Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
File: 40318891-5508-4eb6-bace-e245fbeb145a.roa (raw, json)
Hash identifier: 01aO8ZgzMQ7C5KHc/bawMgtZSULm4ltwpxtas74cvBI=
Subject key identifier: 04:9A:00:53:67:E6:E4:E3:C1:70:3E:1A:48:30:C2:6F:B4:44:84:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45C7352E3ED574352D5656ECE8C1F9AA05D82FEE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
Signing time: Mon 11 May 2026 01:40:13 +0000
ROA not before: Mon 11 May 2026 01:40:13 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:c7:35:2e:3e:d5:74:35:2d:56:56:ec:e8:c1:f9:aa:05:d8:2f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:40:13 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=d5f600e7dee2c427ef4252374cbe2aa298ba9c499cdbc10aec689f25e446e52a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:55:62:2f:ff:bd:77:04:c5:30:86:41:8d:cd:
f8:ab:99:83:bc:2e:24:7d:ee:3b:96:c0:db:77:25:
4b:88:06:33:fc:b3:72:07:66:a6:72:60:76:03:8e:
f2:55:06:aa:3a:4a:e8:f5:d0:bc:9f:93:b2:aa:60:
28:dd:3c:bc:fc:19:1f:48:55:c7:21:55:3b:21:fd:
82:f1:8f:bf:bb:bf:b7:e0:23:f9:89:93:c3:3b:71:
6c:5a:64:6c:43:4b:d8:79:c8:fe:54:a5:93:68:25:
fe:d5:79:ef:ab:cd:da:cb:67:8a:70:b4:ae:54:db:
c6:1b:f3:13:b4:dc:da:f8:27:63:8a:83:d9:a3:16:
05:c6:67:79:07:cf:9c:fb:99:a0:81:fa:d7:be:da:
8c:cd:cc:ac:d8:95:6e:7b:93:69:bc:2c:47:e9:2e:
9f:ce:26:24:d8:d6:15:fa:4a:ff:90:b3:5f:4d:c5:
99:70:ba:79:d0:ff:08:30:5f:c9:26:bf:9c:ce:f3:
65:d5:73:74:bb:52:d5:a5:b0:7d:89:65:25:29:18:
16:6c:15:ae:f8:a9:f8:55:79:8a:45:3b:e9:a9:c0:
a3:9a:f0:fe:0f:22:e9:f0:21:f9:67:c5:06:5d:cf:
8a:4d:02:ff:bf:a2:25:02:92:46:a9:9f:a4:bb:b1:
7f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:9A:00:53:67:E6:E4:E3:C1:70:3E:1A:48:30:C2:6F:B4:44:84:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.160.0/19
Signature Algorithm: sha256WithRSAEncryption
ac:16:29:a9:7f:08:04:f0:bd:1c:0a:b8:6d:a7:2a:09:c4:1d:
89:2e:09:0a:d8:00:12:4e:8a:ad:d9:51:21:26:b9:4c:2c:4b:
ef:e3:62:5c:20:50:9d:90:c8:b9:a5:d2:d3:f3:c0:97:a3:d1:
f4:c1:a7:52:4d:31:87:ae:a3:f8:b0:bc:b3:27:d0:02:0c:a7:
dd:69:fd:a5:00:9c:d1:bb:fe:1c:d3:44:2f:71:d9:bb:a1:07:
dc:81:c6:d7:e5:fd:ca:90:35:40:54:12:1e:39:db:dd:47:2a:
04:79:d3:a9:66:88:10:0a:c8:31:4a:32:43:c5:b9:c5:96:b5:
88:38:a7:d1:f2:a6:58:d7:19:ef:42:af:8e:de:28:41:9d:8f:
e6:29:d1:d7:13:e5:0c:d8:23:5a:e6:9b:8e:1e:22:21:08:54:
02:56:e5:01:6e:f0:b5:1a:5a:99:ec:f4:a8:66:d5:73:b7:ca:
19:b6:e8:91:e7:c0:7f:6f:56:19:3a:71:20:de:fd:53:e0:2a:
d2:24:9e:99:ce:4c:6b:9b:31:e2:c3:09:00:8f:e3:f0:ad:cd:
9f:01:b6:ab:4d:d2:7a:30:ab:0a:55:34:c9:3b:cb:e4:83:08:
e3:76:88:42:75:ff:5e:1c:28:57:2a:03:2a:eb:a6:cd:8a:d7:
6e:19:e7:3b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURcc1Lj7VdDUtVlbs6MH5qgXYL+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTQwMTNaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1ZjYwMGU3ZGVlMmM0MjdlZjQyNTIzNzRjYmUyYWEyOThiYTljNDk5Y2Ri
YzEwYWVjNjg5ZjI1ZTQ0NmU1MmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9VYi//vXcExTCGQY3N+KuZg7wuJH3uO5bA23clS4gGM/yzcgdmpnJgdgOO
8lUGqjpK6PXQvJ+TsqpgKN08vPwZH0hVxyFVOyH9gvGPv7u/t+Aj+YmTwztxbFpk
bENL2HnI/lSlk2gl/tV576vN2stninC0rlTbxhvzE7Tc2vgnY4qD2aMWBcZneQfP
nPuZoIH6177ajM3MrNiVbnuTabwsR+kun84mJNjWFfpK/5CzX03FmXC6edD/CDBf
ySa/nM7zZdVzdLtS1aWwfYllJSkYFmwVrvip+FV5ikU76anAo5rw/g8i6fAh+WfF
Bl3Pik0C/7+iJQKSRqmfpLuxf78CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQEmgBT
Z+bk48FwPhpIMMJvtESEgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDAzMTg4OTEtNTUwOC00ZWI2LWJhY2UtZTI0NWZiZWIxNDVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAioDAN
BgkqhkiG9w0BAQsFAAOCAQEArBYpqX8IBPC9HAq4bacqCcQdiS4JCtgAEk6KrdlR
ISa5TCxL7+NiXCBQnZDIuaXS0/PAl6PR9MGnUk0xh66j+LC8syfQAgyn3Wn9pQCc
0bv+HNNEL3HZu6EH3IHG1+X9ypA1QFQSHjnb3UcqBHnTqWaIEArIMUoyQ8W5xZa1
iDin0fKmWNcZ70Kvjt4oQZ2P5inR1xPlDNgjWuabjh4iIQhUAlblAW7wtRpamez0
qGbVc7fKGbbokefAf29WGTpxIN79U+Aq0iSemc5Ma5sx4sMJAI/j8K3NnwG2q03S
ejCrClU0yTvL5IMI43aIQnX/XhwoVyoDKuumzYrXbhnnOw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:12:25 2026 by rpki-client