Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5744d03-14d6-49dd-bcc7-bbf41846c647.roa
File: e5744d03-14d6-49dd-bcc7-bbf41846c647.roa (raw, json)
Hash identifier: cNpi1h6s1ny5uffgQ3TRjn5CC1bj17JlGNOIQSACR3s=
Subject key identifier: A2:3F:8A:90:5D:EC:1A:D6:56:C9:BB:34:C4:A0:04:B3:2D:72:31:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A8B630D3A06131AFA9CA97F775ABEBF8524850D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5744d03-14d6-49dd-bcc7-bbf41846c647.roa
Signing time: Tue 19 May 2026 04:40:56 +0000
ROA not before: Tue 19 May 2026 04:40:56 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 12:50:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:8b:63:0d:3a:06:13:1a:fa:9c:a9:7f:77:5a:be:bf:85:24:85:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:56 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=faebfeaf91d49b40d59506b5ca1b62b44eb8c986a6417c3b68c5057d2e91cf39, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b3:c4:e7:66:3c:6a:cb:42:ad:a7:f1:d3:96:
1c:a0:14:11:4c:ac:94:57:06:32:f3:68:9c:21:1b:
f9:40:73:0b:2c:be:ef:76:78:fc:15:79:3f:ff:1f:
5b:69:7c:37:72:05:7e:d1:ab:74:84:0e:96:2a:35:
fe:de:07:f7:de:eb:67:5f:1c:bd:78:11:02:77:93:
e0:4b:a0:a4:e2:cb:3b:7d:8a:7f:b8:9a:69:e1:cd:
d0:c9:e1:d4:92:2e:05:7e:70:ab:02:c2:b1:4d:60:
cf:44:37:b7:ce:b8:2e:93:75:64:ea:f5:31:d7:6b:
e1:19:19:46:b5:df:0f:60:e2:6f:c9:42:1e:ef:e0:
c6:78:fd:07:0c:62:31:57:30:cf:bd:5d:fb:12:a0:
28:34:d0:69:24:5b:f7:34:c3:f1:25:c3:fa:ca:7d:
db:11:16:c3:e4:0a:71:92:1a:be:d7:22:79:71:81:
d5:e7:f8:2b:71:75:db:81:f0:ae:a4:ff:74:b3:f5:
c8:07:2a:cc:36:d5:57:8a:5d:93:dd:0e:29:d5:78:
0b:bc:2b:48:57:5b:27:f6:e0:0f:93:c7:04:dd:58:
fa:60:9c:58:24:c6:64:9d:1f:96:36:f0:71:c0:0c:
ee:2a:8e:05:c8:94:d6:db:cc:f5:e3:30:ae:0c:de:
b6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3F:8A:90:5D:EC:1A:D6:56:C9:BB:34:C4:A0:04:B3:2D:72:31:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5744d03-14d6-49dd-bcc7-bbf41846c647.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.126.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:b1:c1:75:55:cc:9b:e9:ba:51:93:b4:90:85:d8:b4:67:ed:
24:d4:e1:bc:e7:a2:4e:41:59:0d:8c:7f:ad:3c:f9:26:4b:58:
ea:cd:bc:4a:53:68:e4:54:c9:01:68:00:85:94:2a:35:1d:b6:
01:e5:09:39:d7:9e:81:82:79:9f:c4:fe:0e:b1:69:04:ad:92:
de:a6:44:23:0d:10:21:1e:2c:ee:17:8c:0f:4a:2a:a6:fe:c1:
22:e7:d6:b8:98:ea:dd:6a:c8:6d:4d:90:ef:07:4f:36:0a:04:
bd:1a:17:f5:6f:16:89:80:14:99:e8:41:9c:f3:c5:4e:67:13:
93:7c:96:5a:03:e7:60:84:a3:3b:64:fb:f7:43:0e:34:46:d8:
7a:95:fb:43:e9:ba:8e:4d:e7:90:7c:e7:a8:b6:ca:be:7e:88:
c8:5c:21:5a:0c:01:84:2e:31:94:a0:a5:ae:5d:9c:3a:58:90:
ac:76:8f:0a:72:9f:e6:77:85:54:75:af:a1:f7:20:a0:0d:98:
46:87:30:c7:b8:4e:37:96:af:3f:18:44:96:d0:41:6f:9a:2c:
41:cb:52:13:f7:54:77:e5:30:23:45:01:4a:10:67:ff:96:3f:
77:ae:be:f1:48:45:fb:dd:74:16:12:bb:da:d0:06:4c:27:a9:
0f:1a:4e:dd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWotjDToGExr6nKl/d1q+v4UkhQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwNTZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhZWJmZWFmOTFkNDliNDBkNTk1MDZiNWNhMWI2MmI0NGViOGM5ODZhNjQx
N2MzYjY4YzUwNTdkMmU5MWNmMzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyzxOdmPGrLQq2n8dOWHKAUEUyslFcGMvNonCEb+UBzCyy+73Z4/BV5P/8f
W2l8N3IFftGrdIQOlio1/t4H997rZ18cvXgRAneT4EugpOLLO32Kf7iaaeHN0Mnh
1JIuBX5wqwLCsU1gz0Q3t864LpN1ZOr1Mddr4RkZRrXfD2Dib8lCHu/gxnj9Bwxi
MVcwz71d+xKgKDTQaSRb9zTD8SXD+sp92xEWw+QKcZIavtcieXGB1ef4K3F124Hw
rqT/dLP1yAcqzDbVV4pdk90OKdV4C7wrSFdbJ/bgD5PHBN1Y+mCcWCTGZJ0fljbw
ccAM7iqOBciU1tvM9eMwrgzetnsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSiP4qQ
Xewa1lbJuzTEoASzLXIxuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTU3NDRkMDMtMTRkNi00OWRkLWJjYzctYmJmNDE4NDZjNjQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbAgfjAN
BgkqhkiG9w0BAQsFAAOCAQEAbLHBdVXMm+m6UZO0kIXYtGftJNThvOeiTkFZDYx/
rTz5JktY6s28SlNo5FTJAWgAhZQqNR22AeUJOdeegYJ5n8T+DrFpBK2S3qZEIw0Q
IR4s7heMD0oqpv7BIufWuJjq3WrIbU2Q7wdPNgoEvRoX9W8WiYAUmehBnPPFTmcT
k3yWWgPnYISjO2T790MONEbYepX7Q+m6jk3nkHznqLbKvn6IyFwhWgwBhC4xlKCl
rl2cOliQrHaPCnKf5neFVHWvofcgoA2YRocwx7hON5avPxhEltBBb5osQctSE/dU
d+UwI0UBShBn/5Y/d66+8UhF+910FhK72tAGTCepDxpO3Q==
-----END CERTIFICATE-----
Generated at Sat Jun 6 16:08:50 2026 by rpki-client