Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
File: 8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa (raw, json)
Hash identifier: HoraZklE65xZSWT6R0BwoSgHO3R+tEvQcsZcZ3B/Vd0=
Subject key identifier: 22:6D:07:D7:0B:1C:5F:CB:30:25:24:E4:90:F6:15:8C:0F:80:7C:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 755EA7E283E28DCFA4DD6070E4889BF7078BD14A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
Signing time: Mon 11 May 2026 01:50:06 +0000
ROA not before: Mon 11 May 2026 01:50:06 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:5e:a7:e2:83:e2:8d:cf:a4:dd:60:70:e4:88:9b:f7:07:8b:d1:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:06 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=8c988e563aa7a70d784d6f65370a4470bdc78f8580b6d77528916160567d684e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e1:d9:cf:b8:34:1a:34:a8:6f:d0:dc:06:6e:
e9:5c:ac:4b:69:1e:5d:fc:ac:0c:3c:7e:f3:f0:ee:
63:8f:80:68:df:ae:04:f0:ec:e6:07:ef:c2:39:13:
22:5d:32:e8:e5:01:b5:1b:65:f8:af:57:39:fb:c0:
c4:90:bf:a7:d6:de:a0:49:2c:25:1e:c7:c6:22:37:
84:f0:4e:52:ec:9d:5e:08:a5:de:52:de:5d:36:0a:
83:6d:86:6a:1c:d4:5c:0e:9b:b3:c0:9e:4d:3e:98:
91:46:14:ac:aa:5f:fd:ed:66:f3:83:d4:5e:c6:5f:
90:02:a9:af:86:06:6f:73:bd:f1:72:5f:bf:47:75:
26:1d:b3:c9:61:4b:bd:86:ae:b6:10:6e:7a:50:83:
c9:cd:34:f3:8e:3e:00:cb:b5:37:99:31:06:66:51:
9a:2e:45:3d:b7:aa:41:d9:6a:a5:f5:af:75:fe:08:
fa:3f:c2:1c:a4:d9:92:32:17:3c:23:29:dd:ac:36:
a5:da:a5:78:48:4d:27:04:34:f2:ca:a0:8c:cf:d8:
12:30:ab:56:1d:12:31:5e:58:bb:6d:ee:62:76:d2:
b4:3d:98:1c:ed:ed:1b:39:2c:3e:43:d8:5a:50:be:
a9:07:66:53:41:ca:73:75:b4:eb:36:15:00:86:af:
a0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:6D:07:D7:0B:1C:5F:CB:30:25:24:E4:90:F6:15:8C:0F:80:7C:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/19
Signature Algorithm: sha256WithRSAEncryption
78:64:04:bc:65:5a:2a:6f:04:f9:70:3b:b5:c4:ba:85:7d:24:
af:27:91:3f:8c:73:76:ef:96:cb:ed:9c:50:ab:03:a4:c5:92:
a3:68:6b:28:94:ed:69:e2:cd:28:bc:d5:71:4b:a9:43:39:e4:
12:49:df:70:f6:09:63:da:6a:a0:61:8a:64:23:da:ed:42:d8:
83:26:25:25:4c:4f:ca:a2:ce:59:ad:46:d2:2d:e6:31:03:e1:
aa:b5:10:c5:bd:8b:0f:dc:b2:23:b1:37:19:9c:eb:76:db:4b:
86:15:0e:d0:82:36:d4:cc:c6:57:fb:4f:6b:3d:1a:3c:39:24:
56:98:b2:ad:3b:ba:bf:27:28:c7:b1:eb:69:17:9e:0b:8a:39:
89:ef:1a:5d:d1:bc:21:ea:6f:fb:a7:2f:2d:c5:44:af:44:97:
3e:60:c0:70:c8:b5:e8:39:c9:e4:81:40:b2:05:2e:fd:9c:e7:
b0:4f:00:ef:40:66:97:74:52:98:b1:13:1c:a4:70:ab:74:02:
d7:ad:2a:5a:8a:09:a0:7c:aa:64:b8:94:7b:e8:26:89:b1:c8:
87:84:3a:47:3c:b7:6c:19:14:ae:20:2f:a3:78:da:7c:16:96:
bf:9b:2d:ca:6d:c5:24:c3:0c:42:2d:79:59:e6:21:24:bb:6e:
27:d7:1b:8e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdV6n4oPijc+k3WBw5Iib9weL0UowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMDZaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjOTg4ZTU2M2FhN2E3MGQ3ODRkNmY2NTM3MGE0NDcwYmRjNzhmODU4MGI2
ZDc3NTI4OTE2MTYwNTY3ZDY4NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM3h2c+4NBo0qG/Q3AZu6VysS2keXfysDDx+8/DuY4+AaN+uBPDs5gfvwjkT
Il0y6OUBtRtl+K9XOfvAxJC/p9beoEksJR7HxiI3hPBOUuydXgil3lLeXTYKg22G
ahzUXA6bs8CeTT6YkUYUrKpf/e1m84PUXsZfkAKpr4YGb3O98XJfv0d1Jh2zyWFL
vYauthBuelCDyc00844+AMu1N5kxBmZRmi5FPbeqQdlqpfWvdf4I+j/CHKTZkjIX
PCMp3aw2pdqleEhNJwQ08sqgjM/YEjCrVh0SMV5Yu23uYnbStD2YHO3tGzksPkPY
WlC+qQdmU0HKc3W06zYVAIavoIECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQibQfX
CxxfyzAlJOSQ9hWMD4B8pDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGVlNmE0M2ItYjRlNC00ODlhLTljZDItMjFhNzJmMWNmNmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAigDAN
BgkqhkiG9w0BAQsFAAOCAQEAeGQEvGVaKm8E+XA7tcS6hX0kryeRP4xzdu+Wy+2c
UKsDpMWSo2hrKJTtaeLNKLzVcUupQznkEknfcPYJY9pqoGGKZCPa7ULYgyYlJUxP
yqLOWa1G0i3mMQPhqrUQxb2LD9yyI7E3GZzrdttLhhUO0II21MzGV/tPaz0aPDkk
VpiyrTu6vycox7HraReeC4o5ie8aXdG8Iepv+6cvLcVEr0SXPmDAcMi16DnJ5IFA
sgUu/ZznsE8A70Bml3RSmLETHKRwq3QC160qWooJoHyqZLiUe+gmibHIh4Q6Rzy3
bBkUriAvo3jafBaWv5stym3FJMMMQi15WeYhJLtuJ9cbjg==
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:45 2026 by rpki-client