Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
File: b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa (raw, json)
Hash identifier: liI4ZlrTxOFv9GCSoPfMO94oKa4Ej1o6lwfRRcFrI/0=
Subject key identifier: 03:DF:8D:ED:50:00:41:61:59:C0:6F:9F:DA:A9:32:90:71:EC:DB:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D7B35BB23CBE1FE2BE602AF3B3B509F345E0099
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
Signing time: Mon 11 May 2026 01:40:10 +0000
ROA not before: Mon 11 May 2026 01:40:10 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.44.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:7b:35:bb:23:cb:e1:fe:2b:e6:02:af:3b:3b:50:9f:34:5e:00:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:40:10 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=730fa8259ba339ddad69c558a3080feb796a06ab0d95ea70c7d1dbde49e1dadf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:11:a6:0c:bd:ce:3c:aa:3f:40:74:6d:57:53:
44:6c:6c:56:4e:b8:62:b8:e5:08:29:ba:2d:1c:bd:
eb:88:af:87:71:c1:c4:26:9d:45:dd:d6:bb:ac:f9:
67:59:ec:91:81:51:1e:48:d4:84:d3:f4:25:2f:de:
49:00:25:20:2c:2f:a9:c7:b2:79:7a:ad:9a:1e:f2:
88:ea:7c:37:e0:34:da:09:46:d1:42:4d:6d:59:a1:
13:81:85:24:c5:d6:6e:da:cc:e3:0e:77:9f:bb:31:
d3:7b:9d:66:2b:d8:73:59:44:58:56:e1:55:24:a0:
83:b9:06:01:00:02:ce:e1:65:84:b8:6d:c8:4e:f1:
08:dd:3a:02:5f:08:67:3b:95:b2:79:1a:41:e4:84:
d0:07:b3:68:59:b6:6c:2a:d7:66:13:48:6b:46:27:
68:fc:bc:d2:10:f2:3c:e6:64:34:74:a4:21:b1:a6:
fa:5f:af:49:cf:c5:49:b3:a3:6d:da:4a:6e:62:f6:
03:28:ef:e0:03:89:db:75:08:9f:76:88:2f:0d:5b:
d8:33:d4:70:c2:8a:3f:d4:5a:34:6d:19:a5:c4:b3:
89:4a:fb:9f:39:b6:55:ae:e0:71:ff:88:46:2f:86:
1d:da:fd:d7:38:e1:b9:76:27:b2:ee:7e:a3:28:bb:
91:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DF:8D:ED:50:00:41:61:59:C0:6F:9F:DA:A9:32:90:71:EC:DB:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.44.0/22
Signature Algorithm: sha256WithRSAEncryption
39:19:5c:b8:dd:24:ed:82:61:f5:72:34:06:d8:d4:34:b8:ed:
e2:8f:c2:84:87:8f:fe:02:f8:a6:90:97:db:86:c0:c8:1c:7b:
61:38:19:9d:ad:a6:b8:bb:76:03:fd:d2:07:1d:ad:a6:e4:94:
44:d0:93:58:5c:33:59:d7:7f:a5:bb:bf:a8:35:02:ee:e4:91:
36:c4:bd:68:5c:05:b1:c7:57:35:81:dc:58:5b:dd:6b:5d:ef:
16:ac:5f:27:1c:40:62:4e:85:72:aa:a5:96:0a:fc:3a:f8:0f:
d2:1f:6a:be:7a:2d:de:70:2b:87:32:37:30:95:ad:54:8b:ae:
a7:21:6f:68:30:b8:55:90:3a:70:69:94:d2:88:63:f6:30:87:
f2:af:8e:ee:9b:6b:3b:5d:c7:6d:70:5e:3c:e8:07:4f:3f:94:
f4:60:09:90:b4:0e:49:a4:5d:10:5f:32:70:62:89:fb:b3:02:
7f:5b:3e:b7:e2:d9:3a:5e:98:b0:fe:39:6a:8b:e4:dc:28:af:
1d:75:07:23:1e:f3:39:0f:fe:a1:ed:09:24:32:32:bf:4b:42:
94:2f:13:e6:b8:c6:82:60:ca:47:1e:39:d4:09:82:08:f6:5b:
d1:0f:d8:d0:c5:ab:fe:2a:7d:d9:6b:ef:89:32:e3:09:71:0e:
8d:ae:de:db
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHXs1uyPL4f4r5gKvOztQnzReAJkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTQwMTBaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDczMGZhODI1OWJhMzM5ZGRhZDY5YzU1OGEzMDgwZmViNzk2YTA2YWIwZDk1
ZWE3MGM3ZDFkYmRlNDllMWRhZGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMRpgy9zjyqP0B0bVdTRGxsVk64YrjlCCm6LRy964ivh3HBxCadRd3Wu6z5
Z1nskYFRHkjUhNP0JS/eSQAlICwvqceyeXqtmh7yiOp8N+A02glG0UJNbVmhE4GF
JMXWbtrM4w53n7sx03udZivYc1lEWFbhVSSgg7kGAQACzuFlhLhtyE7xCN06Al8I
ZzuVsnkaQeSE0AezaFm2bCrXZhNIa0YnaPy80hDyPOZkNHSkIbGm+l+vSc/FSbOj
bdpKbmL2Ayjv4AOJ23UIn3aILw1b2DPUcMKKP9RaNG0ZpcSziUr7nzm2Va7gcf+I
Ri+GHdr91zjhuXYnsu5+oyi7kbECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQD343t
UABBYVnAb5/aqTKQcezbSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjhkNTVlOWQtMjczMC00ZWMyLTkxZDUtYWY5OGE1YTUxMzQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiLDAN
BgkqhkiG9w0BAQsFAAOCAQEAORlcuN0k7YJh9XI0BtjUNLjt4o/ChIeP/gL4ppCX
24bAyBx7YTgZna2muLt2A/3SBx2tpuSURNCTWFwzWdd/pbu/qDUC7uSRNsS9aFwF
scdXNYHcWFvda13vFqxfJxxAYk6Fcqqllgr8OvgP0h9qvnot3nArhzI3MJWtVIuu
pyFvaDC4VZA6cGmU0ohj9jCH8q+O7ptrO13HbXBePOgHTz+U9GAJkLQOSaRdEF8y
cGKJ+7MCf1s+t+LZOl6YsP45aovk3CivHXUHIx7zOQ/+oe0JJDIyv0tClC8T5rjG
gmDKRx451AmCCPZb0Q/Y0MWr/ip92WvviTLjCXEOja7e2w==
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:46 2026 by rpki-client