Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
File: ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa (raw, json)
Hash identifier: wYL1vspm5ap8RcIQrS8vh+09yFQ8dOCvV8C0F8qB9Y8=
Subject key identifier: AD:BD:8B:4B:96:91:8E:BB:09:00:30:CB:28:C5:0E:84:37:20:94:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 206A03C452FB22145934B2ED51CB665721FC89C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
Signing time: Mon 04 May 2026 15:21:02 +0000
ROA not before: Mon 04 May 2026 15:21:02 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 87.238.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:6a:03:c4:52:fb:22:14:59:34:b2:ed:51:cb:66:57:21:fc:89:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:21:02 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=3fee7f8108725085b658287be9a1d4013400576e092926d09692005cb3a61c33, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7c:df:a9:e9:dd:ed:e1:f4:06:4f:94:73:ad:
c5:8e:0a:32:14:86:24:33:96:96:23:f5:2e:10:9b:
46:32:bb:a3:71:95:9c:8f:51:16:72:6e:74:05:35:
0f:3b:80:41:69:a5:14:07:65:4e:31:78:ff:f4:58:
ba:51:e1:27:00:5b:a2:ba:15:88:55:ff:be:58:b9:
d7:f0:bd:ca:51:30:25:4f:0a:93:0d:e9:b1:ff:1a:
c2:55:a5:e1:bd:43:98:7d:f7:c0:80:14:ac:9b:e0:
9a:c4:90:90:04:5c:01:77:ae:10:54:0b:8d:43:f1:
5d:ee:cd:a0:96:a2:b0:73:76:13:b1:0a:68:b1:e9:
3b:5d:85:b7:63:ce:c9:b2:af:dc:81:71:bf:df:6f:
f6:08:0b:4f:ba:20:38:6e:c4:3f:4e:69:74:f6:d9:
3f:6a:f1:f2:c5:93:a3:3e:d1:5f:88:d7:36:32:f8:
10:a9:51:c6:f0:72:08:16:db:9c:43:6e:53:e9:84:
27:6f:80:56:83:b4:49:19:82:d9:53:19:66:e4:36:
cb:3f:3d:37:7e:18:45:45:9c:c4:dc:dc:a6:49:ac:
21:c2:11:34:cf:c4:f1:69:1b:eb:1f:d1:c6:af:ff:
f7:f6:e3:11:c9:26:7b:18:12:3f:81:7c:cd:82:b1:
1a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:BD:8B:4B:96:91:8E:BB:09:00:30:CB:28:C5:0E:84:37:20:94:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba70a89c-5e6c-40ac-9a73-f92bee005d5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.80.0/21
Signature Algorithm: sha256WithRSAEncryption
07:c4:49:11:da:f1:4e:17:24:27:97:a0:ba:88:36:99:ed:67:
8a:68:a0:20:00:90:70:51:9b:08:96:0d:68:b6:9c:13:d4:03:
36:71:a1:fd:80:f1:37:9a:7a:40:7b:76:43:55:68:d3:ce:b5:
6c:88:b4:05:e6:6a:55:90:b8:4f:05:cd:bb:d4:26:66:4e:cb:
2d:f3:fd:30:13:b0:5b:a8:ee:95:51:0a:30:ac:fe:61:47:43:
d5:77:f7:89:3e:84:36:17:1c:e5:c2:8b:54:83:4d:bc:32:bb:
69:13:2c:6f:c4:a7:00:6b:16:c0:b8:a5:de:59:f9:52:fd:16:
e8:d2:a3:77:0b:3d:30:44:6a:04:18:89:be:c5:56:f5:3e:06:
c4:48:18:1c:b6:df:1b:93:a3:40:5b:15:49:22:1e:84:9c:a0:
f9:48:16:f0:ae:7a:54:01:63:56:5a:c4:27:3e:99:3e:61:5a:
4e:c5:b0:5a:35:30:30:91:be:03:f3:d7:24:46:16:14:02:0b:
b7:ee:5b:b8:3f:1e:01:28:76:9e:88:a6:e2:38:ce:57:74:b2:
f2:63:d9:f0:bf:f3:ec:c5:7a:92:57:47:35:ab:0e:4b:a7:2c:
84:b1:df:6f:51:e8:56:14:5a:51:07:1b:c4:70:45:b3:82:c7:
cc:64:6b:e9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIGoDxFL7IhRZNLLtUctmVyH8icQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIxMDJaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmZWU3ZjgxMDg3MjUwODViNjU4Mjg3YmU5YTFkNDAxMzQwMDU3NmUwOTI5
MjZkMDk2OTIwMDVjYjNhNjFjMzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMB836np3e3h9AZPlHOtxY4KMhSGJDOWliP1LhCbRjK7o3GVnI9RFnJudAU1
DzuAQWmlFAdlTjF4//RYulHhJwBboroViFX/vli51/C9ylEwJU8Kkw3psf8awlWl
4b1DmH33wIAUrJvgmsSQkARcAXeuEFQLjUPxXe7NoJaisHN2E7EKaLHpO12Ft2PO
ybKv3IFxv99v9ggLT7ogOG7EP05pdPbZP2rx8sWToz7RX4jXNjL4EKlRxvByCBbb
nENuU+mEJ2+AVoO0SRmC2VMZZuQ2yz89N34YRUWcxNzcpkmsIcIRNM/E8Wkb6x/R
xq//9/bjEckmexgSP4F8zYKxGrMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBStvYtL
lpGOuwkAMMsoxQ6ENyCUpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmE3MGE4OWMtNWU2Yy00MGFjLTlhNzMtZjkyYmVlMDA1ZDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1fuUDAN
BgkqhkiG9w0BAQsFAAOCAQEAB8RJEdrxThckJ5eguog2me1nimigIACQcFGbCJYN
aLacE9QDNnGh/YDxN5p6QHt2Q1Vo0861bIi0BeZqVZC4TwXNu9QmZk7LLfP9MBOw
W6julVEKMKz+YUdD1Xf3iT6ENhcc5cKLVINNvDK7aRMsb8SnAGsWwLil3ln5Uv0W
6NKjdws9MERqBBiJvsVW9T4GxEgYHLbfG5OjQFsVSSIehJyg+UgW8K56VAFjVlrE
Jz6ZPmFaTsWwWjUwMJG+A/PXJEYWFAILt+5buD8eASh2noim4jjOV3Sy8mPZ8L/z
7MV6kldHNasOS6cshLHfb1HoVhRaUQcbxHBFs4LHzGRr6Q==
-----END CERTIFICATE-----
Generated at Wed May 13 00:08:46 2026 by rpki-client