Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
File: cdc11efb-9ca2-4459-b55a-43b03e67b183.roa (raw, json)
Hash identifier: RUIKL61AL2kdKi5xubKSX71Vhp8yoJrAg/fahXl/2w8=
Subject key identifier: 08:C6:EF:F6:4A:D8:4B:E5:D2:A6:53:35:E7:CD:DF:1C:4A:D4:1C:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14B4E0D688644D6828A9CDE406A5488CBDF123E6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
Signing time: Mon 11 May 2026 01:50:53 +0000
ROA not before: Mon 11 May 2026 01:50:53 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:b4:e0:d6:88:64:4d:68:28:a9:cd:e4:06:a5:48:8c:bd:f1:23:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:53 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=8d0aa81eebca5623b55a71596575b70caeb10865bbcc56911851382146244b83, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:3b:1d:1c:d2:0c:02:45:17:73:d1:37:c2:6c:
4a:36:e6:71:99:d2:97:26:f8:fb:9e:00:38:5d:38:
10:5d:1d:f7:4c:a5:a1:1d:49:c9:4b:22:6b:d1:70:
37:e4:16:aa:96:d5:e2:b5:e5:e2:b9:e0:ea:c2:5f:
ab:18:ac:7b:46:4a:6b:83:81:aa:51:69:26:49:8e:
14:07:47:d1:ee:2d:d2:45:a8:76:6d:00:4d:30:79:
28:30:0a:a7:5b:51:2a:26:5a:6d:05:4b:b0:4f:b3:
ce:1e:22:31:31:f1:b8:f5:d3:64:13:e9:06:bc:38:
d8:e4:72:50:af:c1:2f:ce:33:c9:53:df:ac:8a:5a:
15:d7:97:c1:2b:dd:7f:93:15:98:e5:3a:77:13:40:
85:a4:eb:b0:c9:e5:d5:99:32:70:5d:24:fd:c6:c8:
f8:62:14:07:d2:ea:d5:5d:53:c6:18:27:ce:53:15:
9f:3e:07:20:0f:b4:24:85:44:69:a7:6e:67:56:14:
47:e0:49:93:df:34:ff:c3:e9:c6:92:fe:dc:97:a6:
5d:ee:84:bd:cc:ce:ea:d2:f9:01:04:c3:25:f4:d5:
2b:8c:d2:7f:f4:36:0f:86:3f:09:7b:ab:5f:b9:35:
93:e4:4e:38:3b:91:59:9b:3c:96:f1:0d:a3:f2:a4:
9a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C6:EF:F6:4A:D8:4B:E5:D2:A6:53:35:E7:CD:DF:1C:4A:D4:1C:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/18
Signature Algorithm: sha256WithRSAEncryption
30:a0:e1:d4:60:3a:e8:ec:d9:b3:22:a3:0c:c0:cb:06:2b:f6:
f2:b1:df:24:cb:91:a1:35:97:5e:8d:76:07:71:c1:80:57:f8:
76:e3:4e:f3:85:a7:94:2f:f3:27:78:0c:32:26:db:f4:22:e3:
8d:36:71:48:86:e1:80:c2:8c:84:0f:be:16:28:b6:c9:74:2c:
32:e3:48:bd:64:d8:c8:04:21:a2:97:b6:82:e5:5e:5b:d3:a5:
a8:46:5b:08:78:d5:74:2c:be:ae:e3:dd:d0:69:b3:b9:dd:9e:
b6:28:0e:f2:cb:b8:4d:7d:46:f0:67:18:70:45:fd:c6:a9:e5:
82:c8:1c:0b:40:10:be:50:9e:4e:86:c5:8d:ae:cc:ff:d9:7a:
02:7b:24:b1:f8:50:d2:54:8f:d2:78:85:fc:28:19:9f:be:ea:
44:89:bf:44:97:c4:75:d3:71:6d:ed:6f:00:fc:97:e8:c8:0d:
b3:77:7d:f5:3d:c2:71:9c:d2:82:dc:1f:56:3f:97:6d:68:b5:
f5:92:35:7e:f0:66:49:31:92:73:98:19:7c:55:4f:b4:7a:7f:
58:e3:43:7b:2f:16:8a:63:6f:16:47:8d:3f:c7:22:f2:a7:11:
e0:2e:01:d3:3b:97:e6:77:a4:8d:69:b1:78:c8:fe:64:7d:3a:
75:48:5c:a9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFLTg1ohkTWgoqc3kBqVIjL3xI+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwNTNaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkMGFhODFlZWJjYTU2MjNiNTVhNzE1OTY1NzViNzBjYWViMTA4NjViYmNj
NTY5MTE4NTEzODIxNDYyNDRiODMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOk7HRzSDAJFF3PRN8JsSjbmcZnSlyb4+54AOF04EF0d90yloR1JyUsia9Fw
N+QWqpbV4rXl4rng6sJfqxise0ZKa4OBqlFpJkmOFAdH0e4t0kWodm0ATTB5KDAK
p1tRKiZabQVLsE+zzh4iMTHxuPXTZBPpBrw42ORyUK/BL84zyVPfrIpaFdeXwSvd
f5MVmOU6dxNAhaTrsMnl1ZkycF0k/cbI+GIUB9Lq1V1TxhgnzlMVnz4HIA+0JIVE
aaduZ1YUR+BJk980/8PpxpL+3JemXe6EvczO6tL5AQTDJfTVK4zSf/Q2D4Y/CXur
X7k1k+ROODuRWZs8lvENo/Kkmo8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQIxu/2
SthL5dKmUzXnzd8cStQcjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RjMTFlZmItOWNhMi00NDU5LWI1NWEtNDNiMDNlNjdiMTgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAMKDh1GA66OzZsyKjDMDLBiv28rHfJMuRoTWXXo12
B3HBgFf4duNO84WnlC/zJ3gMMibb9CLjjTZxSIbhgMKMhA++Fii2yXQsMuNIvWTY
yAQhope2guVeW9OlqEZbCHjVdCy+ruPd0Gmzud2etigO8su4TX1G8GcYcEX9xqnl
gsgcC0AQvlCeTobFja7M/9l6AnsksfhQ0lSP0niF/CgZn77qRIm/RJfEddNxbe1v
APyX6MgNs3d99T3CcZzSgtwfVj+XbWi19ZI1fvBmSTGSc5gZfFVPtHp/WONDey8W
imNvFkeNP8ci8qcR4C4B0zuX5nekjWmxeMj+ZH06dUhcqQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:02 2026 by rpki-client