Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
File: b2928b95-2f30-4b39-bb79-f70b43a46278.roa (raw, json)
Hash identifier: RQ4xENY8InbrsE9zZNOejK+nMRfCXPShWVzi0xcdrRI=
Subject key identifier: 4E:C7:4C:7E:42:F9:DF:D3:F1:18:87:85:2D:2C:17:67:02:DD:63:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EA5F3224024B842D3F1021CAADEA2560ADA95FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
Signing time: Mon 11 May 2026 01:50:09 +0000
ROA not before: Mon 11 May 2026 01:50:09 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:a5:f3:22:40:24:b8:42:d3:f1:02:1c:aa:de:a2:56:0a:da:95:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:09 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=74ff6c0c443028f8817250c505ead0b126f6455b427680f9e848aed922c59bdc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a8:c4:02:ae:fd:83:5b:9a:9a:fc:31:57:ae:
3a:9d:b8:2b:40:07:61:b5:13:6b:76:ea:4a:04:41:
43:c4:be:99:6e:1c:86:d8:1b:e5:db:74:aa:a7:18:
58:c4:ea:fc:82:a1:26:af:75:55:b2:f4:01:f7:ab:
ac:52:0d:c1:b7:98:40:46:e4:c5:d5:9a:ac:dd:ef:
e6:54:8d:4c:09:5d:07:38:a4:a4:5a:fe:ac:49:d0:
a0:e3:8a:52:2a:1d:a0:5f:91:0e:45:e7:28:6c:c0:
32:eb:ab:bd:02:94:38:f0:68:80:d0:c5:9a:ba:11:
ac:2e:b1:b3:09:21:8e:cf:0c:69:03:19:e9:1e:3e:
32:da:e6:32:1f:56:8e:45:c2:b9:98:0a:45:d6:c9:
1f:e4:f9:86:33:80:fb:8f:33:51:26:cb:ac:f9:65:
fe:70:e2:51:3e:ee:77:d7:eb:f2:b3:f9:af:22:90:
55:52:52:d5:83:17:fb:b3:bc:fb:30:ec:1a:42:12:
2e:87:c7:9a:75:21:6b:71:d7:e1:63:3d:4e:fc:fc:
b7:3c:6d:c4:30:68:aa:0f:67:cc:13:4e:b2:67:00:
ba:9d:d3:ea:3c:32:f3:a2:61:dd:cf:90:ed:b1:36:
75:9d:c3:ce:a7:bc:cb:1f:5e:11:5f:db:0c:db:51:
a9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C7:4C:7E:42:F9:DF:D3:F1:18:87:85:2D:2C:17:67:02:DD:63:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.84.0/22
Signature Algorithm: sha256WithRSAEncryption
98:b8:13:a4:c6:03:11:76:2a:32:9d:7a:5d:6d:d4:1e:13:de:
0b:38:53:41:5a:24:02:42:59:83:7e:16:de:99:e4:90:fd:70:
97:ef:7b:0f:de:ef:d3:3c:08:48:a4:ab:cd:4e:6a:ed:46:55:
86:4b:c6:d8:ff:a9:76:ce:33:b6:e9:40:7a:39:bd:c1:10:f6:
fd:ad:e3:72:32:d0:28:75:65:7c:b3:cd:bd:55:e8:82:c4:83:
44:1a:f2:be:95:ae:99:14:08:e9:fd:97:89:f7:82:bf:13:29:
0f:50:2e:98:7a:28:7b:62:27:75:b0:eb:e4:67:74:2d:d9:2b:
54:9f:d4:bd:a7:8b:db:ad:28:0c:f3:4f:74:b7:8d:74:b2:bd:
c1:16:53:72:07:64:79:f6:a1:f4:79:fe:e8:41:a8:74:76:30:
00:b8:4f:81:14:9a:a2:48:fb:23:8c:b6:e7:fb:43:a2:48:7e:
3f:83:9c:fb:d7:b1:bb:f7:e6:18:db:79:11:22:87:1f:1b:70:
09:38:1d:fe:84:9e:8e:4a:06:7e:54:5b:3a:90:0f:88:64:0c:
a6:e0:47:d6:11:e3:62:3d:67:8d:6d:a8:93:be:7b:33:e4:d6:
f9:73:ba:13:05:2c:de:c9:cf:1f:bc:31:26:ef:81:c9:f1:c3:
db:29:8c:52
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXqXzIkAkuELT8QIcqt6iVgralfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMDlaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0ZmY2YzBjNDQzMDI4Zjg4MTcyNTBjNTA1ZWFkMGIxMjZmNjQ1NWI0Mjc2
ODBmOWU4NDhhZWQ5MjJjNTliZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANmoxAKu/YNbmpr8MVeuOp24K0AHYbUTa3bqSgRBQ8S+mW4chtgb5dt0qqcY
WMTq/IKhJq91VbL0AferrFINwbeYQEbkxdWarN3v5lSNTAldBzikpFr+rEnQoOOK
UiodoF+RDkXnKGzAMuurvQKUOPBogNDFmroRrC6xswkhjs8MaQMZ6R4+MtrmMh9W
jkXCuZgKRdbJH+T5hjOA+48zUSbLrPll/nDiUT7ud9fr8rP5ryKQVVJS1YMX+7O8
+zDsGkISLofHmnUha3HX4WM9Tvz8tzxtxDBoqg9nzBNOsmcAup3T6jwy86Jh3c+Q
7bE2dZ3Dzqe8yx9eEV/bDNtRqQMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBROx0x+
Qvnf0/EYh4UtLBdnAt1jxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjI5MjhiOTUtMmYzMC00YjM5LWJiNzktZjcwYjQzYTQ2Mjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgVDAN
BgkqhkiG9w0BAQsFAAOCAQEAmLgTpMYDEXYqMp16XW3UHhPeCzhTQVokAkJZg34W
3pnkkP1wl+97D97v0zwISKSrzU5q7UZVhkvG2P+pds4ztulAejm9wRD2/a3jcjLQ
KHVlfLPNvVXogsSDRBryvpWumRQI6f2XifeCvxMpD1AumHooe2IndbDr5Gd0Ldkr
VJ/UvaeL260oDPNPdLeNdLK9wRZTcgdkefah9Hn+6EGodHYwALhPgRSaokj7I4y2
5/tDokh+P4Oc+9exu/fmGNt5ESKHHxtwCTgd/oSejkoGflRbOpAPiGQMpuBH1hHj
Yj1njW2ok757M+TW+XO6EwUs3snPH7wxJu+ByfHD2ymMUg==
-----END CERTIFICATE-----
Generated at Tue May 12 22:58:56 2026 by rpki-client