Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
File: 062e9317-b5ab-4d01-a462-4dc8d164e17c.roa (raw, json)
Hash identifier: Mw1gnVYRjPELVmk1DUtGg2Ze6AuuDJkL/4VEfMNNetI=
Subject key identifier: 65:1E:D0:40:5E:62:59:B6:B7:59:73:39:D1:34:D3:D7:A8:B5:8E:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 256FFD95C2EF2EB22686CD28EC9670799A03A63F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
Signing time: Tue 17 Feb 2026 03:10:10 +0000
ROA not before: Tue 17 Feb 2026 03:10:10 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:6f:fd:95:c2:ef:2e:b2:26:86:cd:28:ec:96:70:79:9a:03:a6:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:10 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=9602d6358966979cdf206de7f9e1975cbd8f146f1b72234009e7d3fd0af657c3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:1f:60:d4:69:1a:41:ca:5f:48:f4:d3:e3:19:
26:c2:38:0b:76:4e:c9:78:58:47:22:13:33:f2:ab:
8f:bb:3c:c7:74:0e:27:4f:94:0f:fe:d2:89:30:b4:
9a:7f:cb:b2:5c:b0:f5:d2:42:cf:2e:ea:e7:75:47:
8c:20:9f:85:31:32:db:5d:4f:f9:68:d9:f5:4a:13:
8e:e5:92:52:96:ea:cd:4c:bc:ce:91:8a:40:a6:ec:
a3:8d:e0:3d:e6:7d:3c:13:a3:80:c6:04:75:28:a4:
6e:d3:08:55:eb:24:e1:17:d9:2b:f2:41:27:16:98:
b0:7c:dd:72:8c:f0:ab:7e:81:01:78:46:fc:fa:b4:
6a:12:8e:9e:15:48:b9:d7:7e:54:be:4b:dd:6e:3c:
6d:c2:45:dd:47:84:ec:af:ac:9c:a9:a9:a6:32:f0:
43:9d:ce:19:ce:92:af:38:fd:33:5d:7c:23:5d:b9:
26:3d:93:ad:43:45:99:1f:4c:07:15:4f:f8:07:a2:
c3:eb:bc:37:f6:0f:f4:7e:23:a8:7f:2b:5a:b0:ae:
39:b1:ab:4d:44:92:3d:58:00:ad:8d:4e:20:6a:2e:
f4:83:0a:d8:e3:7d:5d:5b:9e:14:85:9e:ee:3b:7a:
cc:24:74:7a:d3:96:29:d3:bf:ab:e9:be:cd:13:18:
94:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:1E:D0:40:5E:62:59:B6:B7:59:73:39:D1:34:D3:D7:A8:B5:8E:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.172.0/22
Signature Algorithm: sha256WithRSAEncryption
00:8b:e8:5f:74:a9:5a:3d:8e:09:0e:32:ad:69:16:ba:84:61:
f0:f2:e5:8e:40:47:d6:67:8a:51:f5:91:0b:34:63:52:73:6e:
72:10:0f:85:39:22:b4:23:54:cc:e2:bc:17:9c:24:5c:8b:cd:
ea:ab:fa:8a:38:41:bf:0f:b2:f8:53:fd:8c:c0:6b:a2:16:c4:
41:10:6d:84:7d:2b:7c:fc:cf:67:d0:06:0c:e8:30:b3:3d:89:
60:7b:55:41:0b:42:02:9c:fd:8d:d9:7e:7f:36:5b:82:36:6e:
ba:91:b2:3b:30:cf:09:86:d2:a1:88:0a:ac:88:0c:39:9c:ac:
aa:59:d6:12:f4:63:80:ec:92:19:0c:2e:c4:e2:d7:4c:e3:d5:
b1:82:77:ef:8f:64:f7:c3:5a:8c:5e:01:cf:b1:e3:ba:eb:78:
79:7d:df:99:9d:13:ef:88:70:a4:20:df:4d:18:0a:08:6c:68:
be:b5:bf:f9:fd:8d:79:c7:8c:37:4e:d7:19:bd:28:88:fa:f8:
a7:77:19:30:21:6f:98:01:b2:25:4a:97:16:2e:d8:8f:7d:6b:
6a:c2:84:51:1b:05:fb:80:31:14:68:d6:bf:33:b1:82:a8:a2:
6f:05:e9:f0:8e:12:51:09:1b:14:06:ca:26:99:ee:72:e6:12:
42:e0:ed:06
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJW/9lcLvLrImhs0o7JZweZoDpj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMTBaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2MDJkNjM1ODk2Njk3OWNkZjIwNmRlN2Y5ZTE5NzVjYmQ4ZjE0NmYxYjcy
MjM0MDA5ZTdkM2ZkMGFmNjU3YzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO0fYNRpGkHKX0j00+MZJsI4C3ZOyXhYRyITM/Krj7s8x3QOJ0+UD/7SiTC0
mn/Lslyw9dJCzy7q53VHjCCfhTEy211P+WjZ9UoTjuWSUpbqzUy8zpGKQKbso43g
PeZ9PBOjgMYEdSikbtMIVesk4RfZK/JBJxaYsHzdcozwq36BAXhG/Pq0ahKOnhVI
udd+VL5L3W48bcJF3UeE7K+snKmppjLwQ53OGc6Srzj9M118I125Jj2TrUNFmR9M
BxVP+Aeiw+u8N/YP9H4jqH8rWrCuObGrTUSSPVgArY1OIGou9IMK2ON9XVueFIWe
7jt6zCR0etOWKdO/q+m+zRMYlPUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRlHtBA
XmJZtrdZcznRNNPXqLWObDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDYyZTkzMTctYjVhYi00ZDAxLWE0NjItNGRjOGQxNjRlMTdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JrDAN
BgkqhkiG9w0BAQsFAAOCAQEAAIvoX3SpWj2OCQ4yrWkWuoRh8PLljkBH1meKUfWR
CzRjUnNuchAPhTkitCNUzOK8F5wkXIvN6qv6ijhBvw+y+FP9jMBrohbEQRBthH0r
fPzPZ9AGDOgwsz2JYHtVQQtCApz9jdl+fzZbgjZuupGyOzDPCYbSoYgKrIgMOZys
qlnWEvRjgOySGQwuxOLXTOPVsYJ3749k98NajF4Bz7Hjuut4eX3fmZ0T74hwpCDf
TRgKCGxovrW/+f2NeceMN07XGb0oiPr4p3cZMCFvmAGyJUqXFi7Yj31rasKEURsF
+4AxFGjWvzOxgqiibwXp8I4SUQkbFAbKJpnucuYSQuDtBg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:45:04 2026 by rpki-client