Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
File: e00516db-a674-4a02-8de9-e0ad569ecc6f.roa (raw, json)
Hash identifier: 9kSFNmzBgtI0lW5w/KZb5Dul16F29rZ5gsMCCzF85RM=
Subject key identifier: DC:04:21:CC:85:C8:A4:4B:50:D3:A8:50:0D:EC:88:6B:5A:66:49:77
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F5686C0323957B7B250E8017BDBBD3C6C3433AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
Signing time: Mon 11 May 2026 01:50:38 +0000
ROA not before: Mon 11 May 2026 01:50:38 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:56:86:c0:32:39:57:b7:b2:50:e8:01:7b:db:bd:3c:6c:34:33:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:38 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=4ca8af2abc10bf700dbec89e51dcd5cd2e02f3207a669cfdb3bf21bde10952a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:de:81:5c:10:12:9c:da:f5:e4:84:98:26:aa:
22:ee:69:59:b4:f3:c0:b5:cd:fd:ef:01:db:a1:3d:
de:18:a3:4f:6c:67:47:c9:03:23:69:e1:a5:8b:a7:
80:e3:48:0e:a0:8e:03:6e:3a:6d:83:32:41:cc:d0:
1a:06:01:0e:5f:8f:8a:f4:a9:e0:2d:0d:3c:30:d1:
2a:d6:50:69:c4:ee:45:b6:2c:f2:17:f2:c8:0c:0b:
24:1c:b9:c7:42:10:19:20:29:24:16:18:47:75:8b:
01:e9:4f:ea:5c:6c:c5:3f:ba:d1:d2:af:0b:0c:f6:
69:97:6f:03:94:02:d4:dc:cd:48:11:62:aa:14:9c:
14:b7:ef:fb:19:bb:83:c1:d0:58:fd:f8:67:f7:41:
45:d5:a9:88:5c:bb:a6:53:0e:53:ef:e7:77:08:bb:
44:93:64:f4:fd:ed:2e:a1:ab:e6:51:e1:e7:6e:fd:
aa:7a:c5:23:98:e2:38:cb:3c:74:22:79:8a:8a:1d:
d3:ed:90:44:fd:38:eb:3b:83:70:dc:3d:9b:16:aa:
07:e3:8c:c7:6f:a8:ee:08:73:b6:b3:ce:b3:54:57:
59:93:28:c7:a0:f3:14:ac:f0:39:19:bc:c2:ad:1d:
8d:d6:08:08:d5:26:be:8c:61:43:88:33:e2:7d:09:
07:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:04:21:CC:85:C8:A4:4B:50:D3:A8:50:0D:EC:88:6B:5A:66:49:77
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e00516db-a674-4a02-8de9-e0ad569ecc6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.176.0/20
Signature Algorithm: sha256WithRSAEncryption
11:6c:ec:6d:80:dd:0d:1c:f6:b2:21:e6:7f:1d:fa:8a:f1:44:
88:c3:23:b6:50:50:fb:f6:5c:32:14:f5:ad:35:87:77:df:bb:
c9:53:5d:0f:6c:36:94:1f:88:46:54:2d:17:f6:30:d0:c0:88:
67:b4:bc:26:9a:25:a2:ad:cc:f2:3b:d7:f3:6e:29:fa:b4:17:
6c:fc:2b:ea:c1:e2:3d:28:03:e2:64:b5:bf:4f:86:d6:38:22:
e7:2c:ff:de:59:b0:58:34:f8:a8:8c:18:79:0f:50:90:c6:70:
3e:3a:f6:41:ce:2e:a4:9c:61:4f:ee:13:d9:ec:06:3d:47:a6:
c1:5b:09:0d:72:7c:0b:62:99:91:8b:85:6a:f7:03:38:f0:df:
8e:3b:2c:84:6f:48:5a:6d:27:d1:a4:75:e9:15:ff:28:f4:dd:
23:19:a9:56:c7:8a:d0:94:e5:b8:f0:e1:e4:5b:4d:95:8c:bf:
31:4b:f4:dc:ee:7c:8c:21:5f:28:94:1c:c3:2d:66:62:d3:40:
8c:c7:6e:63:57:fd:e9:b1:11:12:51:9c:ac:6b:12:d4:51:0c:
59:be:20:10:2b:42:e5:78:76:c7:77:bf:32:32:06:43:71:3c:
91:11:bd:be:09:6b:88:06:b5:75:cd:69:fb:a8:3c:c4:1d:e5:
09:04:14:01
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUb1aGwDI5V7eyUOgBe9u9PGw0M6swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMzhaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjYThhZjJhYmMxMGJmNzAwZGJlYzg5ZTUxZGNkNWNkMmUwMmYzMjA3YTY2
OWNmZGIzYmYyMWJkZTEwOTUyYTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLegVwQEpza9eSEmCaqIu5pWbTzwLXN/e8B26E93hijT2xnR8kDI2nhpYun
gONIDqCOA246bYMyQczQGgYBDl+PivSp4C0NPDDRKtZQacTuRbYs8hfyyAwLJBy5
x0IQGSApJBYYR3WLAelP6lxsxT+60dKvCwz2aZdvA5QC1NzNSBFiqhScFLfv+xm7
g8HQWP34Z/dBRdWpiFy7plMOU+/ndwi7RJNk9P3tLqGr5lHh5279qnrFI5jiOMs8
dCJ5iood0+2QRP046zuDcNw9mxaqB+OMx2+o7ghztrPOs1RXWZMox6DzFKzwORm8
wq0djdYICNUmvoxhQ4gz4n0JB18CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTcBCHM
hcikS1DTqFAN7IhrWmZJdzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTAwNTE2ZGItYTY3NC00YTAyLThkZTktZTBhZDU2OWVjYzZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAisDAN
BgkqhkiG9w0BAQsFAAOCAQEAEWzsbYDdDRz2siHmfx36ivFEiMMjtlBQ+/ZcMhT1
rTWHd9+7yVNdD2w2lB+IRlQtF/Yw0MCIZ7S8Jpoloq3M8jvX824p+rQXbPwr6sHi
PSgD4mS1v0+G1jgi5yz/3lmwWDT4qIwYeQ9QkMZwPjr2Qc4upJxhT+4T2ewGPUem
wVsJDXJ8C2KZkYuFavcDOPDfjjsshG9IWm0n0aR16RX/KPTdIxmpVseK0JTluPDh
5FtNlYy/MUv03O58jCFfKJQcwy1mYtNAjMduY1f96bERElGcrGsS1FEMWb4gECtC
5Xh2x3e/MjIGQ3E8kRG9vglriAa1dc1p+6g8xB3lCQQUAQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:36:12 2026 by rpki-client