Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
File: ea9f1f24-552b-49dd-a167-4872d5575c1d.roa (raw, json)
Hash identifier: 289bwMFZgiy5ZAQOGsKaGd7C9q9kQHhSUVfLgfyujH4=
Subject key identifier: 0F:F2:AE:5D:05:30:CD:D6:C2:23:35:24:D6:93:CC:0D:57:CC:27:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53DCDC6C12AA6157636C3BB9828C99EAFC5E2EDE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
Signing time: Sat 28 Feb 2026 05:50:45 +0000
ROA not before: Sat 28 Feb 2026 05:50:45 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:dc:dc:6c:12:aa:61:57:63:6c:3b:b9:82:8c:99:ea:fc:5e:2e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:45 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=1879a447875a672917502ad16b761f8cc790fbbc88a06b21a1339b78531c515a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:96:41:62:de:4a:79:60:35:70:60:3c:aa:89:
17:6a:3e:89:bd:f8:c4:02:dc:5c:c8:22:c1:7b:25:
55:06:5e:cf:fa:77:9e:f1:1d:06:68:2d:de:f1:4b:
58:f8:d9:7b:e7:e0:72:c0:22:5c:1b:5d:7d:4e:41:
c1:57:62:18:97:65:ef:08:65:d7:4d:a3:53:a1:00:
33:d4:e2:96:86:10:3d:7f:e9:2c:d9:98:ca:da:82:
47:ff:2d:4d:31:e5:ef:68:f5:8e:a3:54:e4:1e:0d:
c6:29:bd:41:62:04:65:72:c1:4f:14:ed:40:97:33:
d7:62:ad:31:93:28:d5:9b:08:60:8f:f6:69:df:3c:
fa:58:09:f6:63:ea:ee:a1:56:ea:34:7f:74:f7:a3:
81:72:c6:3d:3e:57:03:b0:de:f0:03:67:89:ab:9b:
3c:f0:82:f4:1b:40:6a:a0:f7:86:88:19:3b:ae:f6:
68:83:d3:2c:2e:6c:c0:06:d4:b7:87:af:2c:39:0b:
76:0a:25:eb:2f:a8:28:55:22:e7:ea:17:91:1e:ec:
af:f5:48:82:da:8e:d4:df:1c:01:b0:3a:04:e2:9a:
56:85:c8:e8:f5:b7:19:f0:5e:20:0c:7a:23:69:1d:
d0:e8:e3:ef:46:57:76:21:66:08:a5:2b:10:57:96:
5c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F2:AE:5D:05:30:CD:D6:C2:23:35:24:D6:93:CC:0D:57:CC:27:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.120.0/22
Signature Algorithm: sha256WithRSAEncryption
69:12:5e:15:9a:8e:79:ae:c7:07:dc:37:eb:1c:cb:a7:ed:ca:
10:b4:16:7f:58:63:11:65:ee:29:63:39:c1:2b:e3:1c:d2:0a:
ff:aa:9c:f8:ce:80:2b:1b:ea:33:b1:c5:3e:dd:17:55:4b:49:
ae:32:2a:14:b2:64:8a:9c:8e:75:d5:bd:07:7b:9e:32:5c:fc:
72:3b:6e:97:d8:ec:d3:ba:8d:6e:c5:28:e9:a4:fa:42:15:bd:
53:7f:cb:f5:ab:03:8e:37:20:f3:4b:23:b4:c6:52:45:47:14:
80:19:54:bb:1e:a5:9b:74:ba:bd:cd:4d:34:c2:c2:a9:02:36:
98:60:c0:ca:b1:6e:0e:6a:d0:3f:e8:79:4a:d5:85:89:0a:1a:
e9:17:33:5b:3e:19:fa:5c:b1:dc:9a:af:78:d1:1b:34:59:ae:
da:6f:c5:9c:35:f4:a9:93:a6:9d:0a:46:95:f0:9f:92:98:bd:
ba:a2:65:00:4a:ef:a3:eb:0a:4d:3e:f6:03:56:66:0d:5c:a6:
3d:9c:02:4b:67:d7:12:c4:73:47:48:78:46:1c:1b:df:76:25:
db:5d:90:ff:50:75:1f:03:60:f0:c8:fa:2d:55:89:0c:78:2b:
cc:b6:68:33:6d:06:4e:ce:2c:ce:2c:df:3e:fa:fb:ae:4e:6c:
33:24:45:79
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUU9zcbBKqYVdjbDu5goyZ6vxeLt4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwNDVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4NzlhNDQ3ODc1YTY3MjkxNzUwMmFkMTZiNzYxZjhjYzc5MGZiYmM4OGEw
NmIyMWExMzM5Yjc4NTMxYzUxNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAISWQWLeSnlgNXBgPKqJF2o+ib34xALcXMgiwXslVQZez/p3nvEdBmgt3vFL
WPjZe+fgcsAiXBtdfU5BwVdiGJdl7whl102jU6EAM9TiloYQPX/pLNmYytqCR/8t
TTHl72j1jqNU5B4Nxim9QWIEZXLBTxTtQJcz12KtMZMo1ZsIYI/2ad88+lgJ9mPq
7qFW6jR/dPejgXLGPT5XA7De8ANniaubPPCC9BtAaqD3hogZO672aIPTLC5swAbU
t4evLDkLdgol6y+oKFUi5+oXkR7sr/VIgtqO1N8cAbA6BOKaVoXI6PW3GfBeIAx6
I2kd0Ojj70ZXdiFmCKUrEFeWXNUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQP8q5d
BTDN1sIjNSTWk8wNV8wnJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWE5ZjFmMjQtNTUyYi00OWRkLWExNjctNDg3MmQ1NTc1YzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgeDAN
BgkqhkiG9w0BAQsFAAOCAQEAaRJeFZqOea7HB9w36xzLp+3KELQWf1hjEWXuKWM5
wSvjHNIK/6qc+M6AKxvqM7HFPt0XVUtJrjIqFLJkipyOddW9B3ueMlz8cjtul9js
07qNbsUo6aT6QhW9U3/L9asDjjcg80sjtMZSRUcUgBlUux6lm3S6vc1NNMLCqQI2
mGDAyrFuDmrQP+h5StWFiQoa6RczWz4Z+lyx3JqveNEbNFmu2m/FnDX0qZOmnQpG
lfCfkpi9uqJlAErvo+sKTT72A1ZmDVymPZwCS2fXEsRzR0h4Rhwb33Yl212Q/1B1
HwNg8Mj6LVWJDHgrzLZoM20GTs4szizfPvr7rk5sMyRFeQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:48:49 2026 by rpki-client