Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
File: ca3047ed-6074-479d-9d85-26334085e41c.roa (raw, json)
Hash identifier: Ofnoj/sJiJgMpaLa5zlgJxjV4UjXtT++ew/vPkYl8ZI=
Subject key identifier: 06:C0:D4:81:8D:E1:F4:04:06:82:79:27:CC:E9:A8:99:67:EA:98:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 741477CF3D08CC1455236BED24026D3614F56A56
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
Signing time: Thu 14 May 2026 01:40:06 +0000
ROA not before: Thu 14 May 2026 01:40:06 +0000
ROA not after: Wed 12 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:14:77:cf:3d:08:cc:14:55:23:6b:ed:24:02:6d:36:14:f5:6a:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 14 01:40:06 2026 GMT
Not After : Aug 12 23:59:59 2026 GMT
Subject: serialNumber=43ac1c4d4e97459b93a1c10186d1be0c3289d2c9e8e707b123244216c71a6b6b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:06:eb:65:ac:5c:ec:fc:24:b2:ae:27:e0:75:
88:1d:1b:78:9b:ff:3f:d7:a7:3f:90:da:88:5b:13:
8d:79:cd:49:40:a4:c4:25:41:f0:1d:ff:8b:b6:fe:
f6:73:77:c6:9f:84:a3:16:ff:57:04:76:ea:90:ae:
7e:df:90:28:b0:84:2c:b0:72:db:20:c4:e6:0a:e4:
dd:28:1f:9f:91:cc:d6:5e:45:10:7c:b7:d8:e6:1e:
32:a1:fc:8a:5f:31:6d:3b:12:bb:10:cf:6e:75:35:
48:ef:d0:cd:78:8b:eb:e8:93:c4:f4:16:f1:13:08:
4c:67:c1:c4:22:12:db:44:ea:cc:8f:11:08:34:f3:
ed:a0:39:9f:6a:6f:5a:d4:38:8d:18:3e:0d:55:b8:
70:e6:b1:a5:df:33:87:d3:da:cb:30:19:59:65:d1:
fc:f4:95:bc:30:6c:cd:53:dd:d9:f1:42:f3:ca:d7:
09:86:d3:e8:3f:30:0c:0b:16:e1:07:93:2f:97:cb:
66:17:a2:3c:89:22:8f:83:2c:63:c3:29:94:d5:53:
f0:33:d6:66:1b:fe:09:e5:9d:b7:6b:2a:5b:0e:34:
83:58:5c:d7:6f:03:ad:9f:05:43:f2:7c:4c:60:dd:
67:4a:21:0a:85:f6:b7:32:5e:20:9e:7c:75:e1:51:
9a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C0:D4:81:8D:E1:F4:04:06:82:79:27:CC:E9:A8:99:67:EA:98:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/18
Signature Algorithm: sha256WithRSAEncryption
41:0e:d7:7a:dc:d2:fb:80:9e:55:c6:d0:5a:90:7a:31:ea:f1:
aa:b7:23:90:ef:a3:54:6e:2e:6a:c6:7a:f9:fa:68:4e:62:7c:
c3:02:d5:1d:71:80:0d:0b:c8:40:88:12:fb:96:84:6f:4a:44:
a5:35:13:85:bd:c4:d7:a5:57:a5:aa:be:e6:f1:e6:ba:b0:11:
52:cc:30:db:82:f4:0b:95:af:7d:d3:44:8c:fc:9c:a3:d5:d4:
9f:34:49:85:74:75:1e:e6:67:86:2c:b3:9b:d1:d6:a1:83:4d:
13:fb:4d:07:db:f1:ad:34:ed:ef:27:d6:62:fd:a0:aa:b9:76:
7f:dd:58:81:bd:77:fa:41:ec:c1:73:76:03:f2:79:56:4e:09:
38:d5:ab:59:75:01:f5:d4:6d:b3:d7:49:65:e2:59:77:e3:50:
a5:2b:74:06:90:b7:89:e3:4c:aa:91:97:91:c7:00:b7:24:55:
9f:60:2c:66:07:23:a0:28:ef:1a:f3:2f:21:49:2b:80:37:a8:
ab:6b:72:7a:52:d9:15:a8:5d:61:3d:64:04:30:33:36:e4:b6:
0d:7d:49:b1:7e:34:f8:bd:bf:35:54:34:6b:26:0c:f8:b2:d6:
35:9c:51:db:b6:de:29:21:47:52:29:53:8e:b2:83:fe:7b:c8:
7a:c8:de:83
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdBR3zz0IzBRVI2vtJAJtNhT1alYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTQwMTQwMDZaFw0yNjA4MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzYWMxYzRkNGU5NzQ1OWI5M2ExYzEwMTg2ZDFiZTBjMzI4OWQyYzllOGU3
MDdiMTIzMjQ0MjE2YzcxYTZiNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkG62WsXOz8JLKuJ+B1iB0beJv/P9enP5DaiFsTjXnNSUCkxCVB8B3/i7b+
9nN3xp+Eoxb/VwR26pCuft+QKLCELLBy2yDE5grk3Sgfn5HM1l5FEHy32OYeMqH8
il8xbTsSuxDPbnU1SO/QzXiL6+iTxPQW8RMITGfBxCIS20TqzI8RCDTz7aA5n2pv
WtQ4jRg+DVW4cOaxpd8zh9PayzAZWWXR/PSVvDBszVPd2fFC88rXCYbT6D8wDAsW
4QeTL5fLZheiPIkij4MsY8MplNVT8DPWZhv+CeWdt2sqWw40g1hc128DrZ8FQ/J8
TGDdZ0ohCoX2tzJeIJ58deFRmlECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQGwNSB
jeH0BAaCeSfM6aiZZ+qYgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2EzMDQ3ZWQtNjA3NC00NzlkLTlkODUtMjYzMzQwODVlNDFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEAQQ7XetzS+4CeVcbQWpB6MerxqrcjkO+jVG4uasZ6
+fpoTmJ8wwLVHXGADQvIQIgS+5aEb0pEpTUThb3E16VXpaq+5vHmurARUsww24L0
C5WvfdNEjPyco9XUnzRJhXR1HuZnhiyzm9HWoYNNE/tNB9vxrTTt7yfWYv2gqrl2
f91Ygb13+kHswXN2A/J5Vk4JONWrWXUB9dRts9dJZeJZd+NQpSt0BpC3ieNMqpGX
kccAtyRVn2AsZgcjoCjvGvMvIUkrgDeoq2tyelLZFahdYT1kBDAzNuS2DX1JsX40
+L2/NVQ0ayYM+LLWNZxR27beKSFHUilTjrKD/nvIesjegw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:45:59 2026 by rpki-client