Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
File: ec7e5637-f312-4c51-b644-29324b74734e.roa (raw, json)
Hash identifier: 7RVQh+wpC1S3olJjDA8O0Nz2YhBBGpFA7sjb7wbhyCU=
Subject key identifier: 93:D7:74:41:60:A6:C4:63:39:9E:6E:78:2C:9B:D3:D0:07:7E:FF:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 163D0F0EE73E8D8FB909998B5AB2D0DA9EFDE5DC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
Signing time: Mon 11 May 2026 01:50:08 +0000
ROA not before: Mon 11 May 2026 01:50:08 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:3d:0f:0e:e7:3e:8d:8f:b9:09:99:8b:5a:b2:d0:da:9e:fd:e5:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:08 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=706076f5f670811df2a1f6a30f5d53c29d15dea4d9bc53e7e4a3d858ce8aabb2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6e:c8:c8:33:d8:22:e5:88:b3:70:f2:64:a3:
df:02:6e:a7:7d:0a:5a:3c:b7:6e:f3:88:17:a3:16:
ee:66:24:7e:2c:d4:d6:f0:02:aa:ee:a8:3f:ea:bb:
14:a0:98:73:a6:e8:d2:6c:c0:c7:ac:b2:47:9d:12:
21:6e:4a:bb:12:2a:01:eb:88:e9:35:d7:01:8d:db:
ff:87:c4:d1:d8:27:66:55:c4:60:97:c4:90:b8:00:
67:4b:21:d3:bc:91:f4:e4:b5:a6:9e:e1:69:c9:62:
6a:10:69:f6:1c:23:6b:44:71:ae:fb:56:49:b2:ba:
c8:e6:bf:24:47:e6:30:6a:9c:9b:1c:ed:a8:cf:c7:
83:86:6e:6a:bb:18:1a:c5:f8:bf:ab:b4:ee:56:5e:
b0:b4:c1:65:7a:a5:c9:5f:4b:7e:c9:7d:bd:4a:fb:
4b:c4:6c:31:12:f2:6f:bb:a9:87:b6:79:6e:91:ae:
8c:8b:74:fe:28:17:e1:b8:60:01:dc:25:e9:02:62:
00:73:f0:08:56:95:f6:16:f0:52:9f:e0:3e:9a:68:
94:1e:bb:80:6f:6d:fc:39:b9:fb:30:bd:00:33:71:
85:6a:6e:4a:23:94:ed:a0:81:99:c8:04:cc:a2:5f:
54:71:0a:7e:e6:95:68:8b:9d:fc:81:8e:7e:c6:d0:
2f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:D7:74:41:60:A6:C4:63:39:9E:6E:78:2C:9B:D3:D0:07:7E:FF:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec7e5637-f312-4c51-b644-29324b74734e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.224.0/19
Signature Algorithm: sha256WithRSAEncryption
ba:23:b1:7b:42:02:fb:51:be:78:bf:05:11:ac:22:21:e0:f6:
f2:18:65:c0:f8:45:9a:fa:5e:72:a1:71:79:19:0a:67:f5:c0:
0f:5b:cf:ff:b9:ab:18:e6:d6:b4:2b:33:14:b4:44:57:59:68:
f9:8c:bb:ed:d4:ab:33:cc:5e:77:61:7f:9d:f2:c7:81:fa:21:
6c:f3:0e:ae:c3:51:48:4d:48:63:00:90:58:f8:12:16:8c:42:
8e:c0:3c:e8:28:ec:82:9b:41:fe:8f:0b:b6:4f:d5:44:55:99:
71:1c:f5:68:e6:3e:cb:a9:8a:df:26:6c:70:eb:29:bd:2f:b1:
93:f0:3c:16:ce:b3:8e:99:f0:be:4d:f5:56:7c:d6:72:ff:96:
fc:1b:55:92:d2:0e:34:69:02:2e:c0:d5:4c:cb:60:a7:e9:f3:
40:db:fc:b1:fc:05:85:00:30:8e:1a:02:8f:6f:ae:62:12:b3:
d0:c1:b1:9b:c2:be:c6:8b:bf:5b:af:a3:04:8d:15:15:2e:95:
56:1e:f4:b0:f7:df:62:f8:d1:a9:f5:18:3e:e6:c7:8e:8c:a1:
9c:4f:58:df:c4:a1:fb:64:89:b8:f5:36:dc:7e:30:ca:6b:c5:
27:a8:b1:ed:18:be:57:8e:78:c5:79:2f:40:9b:fa:1b:84:4b:
42:8d:92:8c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFj0PDuc+jY+5CZmLWrLQ2p795dwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMDhaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwNjA3NmY1ZjY3MDgxMWRmMmExZjZhMzBmNWQ1M2MyOWQxNWRlYTRkOWJj
NTNlN2U0YTNkODU4Y2U4YWFiYjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANxuyMgz2CLliLNw8mSj3wJup30KWjy3bvOIF6MW7mYkfizU1vACqu6oP+q7
FKCYc6bo0mzAx6yyR50SIW5KuxIqAeuI6TXXAY3b/4fE0dgnZlXEYJfEkLgAZ0sh
07yR9OS1pp7hacliahBp9hwja0RxrvtWSbK6yOa/JEfmMGqcmxztqM/Hg4ZuarsY
GsX4v6u07lZesLTBZXqlyV9Lfsl9vUr7S8RsMRLyb7uph7Z5bpGujIt0/igX4bhg
Adwl6QJiAHPwCFaV9hbwUp/gPppolB67gG9t/Dm5+zC9ADNxhWpuSiOU7aCBmcgE
zKJfVHEKfuaVaIud/IGOfsbQL00CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBST13RB
YKbEYzmebngsm9PQB37/qzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM3ZTU2MzctZjMxMi00YzUxLWI2NDQtMjkzMjRiNzQ3MzRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAi4DAN
BgkqhkiG9w0BAQsFAAOCAQEAuiOxe0IC+1G+eL8FEawiIeD28hhlwPhFmvpecqFx
eRkKZ/XAD1vP/7mrGObWtCszFLREV1lo+Yy77dSrM8xed2F/nfLHgfohbPMOrsNR
SE1IYwCQWPgSFoxCjsA86CjsgptB/o8Ltk/VRFWZcRz1aOY+y6mK3yZscOspvS+x
k/A8Fs6zjpnwvk31VnzWcv+W/BtVktIONGkCLsDVTMtgp+nzQNv8sfwFhQAwjhoC
j2+uYhKz0MGxm8K+xou/W6+jBI0VFS6VVh70sPffYvjRqfUYPubHjoyhnE9Y38Sh
+2SJuPU23H4wymvFJ6ix7Ri+V454xXkvQJv6G4RLQo2SjA==
-----END CERTIFICATE-----
Generated at Tue May 12 23:05:42 2026 by rpki-client