Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
File: 2780ebe2-8258-4510-a848-89116418e1c7.roa (raw, json)
Hash identifier: ONawh3/ixzWSo60PBdxA6fysXM1TBQ/YCuLqxj69k8k=
Subject key identifier: 01:5E:26:C4:6C:40:D1:A9:FE:86:56:DE:86:1B:6C:55:1E:A8:B8:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A8D9A041E45B9CA52D25A409B2966E04B1B116E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
Signing time: Mon 11 May 2026 01:50:36 +0000
ROA not before: Mon 11 May 2026 01:50:36 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:8d:9a:04:1e:45:b9:ca:52:d2:5a:40:9b:29:66:e0:4b:1b:11:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:36 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=7147191a13a9dca29cbc3e972880f4ed5163e571cfb9e03cd0a9787189471579, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0a:7c:ec:e9:1a:14:b0:a2:d0:17:1d:37:2c:
df:c3:97:e4:b5:f6:db:6a:ee:68:49:2d:6a:0e:58:
66:7b:1c:73:9c:0b:b4:b9:ee:24:22:09:85:c8:32:
1c:b4:2a:87:6a:b9:32:fd:89:56:1f:b0:52:de:5a:
89:01:fb:fc:ff:c0:07:d2:1e:66:35:38:89:6c:2e:
97:77:e5:e9:17:f1:d3:de:9d:dc:6a:de:a9:13:a2:
8c:ec:9e:50:ae:07:2a:61:7d:8c:ed:45:0b:11:1c:
b7:04:8a:29:d7:34:01:09:41:c1:7a:98:3a:6f:c1:
9d:4a:26:90:23:f2:df:d6:53:a6:eb:3d:59:7a:6c:
e8:e3:01:0d:cd:90:7a:8e:36:08:d5:07:b5:3f:89:
22:76:f6:1b:46:79:2b:14:e5:aa:3f:12:37:43:86:
7d:0a:83:73:24:8b:d1:82:4e:10:83:c8:93:82:76:
f3:bf:67:9b:4e:82:56:17:18:ed:01:7e:62:ba:29:
74:50:19:c8:d0:b4:8f:cc:4d:45:36:42:1b:61:f4:
03:15:89:d1:77:21:7b:34:05:ae:f4:41:26:f6:63:
9f:ce:ed:e2:97:11:a2:7f:3f:5a:c6:27:27:95:c9:
19:f4:24:ca:09:ef:fd:7f:5c:12:90:b2:59:68:20:
3e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5E:26:C4:6C:40:D1:A9:FE:86:56:DE:86:1B:6C:55:1E:A8:B8:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/19
Signature Algorithm: sha256WithRSAEncryption
5b:9f:db:7f:77:69:86:0b:17:3b:a3:9d:65:85:a6:2a:97:cd:
5d:e6:5f:1a:06:ca:c3:6c:32:17:0e:7f:0b:6d:fa:1e:30:b2:
ae:71:73:4b:4d:44:38:e2:ed:ea:92:c7:5d:55:ca:29:6c:a6:
59:39:07:6d:4f:88:9c:ba:15:e5:1c:b9:51:a5:02:6a:36:d3:
66:60:0f:92:ae:a3:4d:60:40:20:58:de:ce:aa:26:22:cd:39:
32:4c:0e:77:c8:ae:2a:c1:34:5c:ea:55:4c:53:83:77:fa:1e:
60:5e:44:af:fe:16:24:68:d5:8b:4a:fe:a7:5b:06:fd:e9:93:
4b:50:94:b0:65:2d:61:39:16:68:ef:6f:03:cf:a9:78:d3:3c:
9d:d9:73:f1:8a:39:e5:d3:0f:cc:5c:33:08:05:cd:4e:68:bc:
30:e1:8b:f8:f2:b6:55:3c:01:c6:c4:14:08:d3:cf:eb:27:4f:
80:b3:59:aa:9d:ce:5c:ff:20:21:66:e1:65:e5:96:51:75:b2:
cd:b0:d5:2a:bf:63:94:95:df:6a:0a:88:b1:e9:a0:af:04:f8:
0c:eb:cd:d3:98:10:b2:3c:56:e9:78:19:83:0c:24:f6:b8:ec:
cf:7c:bb:45:dd:74:07:be:1f:32:6d:3c:87:7d:45:72:29:95:
89:7b:34:69
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOo2aBB5FucpS0lpAmylm4EsbEW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMzZaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxNDcxOTFhMTNhOWRjYTI5Y2JjM2U5NzI4ODBmNGVkNTE2M2U1NzFjZmI5
ZTAzY2QwYTk3ODcxODk0NzE1NzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAKfOzpGhSwotAXHTcs38OX5LX222ruaEktag5YZnscc5wLtLnuJCIJhcgy
HLQqh2q5Mv2JVh+wUt5aiQH7/P/AB9IeZjU4iWwul3fl6Rfx096d3GreqROijOye
UK4HKmF9jO1FCxEctwSKKdc0AQlBwXqYOm/BnUomkCPy39ZTpus9WXps6OMBDc2Q
eo42CNUHtT+JInb2G0Z5KxTlqj8SN0OGfQqDcySL0YJOEIPIk4J2879nm06CVhcY
7QF+YropdFAZyNC0j8xNRTZCG2H0AxWJ0XchezQFrvRBJvZjn87t4pcRon8/WsYn
J5XJGfQkygnv/X9cEpCyWWggPlMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQBXibE
bEDRqf6GVt6GG2xVHqi4xDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4MGViZTItODI1OC00NTEwLWE4NDgtODkxMTY0MThlMWM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEAW5/bf3dphgsXO6OdZYWmKpfNXeZfGgbKw2wyFw5/
C236HjCyrnFzS01EOOLt6pLHXVXKKWymWTkHbU+InLoV5Ry5UaUCajbTZmAPkq6j
TWBAIFjezqomIs05MkwOd8iuKsE0XOpVTFODd/oeYF5Er/4WJGjVi0r+p1sG/emT
S1CUsGUtYTkWaO9vA8+peNM8ndlz8Yo55dMPzFwzCAXNTmi8MOGL+PK2VTwBxsQU
CNPP6ydPgLNZqp3OXP8gIWbhZeWWUXWyzbDVKr9jlJXfagqIsemgrwT4DOvN05gQ
sjxW6XgZgwwk9rjsz3y7Rd10B74fMm08h31FcimViXs0aQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:16:22 2026 by rpki-client