQVE=
Subject key identifier: 47:51:B8:FD:66:17:D9:3D:88:C4:1F:95:A1:5E:0A:47:DE:51:62:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53A404E632F100D62E8657234D3230F37E2644AA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
Signing time: Fri 20 Feb 2026 01:51:09 +0000
ROA not before: Fri 20 Feb 2026 01:51:09 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:a4:04:e6:32:f1:00:d6:2e:86:57:23:4d:32:30:f3:7e:26:44:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:51:09 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=3cb8fd62b965c4a9f1e7d4f12bb4396749e36cca38b1c08d86a7a766a177d5de, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:91:61:26:19:4a:e4:79:54:cc:b3:72:ee:97:
b1:c3:6b:66:96:a9:d0:60:1d:d5:58:1e:5f:bd:7e:
1c:72:d8:f8:ea:0c:71:9c:74:c3:d4:87:4f:9f:05:
00:56:57:1f:be:1e:85:1c:cc:5c:1d:7b:44:af:f3:
aa:53:18:13:72:33:5c:d8:cc:45:16:57:a2:1b:b7:
ec:6f:14:c6:63:62:4b:f9:36:6a:42:7d:18:b2:75:
4f:2b:02:db:18:55:a5:39:4a:13:fd:2b:0d:ff:f0:
1c:7a:9c:79:22:d2:ac:38:9d:0e:8f:a4:db:ba:4c:
17:e7:4b:ce:16:9b:13:56:b0:06:7a:50:1a:c3:6c:
01:14:76:50:82:fa:5b:69:7c:fe:2d:04:32:03:4f:
b9:f6:55:a4:29:2c:c1:50:0e:e3:7e:9f:da:14:46:
68:b1:5b:b2:36:22:bb:e8:91:0d:aa:c6:1f:d6:e6:
1a:f4:0a:64:d7:3d:8d:b7:d3:e2:9c:04:34:0d:bd:
c3:44:41:3c:8a:2c:62:41:8c:f0:77:1c:18:c5:f2:
a4:45:11:0e:b5:4d:22:58:9f:05:7f:b5:03:7d:0a:
4f:36:2c:b2:60:b6:f4:63:a0:69:63:88:8d:73:84:
e0:dc:0d:85:39:86:4e:d5:f6:45:2b:64:ad:d7:64:
ce:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:51:B8:FD:66:17:D9:3D:88:C4:1F:95:A1:5E:0A:47:DE:51:62:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.176.0/20
Signature Algorithm: sha256WithRSAEncryption
90:c5:52:b0:0b:7f:bd:f5:6e:88:8a:4f:46:60:33:63:6c:23:
13:3e:5e:fc:01:57:b5:8d:bf:b6:f2:ca:29:98:96:80:b9:d0:
c6:5e:12:45:09:da:54:31:ca:a2:cb:03:b2:0b:8a:8e:31:6e:
1f:84:c7:f6:25:0c:91:d2:0b:d9:74:f7:6e:16:fd:4e:c7:0d:
44:4f:26:09:bd:bc:d3:3f:82:39:0c:aa:ca:cf:c7:be:09:9a:
e4:02:dd:a3:a8:ea:17:04:17:c6:e4:09:48:5d:c9:4e:ae:fe:
f2:a6:10:47:64:e6:0b:b5:7e:3a:fc:c6:e8:de:d8:8d:8b:2a:
49:28:a5:d3:db:e1:de:53:79:be:19:f0:00:04:aa:5c:2b:d5:
d2:cb:e4:e9:34:b9:9d:f8:91:e8:62:85:f0:80:45:8e:35:7c:
36:d7:18:fb:8d:e3:63:82:a1:00:b4:5e:af:04:1a:25:16:18:
6c:96:52:ea:7f:7b:6a:82:a5:2e:7a:95:f3:20:fd:b6:f7:02:
de:9f:1f:9c:20:39:15:79:93:47:49:f6:a4:75:c7:1c:04:4e:
10:01:5b:7c:85:b4:70:4f:04:95:14:34:8f:3a:a6:c2:17:5e:
82:f7:96:ae:03:fe:30:e5:54:eb:e1:b7:8a:5e:64:6c:e3:23:
05:74:5c:db
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUU6QE5jLxANYuhlcjTTIw834mRKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUxMDlaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjYjhmZDYyYjk2NWM0YTlmMWU3ZDRmMTJiYjQzOTY3NDllMzZjY2EzOGIx
YzA4ZDg2YTdhNzY2YTE3N2Q1ZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCRYSYZSuR5VMyzcu6XscNrZpap0GAd1VgeX71+HHLY+OoMcZx0w9SHT58F
AFZXH74ehRzMXB17RK/zqlMYE3IzXNjMRRZXohu37G8UxmNiS/k2akJ9GLJ1TysC
2xhVpTlKE/0rDf/wHHqceSLSrDidDo+k27pMF+dLzhabE1awBnpQGsNsARR2UIL6
W2l8/i0EMgNPufZVpCkswVAO436f2hRGaLFbsjYiu+iRDarGH9bmGvQKZNc9jbfT
4pwENA29w0RBPIosYkGM8HccGMXypEURDrVNIlifBX+1A30KTzYssmC29GOgaWOI
jXOE4NwNhTmGTtX2RStkrddkzkECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRHUbj9
ZhfZPYjEH5WhXgpH3lFiqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTAwNTE2ZGItYTY3NC00YTAyLThkZTktZTBhZDU2OWVjYzZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAisDAN
BgkqhkiG9w0BAQsFAAOCAQEAkMVSsAt/vfVuiIpPRmAzY2wjEz5e/AFXtY2/tvLK
KZiWgLnQxl4SRQnaVDHKossDsguKjjFuH4TH9iUMkdIL2XT3bhb9TscNRE8mCb28
0z+COQyqys/Hvgma5ALdo6jqFwQXxuQJSF3JTq7+8qYQR2TmC7V+OvzG6N7YjYsq
SSil09vh3lN5vhnwAASqXCvV0svk6TS5nfiR6GKF8IBFjjV8NtcY+43jY4KhALRe
rwQaJRYYbJZS6n97aoKlLnqV8yD9tvcC3p8fnCA5FXmTR0n2pHXHHAROEAFbfIW0
cE8ElRQ0jzqmwhdegveWrgP+MOVU6+G3il5kbOMjBXRc2w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:42:52 2026 by rpki-client