Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
File: 2c6881bd-10fc-4994-83fe-43244d2b078a.roa (raw, json)
Hash identifier: //EQ1ZPYb3/M3VV3uR2kGZZjE1NfLoEWzWAlcgAhGTU=
Subject key identifier: B6:5B:4A:96:96:6A:AA:CD:81:88:48:BD:A2:77:78:BB:8E:3F:DD:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D18DB8DE8E23FA27B5EF16288A6A03048B05160
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
Signing time: Tue 17 Feb 2026 03:10:27 +0000
ROA not before: Tue 17 Feb 2026 03:10:27 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.80.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:18:db:8d:e8:e2:3f:a2:7b:5e:f1:62:88:a6:a0:30:48:b0:51:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:27 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=d28048488d1f238fa64c9f0ba80a5acd29afb99c32ae268ed3bb7de99d9b2970, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:99:f3:81:1f:cf:34:14:24:ab:80:db:62:63:
0b:99:70:f8:13:d7:be:30:ba:00:76:ba:4b:49:96:
f8:a5:be:22:1c:24:8d:c8:69:62:f3:1c:d5:04:d2:
12:76:ed:ca:54:ae:61:2f:42:63:77:09:03:61:66:
a3:7f:ff:15:67:69:bc:61:2e:63:b3:d4:4f:8b:7b:
44:43:0f:37:0a:06:c2:e7:0d:7b:5b:9e:5b:e4:67:
0f:34:6b:e1:54:3c:a3:34:d5:ff:c3:26:7f:20:8f:
ed:f8:a1:31:0e:74:ea:bb:de:b5:5a:cd:96:5a:b7:
48:ec:ce:89:be:4b:50:3b:a5:0a:bb:13:03:aa:ed:
4a:23:12:43:1f:ae:1c:02:0d:76:dd:22:2f:57:96:
79:63:18:17:aa:4e:ba:63:d0:0f:51:e8:95:e6:7e:
e3:7f:5a:e9:bc:4b:7d:5f:75:5d:a3:5d:0a:21:24:
98:5e:a1:c7:2a:06:3d:77:12:04:85:9f:bb:6c:e9:
50:37:0f:6b:6d:dc:62:33:17:60:b0:96:ce:80:f2:
fa:1c:32:0a:a3:a0:39:61:08:b9:ac:1b:0a:c4:67:
b0:e8:64:9e:9a:66:6a:8b:4d:ab:af:1b:da:79:c7:
af:cd:47:7b:26:3f:8c:f8:d3:d0:76:eb:19:85:c6:
b1:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5B:4A:96:96:6A:AA:CD:81:88:48:BD:A2:77:78:BB:8E:3F:DD:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.80.0/20
Signature Algorithm: sha256WithRSAEncryption
b2:a6:85:3a:42:6a:f6:c3:ab:8a:ec:99:20:3c:30:79:06:2a:
7a:04:20:67:1d:6f:fa:29:ca:64:f5:b1:83:86:a9:ec:10:a6:
7c:d5:67:26:70:2e:87:0b:43:fe:15:78:b0:19:01:7e:ad:de:
fe:66:85:7a:f3:4a:66:f4:f4:26:be:30:71:2d:e3:75:3e:a6:
56:01:9b:15:98:7a:b2:e1:5a:fe:e9:43:d9:65:3b:c6:90:3a:
3f:b2:c5:2d:19:b0:6b:c9:de:a6:3e:60:db:7f:d5:98:4c:59:
a4:3d:fb:6b:35:ae:f2:ff:06:41:32:be:70:81:4a:32:7f:ec:
55:a6:d5:8a:1e:9a:6e:71:70:5e:f9:bd:e9:46:71:c6:ed:84:
1c:b8:70:a5:57:9b:f1:c7:4d:ae:89:9b:d9:70:97:2d:6f:94:
3f:8b:d6:27:58:e5:4d:1f:e5:b5:ae:3c:d8:de:4e:75:97:91:
dd:ab:6e:c8:91:70:5b:d5:67:0c:fe:a3:58:55:8d:cd:f6:b0:
e0:c5:e1:5d:59:bb:73:8f:dd:c4:0a:71:e3:c8:d6:de:82:c6:
a9:29:79:4c:f0:c2:8d:4c:88:f0:08:b4:16:9c:ed:03:87:4f:
c8:7d:90:df:2f:e5:00:ea:77:84:2a:a8:09:c4:f4:ce:29:ff:
ea:7f:ec:f6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPRjbjejiP6J7XvFiiKagMEiwUWAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMjdaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyODA0ODQ4OGQxZjIzOGZhNjRjOWYwYmE4MGE1YWNkMjlhZmI5OWMzMmFl
MjY4ZWQzYmI3ZGU5OWQ5YjI5NzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiZ84EfzzQUJKuA22JjC5lw+BPXvjC6AHa6S0mW+KW+IhwkjchpYvMc1QTS
EnbtylSuYS9CY3cJA2Fmo3//FWdpvGEuY7PUT4t7REMPNwoGwucNe1ueW+RnDzRr
4VQ8ozTV/8MmfyCP7fihMQ506rvetVrNllq3SOzOib5LUDulCrsTA6rtSiMSQx+u
HAINdt0iL1eWeWMYF6pOumPQD1HoleZ+439a6bxLfV91XaNdCiEkmF6hxyoGPXcS
BIWfu2zpUDcPa23cYjMXYLCWzoDy+hwyCqOgOWEIuawbCsRnsOhknppmaotNq68b
2nnHr81HeyY/jPjT0HbrGYXGsYkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS2W0qW
lmqqzYGISL2id3i7jj/dZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM2ODgxYmQtMTBmYy00OTk0LTgzZmUtNDMyNDRkMmIwNzhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JUDAN
BgkqhkiG9w0BAQsFAAOCAQEAsqaFOkJq9sOriuyZIDwweQYqegQgZx1v+inKZPWx
g4ap7BCmfNVnJnAuhwtD/hV4sBkBfq3e/maFevNKZvT0Jr4wcS3jdT6mVgGbFZh6
suFa/ulD2WU7xpA6P7LFLRmwa8nepj5g23/VmExZpD37azWu8v8GQTK+cIFKMn/s
VabVih6abnFwXvm96UZxxu2EHLhwpVeb8cdNromb2XCXLW+UP4vWJ1jlTR/lta48
2N5OdZeR3atuyJFwW9VnDP6jWFWNzfaw4MXhXVm7c4/dxApx48jW3oLGqSl5TPDC
jUyI8Ai0FpztA4dPyH2Q3y/lAOp3hCqoCcT0zin/6n/s9g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:31 2026 by rpki-client