Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
File: ea9f1f24-552b-49dd-a167-4872d5575c1d.roa (raw, json)
Hash identifier: V4uUaNE07QRuJNoDpTNwsBaxwzruayUqWlBqlzI3Y2c=
Subject key identifier: 0B:7A:0E:A3:91:F8:66:F8:64:B1:AD:24:E1:52:F2:CF:8E:61:54:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 051A46ABB6AF967ADF8B53E294FBFAC60DE977F0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
Signing time: Tue 19 May 2026 05:00:09 +0000
ROA not before: Tue 19 May 2026 05:00:09 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:1a:46:ab:b6:af:96:7a:df:8b:53:e2:94:fb:fa:c6:0d:e9:77:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:09 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=b19e1b6ad71f23887bd323ad667eeb68cb02d3b1c5931f854d26e5cca239e7d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:73:ca:d0:d4:76:fa:86:45:c5:51:52:f3:5e:
6c:2e:ce:36:e8:47:1a:20:d4:b4:22:18:9d:65:0e:
f8:97:83:98:93:a9:8d:cf:f5:c2:c0:94:89:7f:8c:
38:f7:bc:2e:85:17:27:9c:58:96:d2:73:d2:6a:53:
02:c5:2a:ac:2b:d4:fe:29:1d:e9:4e:c6:a8:44:64:
30:0d:ea:3a:80:64:cd:55:e3:a4:ed:9e:1f:fe:a2:
f8:4e:e7:d5:9b:9b:36:8c:e0:a6:01:9e:a1:a4:cc:
6a:d3:29:24:7c:cb:ff:66:67:8a:7d:99:23:b3:4e:
8a:97:28:60:99:3d:0e:42:39:ed:71:98:88:88:d5:
33:40:d0:4d:15:a3:e6:08:ca:46:6a:ec:20:11:be:
7f:12:0f:0e:ac:51:23:f2:e8:ba:30:5d:86:10:10:
da:5a:6e:28:13:ee:b0:75:dd:c4:16:50:32:f7:25:
d7:e3:f9:c5:ea:ed:ce:94:8a:0f:a8:b6:ce:e6:10:
de:d9:54:92:08:91:c3:4f:87:4e:63:1d:9f:23:f2:
20:04:b6:e4:ee:f2:5c:8a:9a:c2:a2:7d:55:f4:1a:
13:23:db:d7:c2:b7:e9:4e:20:3c:85:1c:b6:2c:e2:
06:34:f0:41:87:76:f4:9a:ac:9b:47:9d:aa:0f:c8:
d7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:7A:0E:A3:91:F8:66:F8:64:B1:AD:24:E1:52:F2:CF:8E:61:54:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.120.0/22
Signature Algorithm: sha256WithRSAEncryption
23:f3:95:37:0c:a3:39:d0:da:4a:10:a2:03:db:89:9f:98:63:
6a:be:17:b9:61:c8:91:c5:70:f2:ec:46:d5:23:45:b7:2d:79:
93:b6:66:26:25:3d:44:cf:b3:28:d0:38:5a:37:7c:92:9e:9a:
ec:b2:7d:05:01:67:cc:8c:00:42:e8:cd:93:9b:e0:de:1e:90:
48:6f:33:b8:76:ee:42:d4:b9:80:19:73:5e:a7:7f:a6:aa:b4:
a3:92:f9:55:1f:a8:5b:1a:93:5a:4a:bf:a6:74:68:ca:5c:cf:
33:0f:3d:6c:a9:33:e6:c2:46:57:99:6f:76:1f:f1:0e:61:06:
1a:5a:74:16:c3:f9:3c:d3:52:cb:cd:dc:00:3b:0a:88:6d:a2:
e8:3e:77:6e:5d:14:db:fa:fc:ca:80:1e:17:50:22:35:2b:26:
75:50:7a:a0:e5:a3:38:8b:21:e1:fb:f3:47:9b:21:bb:f2:2e:
91:af:d6:65:4d:bf:86:67:cb:61:84:0b:3a:56:5f:f9:a5:c0:
52:be:9b:aa:83:f7:3e:80:fb:55:7a:6b:17:b0:20:8e:e7:96:
48:3f:14:ab:88:a9:a9:41:c5:43:fd:be:06:52:e8:fe:a4:68:
a1:76:ea:9d:b2:ee:49:98:8a:df:eb:d3:d5:63:25:e6:46:e4:
9c:53:15:37
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBRpGq7avlnrfi1PilPv6xg3pd/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxOWUxYjZhZDcxZjIzODg3YmQzMjNhZDY2N2VlYjY4Y2IwMmQzYjFjNTkz
MWY4NTRkMjZlNWNjYTIzOWU3ZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJzytDUdvqGRcVRUvNebC7ONuhHGiDUtCIYnWUO+JeDmJOpjc/1wsCUiX+M
OPe8LoUXJ5xYltJz0mpTAsUqrCvU/ikd6U7GqERkMA3qOoBkzVXjpO2eH/6i+E7n
1ZubNozgpgGeoaTMatMpJHzL/2Znin2ZI7NOipcoYJk9DkI57XGYiIjVM0DQTRWj
5gjKRmrsIBG+fxIPDqxRI/LoujBdhhAQ2lpuKBPusHXdxBZQMvcl1+P5xertzpSK
D6i2zuYQ3tlUkgiRw0+HTmMdnyPyIAS25O7yXIqawqJ9VfQaEyPb18K36U4gPIUc
tiziBjTwQYd29Jqsm0edqg/I1/ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQLeg6j
kfhm+GSxrSThUvLPjmFUtTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWE5ZjFmMjQtNTUyYi00OWRkLWExNjctNDg3MmQ1NTc1YzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgeDAN
BgkqhkiG9w0BAQsFAAOCAQEAI/OVNwyjOdDaShCiA9uJn5hjar4XuWHIkcVw8uxG
1SNFty15k7ZmJiU9RM+zKNA4Wjd8kp6a7LJ9BQFnzIwAQujNk5vg3h6QSG8zuHbu
QtS5gBlzXqd/pqq0o5L5VR+oWxqTWkq/pnRoylzPMw89bKkz5sJGV5lvdh/xDmEG
Glp0FsP5PNNSy83cADsKiG2i6D53bl0U2/r8yoAeF1AiNSsmdVB6oOWjOIsh4fvz
R5shu/Iuka/WZU2/hmfLYYQLOlZf+aXAUr6bqoP3PoD7VXprF7AgjueWSD8Uq4ip
qUHFQ/2+BlLo/qRooXbqnbLuSZiK3+vT1WMl5kbknFMVNw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:23 2026 by rpki-client