Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
File: c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa (raw, json)
Hash identifier: azsfn0VUxonMtfL9wONe8QLnb2HRFQSOgiVIKCy8TQw=
Subject key identifier: C8:BE:87:27:FD:5B:E6:AB:E4:1B:8E:9B:4E:6C:3C:25:3E:5C:A7:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BE1BAA60675C420A50ED490FB9921669DEA4B39
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
Signing time: Mon 11 May 2026 01:51:03 +0000
ROA not before: Mon 11 May 2026 01:51:03 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:e1:ba:a6:06:75:c4:20:a5:0e:d4:90:fb:99:21:66:9d:ea:4b:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:51:03 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=c2285f681bdd76cf438cc99c6b44cf14b47480f757e08ae5761df7d034671a24, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4f:de:d7:5a:af:3b:63:58:8d:5b:b2:b2:78:
2a:11:d8:4b:c0:1e:7f:50:02:e5:39:a8:cb:5f:a2:
ee:26:5d:98:94:4f:87:6e:e9:b4:58:f6:d0:c0:09:
26:9d:88:d4:ca:98:20:8d:f5:f9:6d:af:7e:18:43:
59:c7:dd:9c:4a:d3:d7:66:57:c8:f4:3e:71:e4:d5:
6f:cd:92:10:26:6c:c8:d7:32:96:44:bb:e9:6e:d3:
ac:52:d2:92:1e:db:d0:29:70:04:78:f4:97:80:69:
95:50:e8:42:00:a8:a5:b1:42:73:9b:32:d0:5c:e3:
ac:e0:99:57:82:92:af:16:fe:fc:2b:27:82:7b:03:
e4:4b:7f:57:9e:c6:9c:3e:f3:24:c0:c3:19:11:75:
51:79:9e:f8:d0:e9:59:cf:52:bd:ca:a8:4e:ff:92:
e2:f8:22:5f:3d:96:10:84:99:a8:00:c8:65:d7:da:
14:02:f5:e8:ba:a2:71:f9:57:ea:c6:d2:70:32:39:
d3:59:21:fb:cf:17:8e:a9:31:34:9f:49:fd:af:7a:
98:01:5b:50:e4:31:43:36:25:a2:88:d8:f3:fb:4c:
d9:f1:17:2e:bb:8d:db:f5:bc:c1:70:b4:26:3e:34:
89:24:c4:64:ec:86:5d:bd:a0:26:45:03:fe:1c:ea:
a7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:BE:87:27:FD:5B:E6:AB:E4:1B:8E:9B:4E:6C:3C:25:3E:5C:A7:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2cd4ddf-9a38-425a-8021-c45ed96c50ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/20
Signature Algorithm: sha256WithRSAEncryption
90:8e:f1:be:fa:75:d2:ba:9b:dd:14:3d:a1:8f:c4:99:e1:d3:
1a:f0:86:dc:84:23:29:8d:8e:16:c8:ab:11:c9:90:37:2a:24:
4d:14:9c:8c:33:74:16:5d:43:ae:5f:f0:45:59:e9:f4:39:49:
8a:b5:a4:c9:6e:e8:73:e0:31:df:a0:ff:fc:dd:1f:92:1b:f6:
c5:83:e2:55:a6:ff:f5:3e:aa:30:c0:02:23:12:73:97:61:c9:
89:85:e6:61:e4:86:0a:14:dc:1a:12:87:58:06:f7:ef:36:60:
47:96:d1:c3:4a:71:95:1c:a2:2f:bd:90:c8:d8:7a:49:f0:fe:
d2:ea:d6:63:fd:76:6f:8d:d4:e8:34:90:7e:c8:84:81:7e:91:
f2:da:b0:f6:05:4f:18:ff:1e:da:13:f6:96:48:09:e9:1e:c6:
58:a3:a9:11:f6:9f:3d:65:61:34:48:0b:68:b8:29:32:83:ba:
08:14:e4:e9:70:37:2f:e7:e7:36:50:6b:3a:fa:86:1b:17:02:
95:b8:a7:c2:ea:41:27:9d:a1:80:1b:bb:12:65:96:da:68:3a:
91:c3:1b:e7:76:54:67:83:4a:84:aa:d7:58:7f:7b:2c:c7:08:
e1:b1:7c:17:50:94:07:94:4b:56:13:29:e9:64:5d:6a:5f:04:
d6:24:f8:cc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUW+G6pgZ1xCClDtSQ+5khZp3qSzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUxMDNaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyMjg1ZjY4MWJkZDc2Y2Y0MzhjYzk5YzZiNDRjZjE0YjQ3NDgwZjc1N2Uw
OGFlNTc2MWRmN2QwMzQ2NzFhMjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANtP3tdarztjWI1bsrJ4KhHYS8Aef1AC5Tmoy1+i7iZdmJRPh27ptFj20MAJ
Jp2I1MqYII31+W2vfhhDWcfdnErT12ZXyPQ+ceTVb82SECZsyNcylkS76W7TrFLS
kh7b0ClwBHj0l4BplVDoQgCopbFCc5sy0FzjrOCZV4KSrxb+/CsngnsD5Et/V57G
nD7zJMDDGRF1UXme+NDpWc9SvcqoTv+S4vgiXz2WEISZqADIZdfaFAL16LqicflX
6sbScDI501kh+88XjqkxNJ9J/a96mAFbUOQxQzYloojY8/tM2fEXLruN2/W8wXC0
Jj40iSTEZOyGXb2gJkUD/hzqp50CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTIvocn
/Vvmq+QbjptObDwlPlynCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzJjZDRkZGYtOWEzOC00MjVhLTgwMjEtYzQ1ZWQ5NmM1MGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAigDAN
BgkqhkiG9w0BAQsFAAOCAQEAkI7xvvp10rqb3RQ9oY/EmeHTGvCG3IQjKY2OFsir
EcmQNyokTRScjDN0Fl1Drl/wRVnp9DlJirWkyW7oc+Ax36D//N0fkhv2xYPiVab/
9T6qMMACIxJzl2HJiYXmYeSGChTcGhKHWAb37zZgR5bRw0pxlRyiL72QyNh6SfD+
0urWY/12b43U6DSQfsiEgX6R8tqw9gVPGP8e2hP2lkgJ6R7GWKOpEfafPWVhNEgL
aLgpMoO6CBTk6XA3L+fnNlBrOvqGGxcClbinwupBJ52hgBu7EmWW2mg6kcMb53ZU
Z4NKhKrXWH97LMcI4bF8F1CUB5RLVhMp6WRdal8E1iT4zA==
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:00 2026 by rpki-client