Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
File: ec7e5637-f312-4c51-b644-29324b74734e.roa (raw, json)
Hash identifier: iAjE3NB3Ahth2hFoF0PSRhSZGr1pNzZQw72DlfTKaqI=
Subject key identifier: 5D:E8:67:57:A0:75:CF:E3:A0:A2:94:2B:CA:B7:A5:FC:F8:24:E3:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03C719578B8C43335696AE4E7BEA2DBE08BD7042
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
Signing time: Fri 20 Feb 2026 01:50:34 +0000
ROA not before: Fri 20 Feb 2026 01:50:34 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:c7:19:57:8b:8c:43:33:56:96:ae:4e:7b:ea:2d:be:08:bd:70:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 20 01:50:34 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=810c426362f4558ac0579ed2aae4f222cdd75aaea4d9434bf22b46970b1eeedb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9f:11:e9:4d:9e:c7:1a:66:aa:d8:20:de:ea:
a3:e0:36:0d:6c:4d:68:30:fe:89:ce:77:5d:01:64:
64:62:5e:80:46:62:7d:07:4d:8f:ab:44:3f:61:6b:
2e:cd:d3:72:4a:a2:7b:40:01:5e:11:e0:ca:09:0a:
64:e8:1a:ae:c6:2d:fe:51:e8:3f:e3:1f:35:7d:9b:
1e:d0:55:68:da:48:05:db:6f:28:74:7c:24:6e:7c:
7e:f3:2c:e6:7a:24:30:38:9f:89:45:b7:84:50:78:
dd:64:c9:6a:a3:3c:c1:3b:66:a8:80:43:43:44:46:
aa:4b:af:b9:b9:82:d5:2e:3e:b5:e9:24:b4:36:38:
fb:cc:f2:24:28:67:ee:c1:51:20:ce:ab:29:00:fc:
5d:91:6e:9e:d6:6e:ed:54:b8:f7:32:e8:70:7b:b3:
98:4a:ed:84:4d:36:d5:93:a6:c9:8b:38:b4:d2:1d:
af:4e:ff:7c:6e:87:82:6e:43:9b:c2:34:37:04:7c:
01:fb:79:bb:35:64:81:f6:98:ff:4c:d0:98:7f:86:
f0:87:65:fc:1c:29:a9:e1:08:9e:31:a9:62:42:43:
3e:92:20:a0:b7:1f:89:35:3d:4e:f9:28:b4:13:94:
2c:d0:91:9e:39:bf:aa:a5:7e:db:89:cd:b6:f6:bb:
2f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E8:67:57:A0:75:CF:E3:A0:A2:94:2B:CA:B7:A5:FC:F8:24:E3:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.224.0/19
Signature Algorithm: sha256WithRSAEncryption
86:70:11:a7:99:9e:09:03:db:4e:60:f2:9c:43:53:7a:c5:2e:
f2:fb:4c:eb:e6:7d:66:6c:e4:d5:38:7e:49:9e:27:79:e6:9c:
37:d3:89:7b:22:a3:2b:67:23:b3:0b:b8:28:b4:1b:03:54:08:
3e:5a:72:2f:25:c0:fa:17:f5:c0:d1:40:12:80:5e:d1:f6:c1:
ea:ee:ba:c7:d7:31:62:f3:40:8e:7b:15:da:9d:35:3a:c1:13:
3d:61:6f:cf:41:c6:d9:17:f5:64:e9:12:46:a8:57:c5:2c:ed:
0d:96:af:cd:ec:f2:ae:c3:4e:70:39:b0:14:ee:e2:05:1a:04:
43:1a:e1:f4:4c:eb:b6:d4:20:37:46:69:5b:1e:3e:d7:4e:4c:
e3:97:c4:b4:78:bd:e8:75:dc:3b:12:78:98:2f:f2:05:ba:20:
6f:2e:ab:f1:07:13:69:6c:d9:51:98:6a:83:f1:8a:56:ff:47:
65:66:bf:b2:0c:15:e0:44:b6:aa:cc:68:6e:4a:14:ce:d9:e6:
dd:56:be:69:a2:f6:22:24:15:3e:12:66:35:81:f0:14:84:66:
ac:39:f5:71:ff:79:e0:9c:87:68:0d:d0:22:44:4e:26:8f:cf:
80:c5:33:08:0d:cb:cb:61:7c:ac:71:a8:67:e0:98:7a:ca:bf:
04:ee:61:28
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUA8cZV4uMQzNWlq5Oe+otvgi9cEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjAwMTUwMzRaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMGM0MjYzNjJmNDU1OGFjMDU3OWVkMmFhZTRmMjIyY2RkNzVhYWVhNGQ5
NDM0YmYyMmI0Njk3MGIxZWVlZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIefEelNnscaZqrYIN7qo+A2DWxNaDD+ic53XQFkZGJegEZifQdNj6tEP2Fr
Ls3Tckqie0ABXhHgygkKZOgarsYt/lHoP+MfNX2bHtBVaNpIBdtvKHR8JG58fvMs
5nokMDifiUW3hFB43WTJaqM8wTtmqIBDQ0RGqkuvubmC1S4+tekktDY4+8zyJChn
7sFRIM6rKQD8XZFuntZu7VS49zLocHuzmErthE021ZOmyYs4tNIdr07/fG6Hgm5D
m8I0NwR8Aft5uzVkgfaY/0zQmH+G8Idl/BwpqeEInjGpYkJDPpIgoLcfiTU9Tvko
tBOULNCRnjm/qqV+24nNtva7L58CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRd6GdX
oHXP46CilCvKt6X8+CTjuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM3ZTU2MzctZjMxMi00YzUxLWI2NDQtMjkzMjRiNzQ3MzRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAi4DAN
BgkqhkiG9w0BAQsFAAOCAQEAhnARp5meCQPbTmDynENTesUu8vtM6+Z9Zmzk1Th+
SZ4neeacN9OJeyKjK2cjswu4KLQbA1QIPlpyLyXA+hf1wNFAEoBe0fbB6u66x9cx
YvNAjnsV2p01OsETPWFvz0HG2Rf1ZOkSRqhXxSztDZavzezyrsNOcDmwFO7iBRoE
Qxrh9EzrttQgN0ZpWx4+105M45fEtHi96HXcOxJ4mC/yBbogby6r8QcTaWzZUZhq
g/GKVv9HZWa/sgwV4ES2qsxobkoUztnm3Va+aaL2IiQVPhJmNYHwFIRmrDn1cf95
4JyHaA3QIkROJo/PgMUzCA3Ly2F8rHGoZ+CYesq/BO5hKA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:09:04 2026 by rpki-client