Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
File: a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa (raw, json)
Hash identifier: bs23vMVFYJ4Rc8MZcPgygRh2TDh0AF0oCK3sbPaxXCk=
Subject key identifier: 14:C0:75:97:BB:38:77:B5:73:A8:AB:57:52:C3:83:2C:AD:CF:BD:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BD45EB90ECB1AB5EE51F3623D88EF9E2C2CE311
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
Signing time: Mon 11 May 2026 01:40:06 +0000
ROA not before: Mon 11 May 2026 01:40:06 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:d4:5e:b9:0e:cb:1a:b5:ee:51:f3:62:3d:88:ef:9e:2c:2c:e3:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:40:06 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=eac8c7f0fe3b96e70bbf1448c39fa088bad23536a0ad73fb29119d3c0a22f40d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c1:c4:59:32:21:3b:fe:f3:a2:5b:52:ec:22:
89:ab:c3:38:d8:6f:00:c7:f5:31:ef:fb:4e:7c:91:
ff:35:e5:e5:bc:58:2e:db:3c:f3:2f:87:4c:3c:87:
eb:31:11:eb:f2:ba:a2:85:98:87:15:e6:72:c1:12:
b0:ec:3e:db:d1:77:1b:ef:1a:40:b8:21:32:48:8f:
62:4c:41:ca:ae:9e:91:e3:79:1c:2c:32:67:43:48:
26:59:d3:ea:60:7e:df:b6:2e:1e:87:42:03:8b:65:
29:55:a3:7c:41:9e:fd:6b:8f:7c:3d:4d:bd:f1:ce:
e2:3e:ac:2c:9e:65:43:95:be:41:73:cf:21:56:ea:
bf:32:c4:2d:7c:ac:d8:01:80:8d:40:43:6b:b8:dc:
45:a0:34:eb:88:f7:f5:8c:20:3f:28:60:ad:43:ef:
bf:8e:e5:05:e3:cd:f8:c9:7b:ca:bb:b2:26:6a:e5:
87:92:85:ba:9c:b8:a6:d5:73:f5:74:54:49:cf:bc:
b8:2d:06:59:a0:bb:d9:20:90:7e:da:2f:2b:a4:54:
27:ef:a9:43:e4:8f:a3:9c:4f:cd:de:d4:39:a5:b7:
e5:80:ce:22:33:cf:84:ee:75:3f:0e:c3:5c:de:34:
83:23:9c:89:8d:e3:a3:35:d9:20:98:70:ed:9d:7b:
4e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:C0:75:97:BB:38:77:B5:73:A8:AB:57:52:C3:83:2C:AD:CF:BD:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:94:3d:39:00:9b:5d:b6:95:a0:0e:7b:ce:0b:3b:98:80:5e:
cf:e9:bd:06:02:16:c1:f4:94:b4:dc:38:fa:e7:01:d2:39:df:
e7:90:03:95:f1:de:f0:41:32:3c:8d:54:d7:95:ff:9b:36:7c:
6b:c2:5d:a4:ba:fe:85:43:97:bf:ba:da:7d:27:be:5a:dc:1c:
0e:7c:ae:98:a3:e2:5e:94:08:46:fe:ab:dd:b5:5e:09:df:25:
13:a2:07:b2:52:15:c9:c7:91:19:8d:87:48:98:96:ea:16:cc:
11:72:df:75:e2:ae:e6:d0:dc:d4:de:34:b6:f3:bf:3f:e2:76:
9a:1b:dc:99:89:07:b8:66:a9:a4:6e:c7:6f:55:4a:28:a6:df:
b2:92:75:a7:5c:43:a8:de:57:ea:0d:00:4b:ef:5f:31:e7:10:
71:2d:3a:dd:bc:07:af:bf:d3:e7:21:bb:f6:be:c4:b2:6c:3d:
22:ba:ee:ac:c6:2c:0e:1f:c1:2a:12:fa:82:71:91:2a:f1:c7:
ce:61:b7:77:6e:e2:0f:62:3a:6c:aa:6d:68:00:c5:24:c9:54:
ae:82:26:87:1f:ec:f8:6c:f7:ca:f5:d5:3d:25:83:6d:5b:4f:
90:54:24:58:cc:b5:8b:58:07:f3:48:8a:47:25:83:4b:e8:07:
37:0a:78:7f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUW9ReuQ7LGrXuUfNiPYjvniws4xEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTQwMDZaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhYzhjN2YwZmUzYjk2ZTcwYmJmMTQ0OGMzOWZhMDg4YmFkMjM1MzZhMGFk
NzNmYjI5MTE5ZDNjMGEyMmY0MGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANfBxFkyITv+86JbUuwiiavDONhvAMf1Me/7TnyR/zXl5bxYLts88y+HTDyH
6zER6/K6ooWYhxXmcsESsOw+29F3G+8aQLghMkiPYkxByq6ekeN5HCwyZ0NIJlnT
6mB+37YuHodCA4tlKVWjfEGe/WuPfD1NvfHO4j6sLJ5lQ5W+QXPPIVbqvzLELXys
2AGAjUBDa7jcRaA064j39YwgPyhgrUPvv47lBePN+Ml7yruyJmrlh5KFupy4ptVz
9XRUSc+8uC0GWaC72SCQftovK6RUJ++pQ+SPo5xPzd7UOaW35YDOIjPPhO51Pw7D
XN40gyOciY3jozXZIJhw7Z17Tg8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQUwHWX
uzh3tXOoq1dSw4Msrc+9MTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTI2MGZlM2MtYTkwMS00ZjVhLWI1MGEtNzliOWExZTFmOGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAiADAN
BgkqhkiG9w0BAQsFAAOCAQEArZQ9OQCbXbaVoA57zgs7mIBez+m9BgIWwfSUtNw4
+ucB0jnf55ADlfHe8EEyPI1U15X/mzZ8a8JdpLr+hUOXv7rafSe+WtwcDnyumKPi
XpQIRv6r3bVeCd8lE6IHslIVyceRGY2HSJiW6hbMEXLfdeKu5tDc1N40tvO/P+J2
mhvcmYkHuGappG7Hb1VKKKbfspJ1p1xDqN5X6g0AS+9fMecQcS063bwHr7/T5yG7
9r7Esmw9IrrurMYsDh/BKhL6gnGRKvHHzmG3d27iD2I6bKptaADFJMlUroImhx/s
+Gz3yvXVPSWDbVtPkFQkWMy1i1gH80iKRyWDS+gHNwp4fw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:25 2026 by rpki-client