Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
File: 65fd1736-b3cd-4b5b-abca-9d430a70e064.roa (raw, json)
Hash identifier: fb4OR2SLBuqLkrQr+Wh5y/njWsXdLfH0RlAN4e4Cp+I=
Subject key identifier: A3:EC:87:EA:8D:CA:E4:2F:6E:B9:FC:AC:BD:1A:D9:DC:F6:AF:AB:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66F3DF1FBD64F44C13FA1E834B7672F348720DC7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
Signing time: Mon 11 May 2026 01:50:11 +0000
ROA not before: Mon 11 May 2026 01:50:11 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:f3:df:1f:bd:64:f4:4c:13:fa:1e:83:4b:76:72:f3:48:72:0d:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:11 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=60c56dffbb560c036809ab428b60013753ffe49f74817d0c9c3351f76e8911ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bd:d1:5d:3d:d5:d7:63:3a:0c:7e:1c:68:09:
de:b4:7f:9a:b4:98:9e:07:57:87:27:eb:d6:06:ef:
4e:e7:bf:62:ba:3b:3f:cc:21:f1:b8:78:39:c3:d5:
88:95:80:7d:3b:1b:a6:d0:18:aa:2a:b3:f6:79:0b:
bc:fb:b0:21:a6:08:83:74:ab:6d:71:c4:64:dd:e1:
70:a2:ba:cb:78:d8:63:3a:30:53:d7:12:4b:d0:73:
40:02:2b:c9:d4:7e:4b:2d:b6:79:66:ff:de:7e:d3:
e4:2f:c3:fb:cd:ad:94:0f:ba:51:07:96:7c:26:37:
e4:a9:3d:04:e9:97:a3:61:6e:e0:17:6b:34:c5:d3:
5a:ea:2b:80:69:ed:ec:69:a5:11:cd:76:6b:27:03:
cd:be:63:f9:0f:5f:ac:67:47:7e:31:55:39:3e:03:
47:3a:41:a3:20:8c:bd:72:1e:64:49:cd:74:ed:b3:
9a:5b:83:b1:a8:de:2d:e6:61:ca:a5:4d:af:b8:55:
0a:51:79:e8:27:9a:32:6d:61:d6:85:01:58:84:59:
46:6a:f2:f9:8b:9a:74:4d:ae:1e:78:eb:85:67:71:
95:ee:24:cc:15:c6:4e:2d:7b:4a:0f:2d:6a:ee:7d:
a5:e4:81:6a:bc:83:a3:10:b0:af:9f:93:56:74:68:
e6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:EC:87:EA:8D:CA:E4:2F:6E:B9:FC:AC:BD:1A:D9:DC:F6:AF:AB:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65fd1736-b3cd-4b5b-abca-9d430a70e064.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.192.0/18
Signature Algorithm: sha256WithRSAEncryption
85:62:6a:91:b5:79:79:88:82:45:b7:cb:e3:9a:a9:f9:c4:44:
61:35:ef:35:38:32:eb:a7:26:68:19:b3:c1:70:11:43:2a:18:
48:86:d8:2a:9c:cc:d2:75:80:70:0e:a9:96:2e:93:25:23:25:
6f:8f:74:06:b7:29:b6:ee:e5:fb:09:87:d6:d0:2a:ab:00:b3:
3a:ed:70:89:68:6f:95:f1:90:53:42:9e:b8:0e:f9:6a:36:e6:
96:31:e0:11:aa:07:5b:de:ab:5b:c3:17:18:97:ef:29:f3:b6:
44:c5:55:ac:d5:ea:78:22:ef:7f:28:0a:73:cd:e2:43:f5:a2:
33:2a:1a:72:d6:78:b2:91:96:f6:e9:fb:68:ea:21:19:1f:75:
b1:41:d1:9a:90:24:6a:a8:3e:af:51:28:4c:fa:ee:c2:4f:57:
6d:d8:4b:11:36:7f:61:c2:bc:7a:0b:5a:4a:34:23:98:b1:95:
38:4b:59:3f:00:13:16:a3:da:43:62:f0:e3:9f:6f:a2:d8:88:
35:01:d7:65:9b:de:3c:ba:ef:3a:2b:b9:83:34:88:f4:e2:20:
34:09:42:35:bf:f8:9d:25:09:1d:2c:a1:3a:d0:cf:89:94:0e:
bb:1f:ba:b3:c8:96:c7:ae:0b:d8:61:33:bb:6c:33:e7:88:53:
c6:f9:df:16
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZvPfH71k9EwT+h6DS3Zy80hyDccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMTFaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwYzU2ZGZmYmI1NjBjMDM2ODA5YWI0MjhiNjAwMTM3NTNmZmU0OWY3NDgx
N2QwYzljMzM1MWY3NmU4OTExZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL690V091ddjOgx+HGgJ3rR/mrSYngdXhyfr1gbvTue/Yro7P8wh8bh4OcPV
iJWAfTsbptAYqiqz9nkLvPuwIaYIg3SrbXHEZN3hcKK6y3jYYzowU9cSS9BzQAIr
ydR+Sy22eWb/3n7T5C/D+82tlA+6UQeWfCY35Kk9BOmXo2Fu4BdrNMXTWuorgGnt
7GmlEc12aycDzb5j+Q9frGdHfjFVOT4DRzpBoyCMvXIeZEnNdO2zmluDsajeLeZh
yqVNr7hVClF56CeaMm1h1oUBWIRZRmry+YuadE2uHnjrhWdxle4kzBXGTi17Sg8t
au59peSBaryDoxCwr5+TVnRo5kUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSj7Ifq
jcrkL265/Ky9Gtnc9q+r7TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjVmZDE3MzYtYjNjZC00YjViLWFiY2EtOWQ0MzBhNzBlMDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAiwDAN
BgkqhkiG9w0BAQsFAAOCAQEAhWJqkbV5eYiCRbfL45qp+cREYTXvNTgy66cmaBmz
wXARQyoYSIbYKpzM0nWAcA6pli6TJSMlb490Brcptu7l+wmH1tAqqwCzOu1wiWhv
lfGQU0KeuA75ajbmljHgEaoHW96rW8MXGJfvKfO2RMVVrNXqeCLvfygKc83iQ/Wi
MyoactZ4spGW9un7aOohGR91sUHRmpAkaqg+r1EoTPruwk9XbdhLETZ/YcK8egta
SjQjmLGVOEtZPwATFqPaQ2Lw459votiINQHXZZvePLrvOiu5gzSI9OIgNAlCNb/4
nSUJHSyhOtDPiZQOux+6s8iWx64L2GEzu2wz54hTxvnfFg==
-----END CERTIFICATE-----
Generated at Tue May 12 23:15:07 2026 by rpki-client