Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
File: 27619839-e7af-4103-a7dd-056323333518.roa (raw, json)
Hash identifier: wPWHU5wldtqqaXOGLlEd4wnkgHxFYNqnYjCtxExOOug=
Subject key identifier: 76:76:5B:49:DF:B7:11:9D:CB:8E:80:6B:23:E5:94:9F:93:8D:54:16
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67AA65768DC03177CAEA3A06BC3D99472729A8D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
Signing time: Mon 11 May 2026 01:50:10 +0000
ROA not before: Mon 11 May 2026 01:50:10 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.88.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:aa:65:76:8d:c0:31:77:ca:ea:3a:06:bc:3d:99:47:27:29:a8:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:10 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=c89941756a47ff31678448e4440312691f8951c445db8bf1c389f76212117b15, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3d:f1:40:21:1f:1c:10:66:e8:2d:19:76:de:
88:51:d0:2e:4c:82:04:1f:df:61:34:23:bd:0d:ce:
02:26:f2:1d:17:b2:d8:66:48:40:23:86:0b:b0:e4:
6d:ae:8f:82:7d:76:6a:61:d7:74:32:f8:33:fe:be:
17:a5:01:03:67:93:18:01:03:0d:80:a7:23:84:34:
d4:8c:00:7b:28:5c:c5:82:1a:3e:56:a7:6f:67:cd:
48:36:53:40:6b:b9:7c:58:28:3f:a9:83:a8:db:32:
f1:2f:5b:57:97:e3:2f:d7:83:8e:e8:4d:1f:76:28:
e6:46:fe:fc:6b:55:7f:be:98:bd:9d:ab:1b:37:03:
62:6f:e8:04:65:ea:3d:e5:6c:77:0e:d9:f2:b3:ad:
08:e8:82:27:fe:d2:db:4e:b3:d0:98:e9:6d:22:79:
39:56:9c:4d:a7:0b:8c:b1:04:21:70:52:0e:0e:29:
f8:14:84:12:68:f6:24:da:00:0d:ff:f9:f5:fc:ac:
cb:5b:92:3e:9d:6d:bc:73:ff:0b:d3:46:60:9a:2c:
61:a0:55:b7:70:67:5d:c4:25:65:ca:99:a2:ca:42:
44:39:b0:8e:9f:0e:05:e5:c2:f9:d1:7a:70:c4:29:
3b:6a:46:99:dc:1f:8b:96:ed:c1:39:d6:91:cc:5f:
f0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:76:5B:49:DF:B7:11:9D:CB:8E:80:6B:23:E5:94:9F:93:8D:54:16
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.88.0/21
Signature Algorithm: sha256WithRSAEncryption
14:51:52:ef:a0:c4:34:b9:db:73:06:13:46:0c:59:75:d4:11:
92:3b:68:2f:07:ab:24:c9:36:41:3b:19:71:a1:ee:5f:78:d5:
5d:51:a3:af:49:a5:ba:6c:95:63:07:a4:38:b4:b7:4b:c8:00:
5f:a2:e5:31:c8:99:ea:f9:d6:71:08:40:e3:4d:1e:f9:3d:ca:
55:d7:ca:e1:c0:8a:7d:3c:49:11:4f:3b:32:56:05:bf:90:ff:
18:b9:30:06:91:b6:d7:3b:ca:9f:31:8a:a1:18:d1:fc:3c:6a:
4d:3c:1e:95:fa:3b:23:2c:6e:27:33:f8:ee:2c:ee:96:e6:ea:
2f:ec:2d:6b:9f:c5:08:c7:2b:fb:ee:38:c4:35:cd:24:f5:86:
a7:cc:2c:c9:5d:cc:aa:34:8e:bb:7e:b8:da:73:f7:8a:44:f9:
35:78:37:f5:77:5e:8a:10:5b:ed:6d:31:8b:7a:b6:7b:91:c1:
49:81:37:32:26:1c:a9:62:0c:f5:68:40:6e:d9:7a:45:7b:c2:
04:23:49:21:73:a6:0b:48:46:3c:a8:bb:f7:42:f2:87:14:b3:
73:7b:dd:83:5e:c9:5c:23:2a:cd:4c:f8:be:19:78:30:82:2e:
38:26:08:b1:f7:ad:7b:08:4f:04:65:7d:49:c0:ff:8a:15:eb:
0f:6e:8a:9e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZ6pldo3AMXfK6joGvD2ZRycpqNYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMTBaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4OTk0MTc1NmE0N2ZmMzE2Nzg0NDhlNDQ0MDMxMjY5MWY4OTUxYzQ0NWRi
OGJmMWMzODlmNzYyMTIxMTdiMTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALo98UAhHxwQZugtGXbeiFHQLkyCBB/fYTQjvQ3OAibyHRey2GZIQCOGC7Dk
ba6Pgn12amHXdDL4M/6+F6UBA2eTGAEDDYCnI4Q01IwAeyhcxYIaPlanb2fNSDZT
QGu5fFgoP6mDqNsy8S9bV5fjL9eDjuhNH3Yo5kb+/GtVf76YvZ2rGzcDYm/oBGXq
PeVsdw7Z8rOtCOiCJ/7S206z0JjpbSJ5OVacTacLjLEEIXBSDg4p+BSEEmj2JNoA
Df/59fysy1uSPp1tvHP/C9NGYJosYaBVt3BnXcQlZcqZospCRDmwjp8OBeXC+dF6
cMQpO2pGmdwfi5btwTnWkcxf8CECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR2dltJ
37cRncuOgGsj5ZSfk41UFjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc2MTk4MzktZTdhZi00MTAzLWE3ZGQtMDU2MzIzMzMzNTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgWDAN
BgkqhkiG9w0BAQsFAAOCAQEAFFFS76DENLnbcwYTRgxZddQRkjtoLwerJMk2QTsZ
caHuX3jVXVGjr0mlumyVYwekOLS3S8gAX6LlMciZ6vnWcQhA400e+T3KVdfK4cCK
fTxJEU87MlYFv5D/GLkwBpG21zvKnzGKoRjR/DxqTTwelfo7IyxuJzP47izulubq
L+wta5/FCMcr++44xDXNJPWGp8wsyV3MqjSOu3642nP3ikT5NXg39XdeihBb7W0x
i3q2e5HBSYE3MiYcqWIM9WhAbtl6RXvCBCNJIXOmC0hGPKi790LyhxSzc3vdg17J
XCMqzUz4vhl4MIIuOCYIsfetewhPBGV9ScD/ihXrD26Kng==
-----END CERTIFICATE-----
Generated at Wed May 13 00:18:04 2026 by rpki-client