Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
File: e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa (raw, json)
Hash identifier: x81VcCw2jrExVnNB9or7isY5JxAbcgvOU86P3gn/pbk=
Subject key identifier: 6A:DF:FB:FE:DE:9D:F6:1F:31:7B:A6:64:5E:30:C3:CD:38:5B:8F:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E2A0C4CA64D9BB279AE24F4217E304B71A2CFA3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
Signing time: Mon 11 May 2026 01:50:08 +0000
ROA not before: Mon 11 May 2026 01:50:08 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:2a:0c:4c:a6:4d:9b:b2:79:ae:24:f4:21:7e:30:4b:71:a2:cf:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:08 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=b766a6463510560a31f2541628909681a0a668c3c55e6532fa55ed7275e65ae7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d6:a6:70:17:90:79:27:a0:32:78:ca:a2:4f:
42:5b:17:2f:76:d4:52:23:e3:8f:8d:87:7d:64:e0:
d6:cd:fc:f1:5b:7f:4f:91:23:a4:4a:c1:2f:19:e4:
4f:22:00:46:58:68:92:e4:02:e6:32:92:b0:a2:a9:
12:6f:d5:15:e2:11:c8:30:06:75:5a:8e:25:0b:2a:
44:fd:22:81:6d:90:a5:08:d6:59:ed:58:2e:31:da:
18:48:90:1c:b9:56:a8:91:aa:2b:6b:12:4a:f5:cb:
db:d8:12:5c:d5:ee:5f:d8:d5:2e:d7:4c:16:96:be:
77:51:75:76:61:99:f8:3f:08:bf:fc:47:21:be:68:
94:32:83:a5:3c:97:50:4e:04:a3:5a:89:df:24:b9:
83:3f:64:b1:f6:72:df:fb:2e:d2:f6:0f:45:11:20:
9e:b7:bc:5e:e3:28:82:d2:34:14:12:27:9c:19:a6:
9f:dd:5f:7c:db:27:19:60:04:12:e1:f0:7e:d0:11:
59:28:e4:70:6a:e4:34:6c:5e:7c:b9:07:66:2a:45:
08:b1:ba:cd:60:2f:86:c9:b7:5f:b5:66:a4:57:dd:
56:db:33:5a:b4:11:e7:ba:3e:2d:c1:c2:f7:56:13:
b4:fd:07:a7:8b:41:6c:0c:01:e5:d8:4f:92:33:a0:
f5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:DF:FB:FE:DE:9D:F6:1F:31:7B:A6:64:5E:30:C3:CD:38:5B:8F:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.40.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:0c:9d:89:49:f0:1b:61:b0:3d:79:02:35:07:b1:a5:6d:f3:
b7:eb:c3:99:85:1d:a2:3e:72:4b:cc:cd:90:87:d3:14:53:d6:
9d:f7:b7:73:53:09:3c:97:8a:2a:7f:76:60:3e:fd:fc:73:21:
ea:94:f3:4e:18:ad:76:94:17:51:4e:d6:88:fd:2b:5b:1a:1a:
e3:d4:30:99:51:27:2e:ae:02:0e:f2:dc:85:83:94:3e:3a:98:
32:85:83:e3:94:16:e3:46:35:18:86:e5:55:8e:18:a2:ac:7e:
b8:d1:57:05:32:b2:81:cc:52:6c:f4:ff:e9:d9:4f:0c:7c:bb:
97:90:88:33:11:03:aa:17:61:9f:34:7b:25:58:e4:f8:b7:27:
b9:31:e4:f0:a3:d6:9e:14:31:37:3d:4b:a3:4a:fb:d4:65:e1:
59:94:80:16:8e:96:d2:7b:68:b4:aa:21:4b:6d:a2:14:18:7b:
91:44:92:f3:3f:1e:61:8f:de:92:d0:9b:90:8a:fb:b8:fa:2c:
fd:29:b5:07:60:9f:39:d1:f5:b9:e2:4d:73:e1:8a:11:4e:d4:
ee:58:af:e8:78:3a:32:ec:e5:0e:cb:54:f0:9a:32:e1:4a:84:
e8:e0:84:3e:29:b7:90:95:ef:a1:71:7e:28:f7:63:ae:60:1c:
04:fd:6f:d3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDioMTKZNm7J5riT0IX4wS3Giz6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMDhaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3NjZhNjQ2MzUxMDU2MGEzMWYyNTQxNjI4OTA5NjgxYTBhNjY4YzNjNTVl
NjUzMmZhNTVlZDcyNzVlNjVhZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7WpnAXkHknoDJ4yqJPQlsXL3bUUiPjj42HfWTg1s388Vt/T5EjpErBLxnk
TyIARlhokuQC5jKSsKKpEm/VFeIRyDAGdVqOJQsqRP0igW2QpQjWWe1YLjHaGEiQ
HLlWqJGqK2sSSvXL29gSXNXuX9jVLtdMFpa+d1F1dmGZ+D8Iv/xHIb5olDKDpTyX
UE4Eo1qJ3yS5gz9ksfZy3/su0vYPRREgnre8XuMogtI0FBInnBmmn91ffNsnGWAE
EuHwftARWSjkcGrkNGxefLkHZipFCLG6zWAvhsm3X7VmpFfdVtszWrQR57o+LcHC
91YTtP0Hp4tBbAwB5dhPkjOg9dMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRq3/v+
3p32HzF7pmReMMPNOFuPJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUyZTlkYWQtY2JmMy00YWMwLWE1MmUtZGEyYmYwM2U5MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiKDAN
BgkqhkiG9w0BAQsFAAOCAQEAegydiUnwG2GwPXkCNQexpW3zt+vDmYUdoj5yS8zN
kIfTFFPWnfe3c1MJPJeKKn92YD79/HMh6pTzThitdpQXUU7WiP0rWxoa49QwmVEn
Lq4CDvLchYOUPjqYMoWD45QW40Y1GIblVY4Yoqx+uNFXBTKygcxSbPT/6dlPDHy7
l5CIMxEDqhdhnzR7JVjk+LcnuTHk8KPWnhQxNz1Lo0r71GXhWZSAFo6W0ntotKoh
S22iFBh7kUSS8z8eYY/ektCbkIr7uPos/Sm1B2CfOdH1ueJNc+GKEU7U7liv6Hg6
MuzlDstU8Joy4UqE6OCEPim3kJXvoXF+KPdjrmAcBP1v0w==
-----END CERTIFICATE-----
Generated at Tue May 12 23:36:18 2026 by rpki-client