Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
File: e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa (raw, json)
Hash identifier: NfdDu4pHLvS3aeDYE86X1lBtuEUGMx9T7ztpNDz4eBE=
Subject key identifier: D8:3A:CF:C1:10:3B:9E:82:7A:8A:ED:93:FF:41:AE:35:BD:71:64:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E96887720FB5F620A0B17974DADE940D034E8FA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
Signing time: Fri 20 Feb 2026 01:50:35 +0000
ROA not before: Fri 20 Feb 2026 01:50:35 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:96:88:77:20:fb:5f:62:0a:0b:17:97:4d:ad:e9:40:d0:34:e8:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:35 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=37439eb0ff1ad4effadfe9a61bca98caadece831f2e79e428dc84b08ec69ee85, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ca:af:02:09:c5:d1:73:dc:53:58:01:b9:66:
f9:00:0a:31:27:7d:40:47:c4:4e:3e:61:c4:b8:dc:
0b:7d:a1:f1:34:09:be:63:d8:d2:e7:0d:cd:7b:75:
db:89:4f:3a:c5:c7:fe:c2:24:00:60:5c:aa:9d:8c:
b2:ef:61:2f:b7:4e:fe:a9:4b:b0:15:f6:bd:b1:7d:
c5:57:f2:65:c1:a4:d5:24:f6:86:d4:28:5d:6a:7f:
18:1c:ad:57:e3:16:c3:6a:60:b7:90:e4:ba:d1:77:
0f:49:72:e9:0e:2b:ab:27:98:40:50:d2:85:62:10:
16:ed:81:36:aa:79:39:13:0c:76:47:3d:72:a2:39:
8c:54:0b:f5:2f:d3:6a:dd:1c:ba:bf:9d:69:35:b4:
f1:1e:05:03:8e:5c:31:32:49:fc:14:77:15:72:e3:
3f:9d:74:10:19:48:fd:f0:9e:17:3a:98:36:8a:68:
a4:20:b3:cf:85:3e:47:a5:84:7f:ec:8c:26:a4:5b:
7d:db:b4:09:c6:cb:dd:02:e3:e8:e4:e5:15:b8:48:
cb:96:59:8f:1b:ff:fa:89:70:8b:6d:12:b1:7f:e3:
8d:6e:19:3f:f6:6b:55:fd:74:e4:a8:e8:56:7c:dd:
7e:33:3b:04:84:bb:40:54:2d:f3:02:63:c0:40:58:
49:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3A:CF:C1:10:3B:9E:82:7A:8A:ED:93:FF:41:AE:35:BD:71:64:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.40.0/22
Signature Algorithm: sha256WithRSAEncryption
92:7e:04:8a:3e:88:b0:74:a7:42:9c:aa:a1:5e:92:a6:d5:15:
a1:54:96:a4:97:7b:c6:e1:b9:76:f9:47:84:a4:67:40:9e:28:
4c:89:20:7f:65:82:e8:64:1d:56:70:7f:dc:c7:19:06:29:de:
99:e9:71:73:2f:85:69:65:9a:78:66:1c:1e:40:07:cd:26:97:
e6:d6:53:50:23:9f:de:8c:47:c8:0e:e0:2e:92:a1:e1:63:ce:
d0:27:f9:ff:4d:93:32:e3:14:a8:6f:03:59:76:b5:45:ff:e0:
55:7d:a5:a4:23:d6:cc:18:87:72:ca:93:cb:52:5d:48:cd:4d:
5d:66:a8:cb:08:4c:36:28:6b:b2:0f:7c:6c:71:b4:b6:26:c0:
5e:3b:93:b0:29:19:1c:20:0d:4a:d7:e2:68:c1:85:26:42:5d:
8b:a0:38:0d:d9:fc:76:12:2e:ab:0e:e5:a2:75:65:f0:86:03:
78:33:f9:45:a0:ea:17:c0:80:79:e1:8d:d1:54:ae:a1:eb:87:
5e:4f:d8:b2:c7:ad:eb:26:b7:37:83:2d:21:af:82:f7:ec:9a:
d4:b8:9b:11:47:6d:83:3f:04:92:13:9f:54:18:f9:86:66:68:
19:29:ae:c7:c7:33:b5:00:fb:9d:c4:7c:c5:55:6a:6d:49:31:
e4:a2:d0:5e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULpaIdyD7X2IKCxeXTa3pQNA06PowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMzVaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3NDM5ZWIwZmYxYWQ0ZWZmYWRmZTlhNjFiY2E5OGNhYWRlY2U4MzFmMmU3
OWU0MjhkYzg0YjA4ZWM2OWVlODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvKrwIJxdFz3FNYAblm+QAKMSd9QEfETj5hxLjcC32h8TQJvmPY0ucNzXt1
24lPOsXH/sIkAGBcqp2Msu9hL7dO/qlLsBX2vbF9xVfyZcGk1ST2htQoXWp/GByt
V+MWw2pgt5DkutF3D0ly6Q4rqyeYQFDShWIQFu2BNqp5ORMMdkc9cqI5jFQL9S/T
at0cur+daTW08R4FA45cMTJJ/BR3FXLjP510EBlI/fCeFzqYNopopCCzz4U+R6WE
f+yMJqRbfdu0CcbL3QLj6OTlFbhIy5ZZjxv/+olwi20SsX/jjW4ZP/ZrVf105Kjo
VnzdfjM7BIS7QFQt8wJjwEBYST8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTYOs/B
EDuegnqK7ZP/Qa41vXFkZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUyZTlkYWQtY2JmMy00YWMwLWE1MmUtZGEyYmYwM2U5MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiKDAN
BgkqhkiG9w0BAQsFAAOCAQEAkn4Eij6IsHSnQpyqoV6SptUVoVSWpJd7xuG5dvlH
hKRnQJ4oTIkgf2WC6GQdVnB/3McZBinemelxcy+FaWWaeGYcHkAHzSaX5tZTUCOf
3oxHyA7gLpKh4WPO0Cf5/02TMuMUqG8DWXa1Rf/gVX2lpCPWzBiHcsqTy1JdSM1N
XWaoywhMNihrsg98bHG0tibAXjuTsCkZHCANStfiaMGFJkJdi6A4Ddn8dhIuqw7l
onVl8IYDeDP5RaDqF8CAeeGN0VSuoeuHXk/Ysset6ya3N4MtIa+C9+ya1LibEUdt
gz8EkhOfVBj5hmZoGSmux8cztQD7ncR8xVVqbUkx5KLQXg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:09 2026 by rpki-client