Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
File: b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa (raw, json)
Hash identifier: SF7co4R9aXTDNZHifUXiN8bTLbrFOeTWBuYcUf2drqw=
Subject key identifier: C4:8B:4B:71:91:E6:5F:68:AF:5B:C7:DB:F8:DB:4E:70:86:E4:F3:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 321AB04B1ED65F2A442D9BFCE816F00A1823C0E7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
Signing time: Mon 11 May 2026 01:51:02 +0000
ROA not before: Mon 11 May 2026 01:51:02 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:1a:b0:4b:1e:d6:5f:2a:44:2d:9b:fc:e8:16:f0:0a:18:23:c0:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:51:02 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=b91985e3cb55da927ec901db39b3c05cfdde484e17f3df88b46939fc5fa10b79, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3d:d6:dc:5c:76:1d:39:8a:f4:82:ab:49:a6:
fa:bb:18:f3:62:ec:06:4c:1a:a3:e9:56:93:79:a4:
3e:4c:08:68:ec:8c:fc:45:ad:51:a5:74:c4:09:a1:
c5:41:ff:95:e3:b3:fa:f4:47:7c:f2:1c:e3:21:77:
aa:d6:81:99:31:ed:60:01:cc:f3:44:ef:e6:06:9c:
1e:83:6a:95:26:9e:0f:2f:65:0a:4b:fd:2d:f8:1b:
31:40:d9:7f:a8:dc:4b:e8:21:68:15:1b:2e:bc:ed:
b9:48:07:e6:05:a0:ba:e4:69:4d:27:69:1e:7c:a6:
a2:c7:29:67:ba:2a:1e:52:4b:ad:08:fa:9d:93:00:
28:75:7a:28:5c:5b:15:be:5d:47:13:92:10:d9:95:
df:30:36:c6:a2:f2:6b:73:ab:ff:60:2b:1c:68:6b:
eb:60:3f:97:42:24:e2:9d:db:e4:14:d0:ff:21:9e:
43:e2:ef:1e:97:f4:67:8f:13:fb:11:ae:4b:35:91:
b1:5d:de:4a:eb:7a:1a:72:50:cc:4e:2c:ee:c6:8a:
d6:74:e2:5c:e9:21:91:b5:e3:73:02:72:01:4b:b4:
75:d0:0f:8e:6d:87:46:5e:49:a3:d8:02:57:ad:d4:
f8:6f:78:a4:ce:e7:1a:31:13:ca:53:5e:93:f1:b2:
84:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:8B:4B:71:91:E6:5F:68:AF:5B:C7:DB:F8:DB:4E:70:86:E4:F3:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/19
Signature Algorithm: sha256WithRSAEncryption
c7:d8:92:ad:92:64:48:b8:f9:cd:f3:72:ca:3d:75:61:67:71:
e0:60:00:ea:bf:67:63:32:4b:d1:e0:20:3a:25:3a:a5:71:3d:
e0:9b:d0:6f:e5:53:84:7d:89:8e:93:b1:7e:ac:b1:78:d7:b9:
dd:0d:9b:b4:3a:d2:b2:d9:6a:1d:5d:e4:93:77:12:ad:2a:39:
ba:a8:0d:2e:7a:d2:c9:d5:45:23:1c:c9:c6:62:20:79:43:06:
bf:2f:2b:dc:e8:77:d8:69:99:8d:10:c2:00:e6:21:79:56:29:
00:69:07:01:2e:07:27:68:c0:b9:2e:2b:85:69:e2:9c:a2:67:
1c:ca:73:87:d1:c2:46:35:86:8b:fb:9b:73:98:62:b6:0e:80:
f1:8b:fc:8b:65:25:3f:63:38:3a:de:5a:3d:08:87:d7:24:03:
e3:de:e3:70:a0:2b:30:71:d7:f4:2f:1d:e1:a1:ae:61:3d:14:
bb:a8:54:f6:d2:cf:75:c2:79:e7:75:df:06:45:39:c6:ef:19:
79:32:d4:ea:dd:eb:c7:ef:6f:5c:ae:2a:d8:0e:f0:a5:bd:80:
53:f7:84:28:38:d9:fe:cd:cd:ac:11:3b:05:08:06:2f:29:9d:
2c:77:2b:17:84:e5:14:4f:9f:b0:bd:36:5e:0a:1a:42:c7:66:
10:00:1f:f1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMhqwSx7WXypELZv86BbwChgjwOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUxMDJaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5MTk4NWUzY2I1NWRhOTI3ZWM5MDFkYjM5YjNjMDVjZmRkZTQ4NGUxN2Yz
ZGY4OGI0NjkzOWZjNWZhMTBiNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKY91txcdh05ivSCq0mm+rsY82LsBkwao+lWk3mkPkwIaOyM/EWtUaV0xAmh
xUH/leOz+vRHfPIc4yF3qtaBmTHtYAHM80Tv5gacHoNqlSaeDy9lCkv9LfgbMUDZ
f6jcS+ghaBUbLrztuUgH5gWguuRpTSdpHnymoscpZ7oqHlJLrQj6nZMAKHV6KFxb
Fb5dRxOSENmV3zA2xqLya3Or/2ArHGhr62A/l0Ik4p3b5BTQ/yGeQ+LvHpf0Z48T
+xGuSzWRsV3eSut6GnJQzE4s7saK1nTiXOkhkbXjcwJyAUu0ddAPjm2HRl5Jo9gC
V63U+G94pM7nGjETylNek/GyhD8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTEi0tx
keZfaK9bx9v4205whuTzyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjlmZjM5MmUtMDljMC00YjdjLWJkZDUtNWZiMTMxNmUzOThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAx9iSrZJkSLj5zfNyyj11YWdx4GAA6r9nYzJL0eAg
OiU6pXE94JvQb+VThH2JjpOxfqyxeNe53Q2btDrSstlqHV3kk3cSrSo5uqgNLnrS
ydVFIxzJxmIgeUMGvy8r3Oh32GmZjRDCAOYheVYpAGkHAS4HJ2jAuS4rhWninKJn
HMpzh9HCRjWGi/ubc5hitg6A8Yv8i2UlP2M4Ot5aPQiH1yQD497jcKArMHHX9C8d
4aGuYT0Uu6hU9tLPdcJ553XfBkU5xu8ZeTLU6t3rx+9vXK4q2A7wpb2AU/eEKDjZ
/s3NrBE7BQgGLymdLHcrF4TlFE+fsL02XgoaQsdmEAAf8Q==
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:27 2026 by rpki-client