Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
File: eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa (raw, json)
Hash identifier: +67VjykXUFqGgSb143YpMMN6AxOqs34NIPH0G41Mdo0=
Subject key identifier: FE:B4:A0:F5:1C:92:BD:7B:73:17:72:7C:F1:E8:36:D8:3F:1D:2C:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66F1C9A3F66B90379C82E6F77E36D624D8C8EF71
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
Signing time: Fri 20 Feb 2026 01:51:08 +0000
ROA not before: Fri 20 Feb 2026 01:51:08 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:f1:c9:a3:f6:6b:90:37:9c:82:e6:f7:7e:36:d6:24:d8:c8:ef:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:51:08 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=1c93d52a89a9d991a63ce05697c89ad0bb48b3207a4c65f73b4ff2dd24cfca28, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:82:b1:d0:0b:3e:ad:06:ce:f6:5e:90:9b:b7:
25:67:26:90:f9:98:fa:f0:27:d8:94:f7:4c:95:71:
13:bf:d4:09:e1:72:da:56:a0:17:0c:0e:37:be:9b:
69:8e:d9:a7:e6:b4:2c:93:cf:8b:c4:93:02:eb:39:
af:fc:93:24:bb:cc:a5:ab:dc:92:5f:11:e0:c6:8c:
b7:b1:ff:0f:65:97:23:56:a4:b2:c8:93:12:24:a3:
f6:5c:e7:67:47:7b:62:b4:11:13:80:90:cb:4f:53:
50:df:e3:e8:ec:7e:c9:2a:78:b7:ab:5e:89:f2:c1:
36:69:d1:3b:7b:05:36:82:ab:45:1f:d1:99:dd:98:
70:39:fb:4f:cd:0f:44:a4:11:58:ab:79:2d:e8:80:
98:5f:5c:55:41:2d:09:4f:41:b0:9b:18:65:2b:b6:
24:b3:74:0f:17:e6:f5:c2:39:0e:52:70:18:8b:ba:
78:b6:a4:65:d7:ca:26:d8:9d:e9:53:41:27:df:6a:
73:b9:99:a5:01:eb:f1:4e:81:f6:bb:a7:22:c7:92:
ec:6f:14:0f:00:65:b7:54:52:05:ef:95:ba:9e:d1:
0c:ed:0d:48:0d:05:4f:55:2b:b2:b0:5e:3c:bc:19:
9a:03:f5:f2:32:33:93:70:66:71:23:ee:de:fa:06:
df:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B4:A0:F5:1C:92:BD:7B:73:17:72:7C:F1:E8:36:D8:3F:1D:2C:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eab8ba62-5934-4c9b-9bd9-10fdd2494662.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/19
Signature Algorithm: sha256WithRSAEncryption
31:0e:5d:e7:7e:4b:7a:8a:4f:a0:f4:ed:59:d3:d4:73:8c:48:
67:c7:7c:e6:bb:51:50:e9:4c:71:40:ca:50:1a:70:d8:1e:8d:
a3:73:c8:ac:d9:db:c8:ae:44:ef:26:4b:d2:88:6b:d9:19:58:
42:9b:0d:2d:41:0a:aa:be:7a:f8:9e:4e:c8:b1:e7:b1:4f:b7:
c4:89:96:ad:c8:96:32:a7:92:e0:8f:2b:ce:3a:b4:67:39:46:
6f:98:5a:c7:99:5c:a7:05:d1:ca:ae:57:25:63:90:b3:a1:27:
65:cf:8c:9f:ce:5a:42:49:1b:96:9b:ea:c6:a2:59:ca:d6:63:
ab:33:28:ad:df:b6:6a:eb:ed:b5:86:cd:17:7a:33:39:96:ac:
33:6f:94:69:74:5f:b9:3d:7e:bb:86:c1:49:64:7c:ca:b3:de:
9f:73:93:ef:0d:85:c2:ff:16:c5:5f:64:ae:59:75:72:e8:7b:
58:90:35:21:cf:a9:34:3f:36:16:33:d6:04:ac:15:ab:bb:20:
ce:ca:2b:c2:24:fb:d1:3f:6c:97:ac:1a:8a:b8:db:23:c1:8d:
f1:60:b0:c8:b3:01:84:d9:f7:05:48:87:4c:4a:fd:03:22:94:
18:16:7a:b8:e4:b2:47:ed:ab:63:8f:fa:9b:05:97:05:e0:5c:
8e:bd:02:7d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZvHJo/ZrkDecgub3fjbWJNjI73EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUxMDhaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjOTNkNTJhODlhOWQ5OTFhNjNjZTA1Njk3Yzg5YWQwYmI0OGIzMjA3YTRj
NjVmNzNiNGZmMmRkMjRjZmNhMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANaCsdALPq0GzvZekJu3JWcmkPmY+vAn2JT3TJVxE7/UCeFy2lagFwwON76b
aY7Zp+a0LJPPi8STAus5r/yTJLvMpavckl8R4MaMt7H/D2WXI1akssiTEiSj9lzn
Z0d7YrQRE4CQy09TUN/j6Ox+ySp4t6teifLBNmnRO3sFNoKrRR/Rmd2YcDn7T80P
RKQRWKt5LeiAmF9cVUEtCU9BsJsYZSu2JLN0Dxfm9cI5DlJwGIu6eLakZdfKJtid
6VNBJ99qc7mZpQHr8U6B9runIseS7G8UDwBlt1RSBe+Vup7RDO0NSA0FT1UrsrBe
PLwZmgP18jIzk3BmcSPu3voG35MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT+tKD1
HJK9e3MXcnzx6DbYPx0sVDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWFiOGJhNjItNTkzNC00YzliLTliZDktMTBmZGQyNDk0NjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAMQ5d535LeopPoPTtWdPUc4xIZ8d85rtRUOlMcUDK
UBpw2B6No3PIrNnbyK5E7yZL0ohr2RlYQpsNLUEKqr56+J5OyLHnsU+3xImWrciW
MqeS4I8rzjq0ZzlGb5hax5lcpwXRyq5XJWOQs6EnZc+Mn85aQkkblpvqxqJZytZj
qzMord+2auvttYbNF3ozOZasM2+UaXRfuT1+u4bBSWR8yrPen3OT7w2Fwv8WxV9k
rll1cuh7WJA1Ic+pND82FjPWBKwVq7sgzsorwiT70T9sl6wairjbI8GN8WCwyLMB
hNn3BUiHTEr9AyKUGBZ6uOSyR+2rY4/6mwWXBeBcjr0CfQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:58 2026 by rpki-client