Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa
File: 296e983c-f59b-4a15-a74d-56b2bff88779.roa (raw, json)
Hash identifier: nPGeB8q/Bs3LHPxsqNfb4ZbyGWa8lVmX7otE1KQp5nI=
Subject key identifier: 71:9C:2B:F8:50:0B:C1:CA:69:33:1E:37:D8:06:4B:02:7E:36:62:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C4EA960C2C590F0EF2C390A77C1E241D6F7B7EA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa
Signing time: Mon 11 May 2026 01:50:35 +0000
ROA not before: Mon 11 May 2026 01:50:35 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.48.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:4e:a9:60:c2:c5:90:f0:ef:2c:39:0a:77:c1:e2:41:d6:f7:b7:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:35 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=01cc0a370f92119b91462b98281aef34933769469ceee0629edb341ffb3bd56d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b0:47:2a:e6:b0:cd:a6:95:ef:b0:2e:44:55:
71:c9:1c:d1:bd:1f:d7:3c:64:74:f3:04:2f:c2:e4:
1c:60:b0:e4:f2:7f:1f:83:86:12:70:fb:aa:18:fc:
58:cf:74:47:9c:a7:ef:dc:bc:4d:c7:d2:da:f9:78:
f8:1e:7b:a3:86:15:db:4f:83:cf:32:8a:fa:49:e1:
90:5c:99:9a:99:09:64:19:bf:8f:bf:5f:54:a3:fc:
a1:e6:3b:e6:35:29:cd:70:36:f3:6d:96:db:65:a8:
05:e3:67:63:a1:63:36:48:b3:b4:32:33:04:37:4c:
ee:49:b0:3f:9c:43:e4:d8:eb:cb:0a:34:d5:11:dd:
94:84:56:a8:3b:2d:46:9a:af:a7:51:b0:ba:d9:12:
41:d9:ec:9c:36:35:30:88:9e:64:18:1f:ee:99:6a:
bc:02:41:c6:3c:a5:16:b0:e2:79:0b:37:f3:1f:63:
db:f6:15:12:29:6b:da:fe:65:28:88:18:95:ca:0b:
79:b7:e2:ac:10:fa:02:34:06:53:32:7b:63:e5:7f:
c3:5e:3e:dd:b7:7b:4e:3b:66:7b:58:de:8c:8d:53:
a8:21:5b:ce:a6:cb:32:f2:9e:49:8b:48:4e:aa:03:
25:ef:c3:81:11:6c:c9:2c:58:53:40:f9:85:4e:f5:
7e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:9C:2B:F8:50:0B:C1:CA:69:33:1E:37:D8:06:4B:02:7E:36:62:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.48.0/20
Signature Algorithm: sha256WithRSAEncryption
46:fb:39:72:2c:b4:11:60:98:e6:96:fe:86:f4:38:89:da:5d:
d4:85:46:87:9c:01:60:e5:50:03:aa:d9:80:ad:aa:b5:3d:46:
2a:f5:2c:1e:9a:c1:3b:01:75:03:65:7e:61:c0:2c:17:ef:b2:
81:72:e2:11:a6:70:fe:1f:3b:9d:5b:c0:16:d4:2f:40:e6:da:
87:26:6f:56:b0:e1:93:b5:be:14:92:bc:4b:7f:21:3e:de:bc:
f7:70:61:cb:4b:7e:24:95:2e:42:74:7e:7e:f3:15:2e:2b:97:
a9:9e:7c:7d:9b:8e:f9:d5:4b:18:6f:3d:d3:e5:4a:cc:40:ee:
65:d2:8d:f7:49:66:d7:ff:f7:69:ba:b1:6b:b8:d0:d3:0e:09:
e5:82:df:9f:e4:d6:14:31:5f:89:24:69:91:f0:cb:bf:e0:ca:
59:d8:aa:08:ac:2c:7d:0b:e9:f2:b3:be:1a:1f:c3:30:00:ec:
fc:cc:0a:ba:58:ca:0a:af:2a:a9:3c:e1:1a:42:7c:80:61:7b:
11:25:5e:54:13:b0:37:00:b8:a1:22:70:fa:08:90:65:fb:3b:
58:71:86:a5:07:7e:0e:15:ba:84:0a:eb:54:e3:08:7c:cf:7c:
2d:da:01:77:a6:4b:a9:03:50:27:72:fe:0d:ae:5c:a1:45:8a:
16:ac:f2:e0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDE6pYMLFkPDvLDkKd8HiQdb3t+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMzVaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxY2MwYTM3MGY5MjExOWI5MTQ2MmI5ODI4MWFlZjM0OTMzNzY5NDY5Y2Vl
ZTA2MjllZGIzNDFmZmIzYmQ1NmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+wRyrmsM2mle+wLkRVcckc0b0f1zxkdPMEL8LkHGCw5PJ/H4OGEnD7qhj8
WM90R5yn79y8TcfS2vl4+B57o4YV20+DzzKK+knhkFyZmpkJZBm/j79fVKP8oeY7
5jUpzXA2822W22WoBeNnY6FjNkiztDIzBDdM7kmwP5xD5Njrywo01RHdlIRWqDst
Rpqvp1GwutkSQdnsnDY1MIieZBgf7plqvAJBxjylFrDieQs38x9j2/YVEilr2v5l
KIgYlcoLebfirBD6AjQGUzJ7Y+V/w14+3bd7Tjtme1jejI1TqCFbzqbLMvKeSYtI
TqoDJe/DgRFsySxYU0D5hU71fksCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRxnCv4
UAvBymkzHjfYBksCfjZi1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjk2ZTk4M2MtZjU5Yi00YTE1LWE3NGQtNTZiMmJmZjg4Nzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAiMDAN
BgkqhkiG9w0BAQsFAAOCAQEARvs5ciy0EWCY5pb+hvQ4idpd1IVGh5wBYOVQA6rZ
gK2qtT1GKvUsHprBOwF1A2V+YcAsF++ygXLiEaZw/h87nVvAFtQvQObahyZvVrDh
k7W+FJK8S38hPt6893Bhy0t+JJUuQnR+fvMVLiuXqZ58fZuO+dVLGG890+VKzEDu
ZdKN90lm1//3abqxa7jQ0w4J5YLfn+TWFDFfiSRpkfDLv+DKWdiqCKwsfQvp8rO+
Gh/DMADs/MwKuljKCq8qqTzhGkJ8gGF7ESVeVBOwNwC4oSJw+giQZfs7WHGGpQd+
DhW6hArrVOMIfM98LdoBd6ZLqQNQJ3L+Da5coUWKFqzy4A==
-----END CERTIFICATE-----
Generated at Tue May 12 23:05:12 2026 by rpki-client