Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
File: 27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa (raw, json)
Hash identifier: kAeeqphYkqSRurBrvpc73W7gN3kk5jAVGdAHQLpL32A=
Subject key identifier: 5B:A1:98:93:58:AD:D4:19:7F:4C:16:61:C7:C4:84:17:A3:E8:90:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4456836180D0AFE08C66A1477D0C991A751A61CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
Signing time: Tue 17 Feb 2026 03:00:32 +0000
ROA not before: Tue 17 Feb 2026 03:00:32 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:56:83:61:80:d0:af:e0:8c:66:a1:47:7d:0c:99:1a:75:1a:61:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:32 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=ab3b37d566e2fb8cb04f967a9c8fd9c55f79402b62a63079cde1b58a0bf28dca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0c:b0:84:0f:73:dc:8f:5f:cf:e0:53:93:08:
fa:ae:13:4d:9f:2c:9c:ec:8f:48:ad:70:26:51:76:
be:df:03:26:56:9a:e7:7f:c6:6e:37:18:65:73:9a:
13:ca:46:83:d1:b5:26:3d:78:5f:09:96:b0:c1:57:
6f:51:40:dc:40:b5:47:97:6c:d9:d9:7c:fb:d9:e3:
61:d6:1b:59:60:f5:a1:04:39:5c:6b:bd:c6:f7:a7:
b3:d7:23:39:6d:5b:2d:9a:fa:6d:0f:6f:d9:da:7c:
13:c5:e1:00:85:9f:8e:5b:6a:cb:01:df:55:c6:b0:
3d:c6:18:ad:2a:34:55:be:ce:82:47:30:e7:88:51:
5f:99:93:99:66:f5:50:f7:0f:44:e3:b5:b2:5b:85:
db:7a:0c:eb:33:e2:7b:a2:5b:f3:38:ff:d8:23:d8:
5b:14:77:4d:f5:7a:fd:22:03:4c:ea:31:0f:9d:34:
45:11:1c:f7:cf:df:a8:7c:de:e0:39:37:9a:b2:98:
49:ea:0e:41:74:72:39:c7:31:bd:bb:63:11:31:9e:
75:f4:9f:38:e8:8e:d3:c4:a6:6a:86:a6:df:ee:de:
8e:66:4d:45:1f:76:03:55:66:d0:ce:15:c4:11:09:
e0:bd:d9:11:0e:34:4b:cf:ec:ed:31:13:46:73:4b:
c9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:A1:98:93:58:AD:D4:19:7F:4C:16:61:C7:C4:84:17:A3:E8:90:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.176.0/20
Signature Algorithm: sha256WithRSAEncryption
71:8b:e7:35:4a:6f:89:1d:fa:d2:fe:b3:91:78:a1:7b:e3:a0:
c7:d2:6d:cd:13:91:cd:d1:30:44:15:fc:f1:9c:13:bc:09:42:
25:cd:b6:ba:67:7a:8a:2e:ef:e6:de:aa:d7:a5:79:c7:bb:67:
87:04:1b:ac:3a:42:ac:ea:0b:41:e5:a1:e8:86:f4:cb:d1:da:
5f:6f:8b:38:d6:82:41:bd:44:a1:4c:53:5e:ed:50:1c:7c:f9:
ad:e7:51:d4:fc:01:a2:0b:76:61:2e:50:45:2d:2b:f0:d2:6c:
fe:94:de:98:33:e2:27:0f:4e:cf:57:72:7e:78:75:86:36:35:
5b:15:32:b9:88:4c:11:1a:76:52:cc:02:e3:1c:78:10:d5:b0:
ce:b4:07:da:4d:f8:d3:8c:62:86:4f:d9:e9:ce:f5:db:20:e3:
ef:e5:22:04:00:22:60:1c:6b:6a:89:4a:79:0b:7a:fa:7c:f6:
e3:b8:ae:61:d5:d1:04:da:6a:1d:61:87:ac:dc:f2:5c:4f:f7:
63:6c:b1:89:0f:3f:8e:3f:e7:d2:fc:fb:f6:1f:fa:7f:25:ba:
ab:a9:f3:ac:fb:c1:89:2b:b1:18:6e:16:a1:5b:96:e7:4e:b2:
77:d4:d5:bc:dc:13:51:4e:d6:87:2e:bd:bc:eb:87:e6:90:95:
15:37:c1:fe
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURFaDYYDQr+CMZqFHfQyZGnUaYcswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMzJaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiM2IzN2Q1NjZlMmZiOGNiMDRmOTY3YTljOGZkOWM1NWY3OTQwMmI2MmE2
MzA3OWNkZTFiNThhMGJmMjhkY2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIMsIQPc9yPX8/gU5MI+q4TTZ8snOyPSK1wJlF2vt8DJlaa53/GbjcYZXOa
E8pGg9G1Jj14XwmWsMFXb1FA3EC1R5ds2dl8+9njYdYbWWD1oQQ5XGu9xvens9cj
OW1bLZr6bQ9v2dp8E8XhAIWfjltqywHfVcawPcYYrSo0Vb7Ogkcw54hRX5mTmWb1
UPcPROO1sluF23oM6zPie6Jb8zj/2CPYWxR3TfV6/SIDTOoxD500RREc98/fqHze
4Dk3mrKYSeoOQXRyOccxvbtjETGedfSfOOiO08Smaoam3+7ejmZNRR92A1Vm0M4V
xBEJ4L3ZEQ40S8/s7TETRnNLyRcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRboZiT
WK3UGX9MFmHHxIQXo+iQYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjdkMjc0MzItYjU0Mi00YWFkLWIzYTQtZGFmMmEwYTliYjVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4zsDAN
BgkqhkiG9w0BAQsFAAOCAQEAcYvnNUpviR360v6zkXihe+Ogx9JtzRORzdEwRBX8
8ZwTvAlCJc22umd6ii7v5t6q16V5x7tnhwQbrDpCrOoLQeWh6Ib0y9HaX2+LONaC
Qb1EoUxTXu1QHHz5redR1PwBogt2YS5QRS0r8NJs/pTemDPiJw9Oz1dyfnh1hjY1
WxUyuYhMERp2UswC4xx4ENWwzrQH2k3404xihk/Z6c712yDj7+UiBAAiYBxraolK
eQt6+nz247iuYdXRBNpqHWGHrNzyXE/3Y2yxiQ8/jj/n0vz79h/6fyW6q6nzrPvB
iSuxGG4WoVuW506yd9TVvNwTUU7Why69vOuH5pCVFTfB/g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:02:45 2026 by rpki-client