Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53380a08-b071-4729-9c41-f9a83d36f4c0.roa
File: 53380a08-b071-4729-9c41-f9a83d36f4c0.roa (raw, json)
Hash identifier: mdiZ2ZPDkkZ3FED7bEMhZ0MsnRdljOoURPuiFMg4atA=
Subject key identifier: 68:A4:40:0D:03:B5:3E:7F:F3:88:E6:D6:C0:C5:70:14:9E:76:AE:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24B79A566EDFA55F35B60DFC4D7CF6480C5866B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53380a08-b071-4729-9c41-f9a83d36f4c0.roa
Signing time: Mon 11 May 2026 01:50:09 +0000
ROA not before: Mon 11 May 2026 01:50:09 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.80.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:b7:9a:56:6e:df:a5:5f:35:b6:0d:fc:4d:7c:f6:48:0c:58:66:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:09 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=58022ea1a2d91c3ce1ff762c0378a3e500731e7e2ad9397edaeb8763fb181aef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:50:06:f1:65:ab:84:53:83:1a:05:fd:b4:df:
a9:b2:f3:3f:a8:75:bf:ff:1a:62:a5:dd:e0:8a:79:
51:50:d3:08:d8:4a:0b:b7:5d:f2:6e:eb:88:6d:40:
1c:e1:16:9b:12:52:0d:5a:d9:ba:ef:e2:bb:71:4a:
07:d0:57:99:3f:df:20:c8:16:b1:68:98:80:f5:14:
00:ba:01:ad:0e:f6:8a:1b:b2:f5:43:0e:5c:3a:d7:
44:2e:cf:49:e7:f9:d6:aa:b4:d6:96:b6:bf:47:4c:
52:c3:74:18:98:d2:91:48:57:0e:ae:85:2b:8c:16:
98:24:67:4e:8a:be:58:ce:99:be:c7:9a:cb:25:55:
a3:d4:86:b5:08:0b:e5:a2:07:df:da:a7:f7:12:70:
5e:d0:ac:df:dc:b1:8d:15:66:c6:3b:3a:df:67:53:
ef:7c:7f:12:f2:80:d0:3c:0b:78:fa:c4:6c:0a:69:
31:db:95:5e:73:fe:5f:ed:82:f2:bd:93:4e:3c:2c:
83:31:8b:af:8d:4d:53:f7:20:d7:06:3d:b7:28:9c:
c6:bd:58:a0:10:ea:29:c8:a8:25:71:19:ce:14:2b:
15:89:2e:ea:1e:33:df:6f:55:14:9b:1f:42:ec:1b:
83:fd:a9:01:0e:12:f6:d3:97:7a:e5:b7:aa:12:66:
ba:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A4:40:0D:03:B5:3E:7F:F3:88:E6:D6:C0:C5:70:14:9E:76:AE:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53380a08-b071-4729-9c41-f9a83d36f4c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.80.0/22
Signature Algorithm: sha256WithRSAEncryption
29:34:3f:1f:3b:1c:fc:c2:39:d4:6d:23:d2:dd:e8:02:08:98:
6d:2e:86:c7:3f:9a:13:f2:cb:31:69:3c:f2:8d:a9:dd:ff:07:
6b:a2:ab:4e:2a:99:5b:b0:3d:18:65:03:e9:c1:ef:f5:37:8c:
96:6e:a9:77:2e:76:16:ed:55:cc:d2:c1:37:40:4d:6d:2b:c3:
8d:66:d4:b7:76:b7:5a:60:db:80:c1:de:f5:2a:bd:60:50:7c:
7d:9d:91:b6:e1:b4:b6:d3:ee:4a:d8:f6:a0:21:a5:1d:1b:ee:
cd:32:d6:3a:95:dc:e2:dc:6e:a8:c3:05:98:ab:f5:0f:72:23:
ec:49:65:b7:a0:03:5c:e3:ee:06:92:92:89:28:ed:fb:0b:8b:
09:2e:49:9e:c7:12:65:af:ef:40:08:66:8b:62:c5:a2:61:be:
47:d6:cc:03:62:08:49:07:6b:1b:98:3e:53:81:81:3f:7d:e1:
cf:6f:56:e2:01:48:3b:d0:1a:c0:71:3a:33:39:0f:c7:44:98:
e5:32:47:45:17:f6:5f:ae:ea:d1:55:71:21:f0:f4:e7:43:14:
54:27:1e:7d:a8:19:67:d4:0e:c3:67:ba:b9:3a:ce:95:f4:9e:
fc:dd:98:3b:70:52:e5:74:55:0f:5a:b4:e1:ed:2a:2d:20:22:
dd:da:23:fc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJLeaVm7fpV81tg38TXz2SAxYZrYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMDlaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4MDIyZWExYTJkOTFjM2NlMWZmNzYyYzAzNzhhM2U1MDA3MzFlN2UyYWQ5
Mzk3ZWRhZWI4NzYzZmIxODFhZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFQBvFlq4RTgxoF/bTfqbLzP6h1v/8aYqXd4Ip5UVDTCNhKC7dd8m7riG1A
HOEWmxJSDVrZuu/iu3FKB9BXmT/fIMgWsWiYgPUUALoBrQ72ihuy9UMOXDrXRC7P
Sef51qq01pa2v0dMUsN0GJjSkUhXDq6FK4wWmCRnToq+WM6ZvseayyVVo9SGtQgL
5aIH39qn9xJwXtCs39yxjRVmxjs632dT73x/EvKA0DwLePrEbAppMduVXnP+X+2C
8r2TTjwsgzGLr41NU/cg1wY9tyicxr1YoBDqKcioJXEZzhQrFYku6h4z329VFJsf
Quwbg/2pAQ4S9tOXeuW3qhJmumECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRopEAN
A7U+f/OI5tbAxXAUnnaubzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMzODBhMDgtYjA3MS00NzI5LTljNDEtZjlhODNkMzZmNGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgUDAN
BgkqhkiG9w0BAQsFAAOCAQEAKTQ/Hzsc/MI51G0j0t3oAgiYbS6Gxz+aE/LLMWk8
8o2p3f8Ha6KrTiqZW7A9GGUD6cHv9TeMlm6pdy52Fu1VzNLBN0BNbSvDjWbUt3a3
WmDbgMHe9Sq9YFB8fZ2RtuG0ttPuStj2oCGlHRvuzTLWOpXc4txuqMMFmKv1D3Ij
7Ellt6ADXOPuBpKSiSjt+wuLCS5JnscSZa/vQAhmi2LFomG+R9bMA2IISQdrG5g+
U4GBP33hz29W4gFIO9AawHE6MzkPx0SY5TJHRRf2X67q0VVxIfD050MUVCcefagZ
Z9QOw2e6uTrOlfSe/N2YO3BS5XRVD1q04e0qLSAi3doj/A==
-----END CERTIFICATE-----
Generated at Wed May 13 00:01:27 2026 by rpki-client