Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa
File: 2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa (raw, json)
Hash identifier: Fg9Egm/c6yFXsz2rCjhuRK6sGXvogTXbk78NC0lEVSk=
Subject key identifier: A7:CB:0C:AC:2A:68:64:AF:D1:10:C4:C3:D0:6D:63:55:6C:8E:16:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35A97D2F656F4C2BBE94BCE4DF408D5BFA0069D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa
Signing time: Mon 11 May 2026 01:40:11 +0000
ROA not before: Mon 11 May 2026 01:40:11 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.96.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:a9:7d:2f:65:6f:4c:2b:be:94:bc:e4:df:40:8d:5b:fa:00:69:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:40:11 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=861d3d71c90c9a9e66ed643c52703faca0ee7bf658cfcc61f254d5019afa74c7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:56:d7:f8:9c:b5:f8:3f:7f:69:3d:5a:89:e3:
22:a5:f3:9f:60:10:bb:22:90:26:9a:de:7f:b6:27:
80:2a:fc:c0:2c:d6:df:88:6c:c9:bb:d2:7e:f4:69:
1c:dc:e9:f0:92:a2:9c:37:88:df:53:db:81:58:8c:
b5:d3:cd:cd:90:42:57:21:6d:b6:34:09:49:f4:9d:
01:0f:84:68:a8:fe:0d:d1:9b:ba:46:20:c6:6d:04:
c9:04:3e:21:1f:6d:d3:e1:81:40:7b:29:15:34:64:
78:18:ca:b6:db:80:e0:95:4e:73:1b:1f:f8:9a:cb:
9b:e6:bc:f2:92:f1:f8:91:33:97:f6:85:4b:85:5b:
cf:8d:70:8e:20:b6:eb:8a:81:94:4b:9f:45:5d:1e:
2e:3f:0e:1e:69:ef:33:8a:96:a1:0d:9a:e2:44:51:
dc:c3:b1:97:b1:df:d2:50:ac:67:bd:d4:4a:9d:3d:
b8:13:04:06:67:21:1f:5d:f7:39:7f:07:d1:3e:4d:
e7:14:57:68:fc:69:4e:0f:0d:68:16:11:7c:3c:92:
04:92:43:49:d2:56:ee:59:29:5f:e9:fb:cc:62:94:
a1:c8:5a:26:69:b0:b0:8e:e9:b7:d5:94:e2:fd:16:
b3:cf:31:26:1a:fb:d9:35:d5:e6:e5:60:1a:de:58:
7e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:CB:0C:AC:2A:68:64:AF:D1:10:C4:C3:D0:6D:63:55:6C:8E:16:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2fd8037d-0536-42bc-af5c-4d0ed4f8de78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.96.0/19
Signature Algorithm: sha256WithRSAEncryption
4f:47:d6:53:8e:b4:59:8b:4c:de:34:b7:fe:1d:d0:8a:a0:98:
ad:fe:ab:90:d1:59:3c:55:04:40:14:32:47:2d:a9:6b:5a:40:
87:10:30:e3:0f:5a:70:f9:02:95:f0:87:a4:94:44:cb:83:49:
ca:6e:99:d2:fd:72:c5:57:0f:6b:c9:36:58:e3:04:42:fd:08:
b5:41:e9:5c:da:aa:85:2a:1b:a6:21:29:63:13:b0:02:1d:12:
02:7d:9e:e3:65:3a:36:a1:ba:1d:e0:16:18:00:c8:c4:a9:6c:
87:b0:02:8d:16:cf:36:f6:cb:08:99:0c:2b:95:e4:72:76:a8:
bd:94:2d:d0:be:e7:c0:43:3a:54:a4:5e:dd:86:8e:8e:ce:fb:
72:a2:f0:36:3c:77:d9:d8:2b:0a:53:e7:71:59:c2:16:dc:8b:
c6:d1:6f:39:d0:a3:5c:4c:73:e6:5d:ed:2c:51:cc:c4:af:c5:
2e:01:b2:92:2a:c4:62:86:d7:18:b0:6c:f5:d0:e7:9c:33:5b:
ce:fe:0b:f2:a8:3f:80:49:a4:f1:ed:fc:74:1c:9e:d6:52:97:
c9:fa:48:e7:4c:f7:9a:94:51:dd:09:70:dc:59:0f:f3:1f:27:
2e:19:e8:c2:01:4f:1f:cd:45:bc:92:11:b2:5a:a5:aa:37:96:
c1:94:7d:9f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNal9L2VvTCu+lLzk30CNW/oAadMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTQwMTFaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2MWQzZDcxYzkwYzlhOWU2NmVkNjQzYzUyNzAzZmFjYTBlZTdiZjY1OGNm
Y2M2MWYyNTRkNTAxOWFmYTc0YzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO9W1/ictfg/f2k9WonjIqXzn2AQuyKQJpref7YngCr8wCzW34hsybvSfvRp
HNzp8JKinDeI31PbgViMtdPNzZBCVyFttjQJSfSdAQ+EaKj+DdGbukYgxm0EyQQ+
IR9t0+GBQHspFTRkeBjKttuA4JVOcxsf+JrLm+a88pLx+JEzl/aFS4Vbz41wjiC2
64qBlEufRV0eLj8OHmnvM4qWoQ2a4kRR3MOxl7Hf0lCsZ73USp09uBMEBmchH133
OX8H0T5N5xRXaPxpTg8NaBYRfDySBJJDSdJW7lkpX+n7zGKUochaJmmwsI7pt9WU
4v0Ws88xJhr72TXV5uVgGt5YfhkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSnywys
Kmhkr9EQxMPQbWNVbI4WVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmZkODAzN2QtMDUzNi00MmJjLWFmNWMtNGQwZWQ0ZjhkZTc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiYDAN
BgkqhkiG9w0BAQsFAAOCAQEAT0fWU460WYtM3jS3/h3QiqCYrf6rkNFZPFUEQBQy
Ry2pa1pAhxAw4w9acPkClfCHpJREy4NJym6Z0v1yxVcPa8k2WOMEQv0ItUHpXNqq
hSobpiEpYxOwAh0SAn2e42U6NqG6HeAWGADIxKlsh7ACjRbPNvbLCJkMK5Xkcnao
vZQt0L7nwEM6VKRe3YaOjs77cqLwNjx32dgrClPncVnCFtyLxtFvOdCjXExz5l3t
LFHMxK/FLgGykirEYobXGLBs9dDnnDNbzv4L8qg/gEmk8e38dBye1lKXyfpI50z3
mpRR3Qlw3FkP8x8nLhnowgFPH81FvJIRslqlqjeWwZR9nw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:39:37 2026 by rpki-client