Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
File: 279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa (raw, json)
Hash identifier: mumc5l5MGsX5zM9x6O/swiCU78452b038ITy19V9vng=
Subject key identifier: 36:01:90:B3:75:5A:CF:CA:32:F3:85:BE:BE:D6:82:06:26:87:8E:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AF91F8568FB8EBF4B5694B746E1E32940403837
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
Signing time: Tue 17 Feb 2026 03:00:11 +0000
ROA not before: Tue 17 Feb 2026 03:00:11 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.144.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:f9:1f:85:68:fb:8e:bf:4b:56:94:b7:46:e1:e3:29:40:40:38:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:11 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=1623f82f51c1a9efcd160e8df140bc21eefcc64506b7e23dca74053c23039ae1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ef:fe:58:29:16:0d:55:0b:9a:74:95:be:fa:
81:86:02:41:01:47:77:cf:d7:f0:0d:ce:6e:88:62:
c1:f4:94:f3:3b:9d:8e:25:ac:19:fc:ed:f1:94:d9:
81:cf:1c:42:be:5a:47:9b:b3:8b:e2:43:e3:ac:6c:
0f:85:29:68:db:00:83:e6:96:10:ab:0b:2b:5d:aa:
c8:4d:7b:41:42:b0:74:84:d2:92:81:00:fe:3e:1f:
32:cf:f1:d1:61:68:b4:90:16:4d:cd:d1:2b:fe:96:
ea:0b:ba:50:19:f9:0d:57:52:55:ae:5c:17:97:b8:
5e:9c:24:a2:7f:ed:2c:8c:06:dd:d7:0c:4d:de:d3:
6c:3a:ce:ba:f6:ba:7d:dc:ca:84:31:86:0e:8e:4e:
aa:10:58:9b:f4:b2:38:13:61:87:f6:9e:a5:e1:87:
f4:ad:03:21:24:2d:34:60:00:b6:2c:0f:fa:f5:3d:
06:88:a4:38:c1:fe:98:f5:0f:79:75:94:26:45:72:
0c:52:b1:be:b7:b9:2c:6e:5b:a3:86:ef:f0:3e:4f:
c1:58:25:74:9f:92:73:32:82:d6:ab:96:03:55:2e:
df:0d:0f:b0:c2:f9:33:dd:f0:3a:25:85:76:af:bb:
86:1a:34:f7:c0:18:09:24:ab:18:64:29:9b:9b:a3:
f8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:01:90:B3:75:5A:CF:CA:32:F3:85:BE:BE:D6:82:06:26:87:8E:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.144.0/21
Signature Algorithm: sha256WithRSAEncryption
04:16:af:ba:6a:6f:7d:a8:89:6c:40:26:c2:a9:70:79:fa:10:
ec:7c:b9:39:8a:72:15:38:e6:dd:63:e5:02:f5:6f:26:6a:de:
0d:6d:f0:fc:49:c5:1e:8c:71:48:0a:21:1a:26:08:89:87:43:
90:6b:77:bd:fb:98:52:3e:a7:9a:96:2e:67:47:5f:96:b0:ba:
fd:b4:e8:d0:ef:00:69:ac:5d:11:3a:65:ef:de:e0:6d:53:46:
75:1e:65:d5:6b:05:5e:05:1a:b2:de:3c:f2:19:5a:e9:d5:fb:
3d:ff:69:f7:f5:1f:66:80:c8:74:cb:cd:95:e7:33:41:17:04:
c9:ef:dd:f4:5e:92:59:9d:3d:26:c2:ef:24:88:e6:63:64:dd:
f3:ba:0a:e0:3e:e3:1c:bc:7f:07:ff:d5:79:05:e9:08:06:fa:
f8:c1:27:31:55:3b:c7:75:44:05:44:6a:52:4f:8d:2e:5d:75:
67:5e:dd:f8:1f:84:d5:86:43:78:05:aa:4e:01:2c:9f:d2:a5:
c4:d3:50:8f:90:60:15:eb:a0:1d:02:c8:a0:a9:9c:53:a6:ab:
79:4f:1a:be:8a:a1:ba:97:45:8e:3f:b7:59:a5:ed:93:0c:72:
e1:f0:35:99:ca:f3:3f:9b:51:1b:ff:25:d0:0b:0c:ce:00:28:
9d:1d:e2:24
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUavkfhWj7jr9LVpS3RuHjKUBAODcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMTFaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MjNmODJmNTFjMWE5ZWZjZDE2MGU4ZGYxNDBiYzIxZWVmY2M2NDUwNmI3
ZTIzZGNhNzQwNTNjMjMwMzlhZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLv/lgpFg1VC5p0lb76gYYCQQFHd8/X8A3ObohiwfSU8zudjiWsGfzt8ZTZ
gc8cQr5aR5uzi+JD46xsD4UpaNsAg+aWEKsLK12qyE17QUKwdITSkoEA/j4fMs/x
0WFotJAWTc3RK/6W6gu6UBn5DVdSVa5cF5e4Xpwkon/tLIwG3dcMTd7TbDrOuva6
fdzKhDGGDo5OqhBYm/SyOBNhh/aepeGH9K0DISQtNGAAtiwP+vU9BoikOMH+mPUP
eXWUJkVyDFKxvre5LG5bo4bv8D5PwVgldJ+SczKC1quWA1Uu3w0PsML5M93wOiWF
dq+7hho098AYCSSrGGQpm5uj+LsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ2AZCz
dVrPyjLzhb6+1oIGJoeOeTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc5ZGE5ZDYtMTBjMi00ZmQ1LTlkNzUtMGE5NjNjMjljOGQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JkDAN
BgkqhkiG9w0BAQsFAAOCAQEABBavumpvfaiJbEAmwqlwefoQ7Hy5OYpyFTjm3WPl
AvVvJmreDW3w/EnFHoxxSAohGiYIiYdDkGt3vfuYUj6nmpYuZ0dflrC6/bTo0O8A
aaxdETpl797gbVNGdR5l1WsFXgUast488hla6dX7Pf9p9/UfZoDIdMvNleczQRcE
ye/d9F6SWZ09JsLvJIjmY2Td87oK4D7jHLx/B//VeQXpCAb6+MEnMVU7x3VEBURq
Uk+NLl11Z17d+B+E1YZDeAWqTgEsn9KlxNNQj5BgFeugHQLIoKmcU6areU8avoqh
updFjj+3WaXtkwxy4fA1mcrzP5tRG/8l0AsMzgAonR3iJA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:49:10 2026 by rpki-client