Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
File: 46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa (raw, json)
Hash identifier: t0RhM7iet7CsGeA4SFDWRPy6AC2I2cNQlwt1ipG5SDc=
Subject key identifier: C6:FB:1C:D6:4F:78:FA:A7:34:FC:5A:27:10:40:04:2D:05:33:F5:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 165FE58CD682189D304EAC91FFC6443FE1D51EAB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
Signing time: Tue 17 Feb 2026 03:00:46 +0000
ROA not before: Tue 17 Feb 2026 03:00:46 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:5f:e5:8c:d6:82:18:9d:30:4e:ac:91:ff:c6:44:3f:e1:d5:1e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:46 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=543aebd07aaebdb4ad0a29f7b714d3a8a42cc17336e911fd5d78b54020e406d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:25:21:70:56:e6:21:91:54:f5:8a:60:cf:d0:
f6:c0:84:a4:93:1d:50:55:29:53:d9:ee:79:99:b1:
08:9b:86:22:1e:7b:d4:21:2e:51:96:09:a8:cc:25:
d8:01:3b:a4:e4:63:6b:36:2b:73:2c:4d:d4:c7:80:
06:fa:af:d1:7c:64:8c:dd:3d:05:89:b0:ab:2e:46:
71:44:f0:c0:2f:29:5b:ac:1d:12:ca:e9:60:25:ac:
09:80:26:2d:26:58:dd:c9:9b:33:da:86:94:3f:da:
dd:36:ed:88:77:a9:84:91:16:c5:ae:42:22:dd:16:
28:85:bc:2b:4f:b2:47:76:e0:a5:d5:0c:a7:f2:55:
59:93:fb:44:b4:4d:ea:33:74:d4:3a:d5:36:dc:f5:
6e:d5:6c:56:75:55:4b:e8:44:47:e0:0f:3b:0f:96:
86:36:3a:a3:8d:46:28:10:59:5c:3c:c5:0b:9f:50:
d2:f9:85:47:18:bb:af:47:1c:08:09:56:8e:f5:4a:
dc:59:e4:bb:0e:59:e8:4b:31:49:0f:55:b3:7a:df:
17:2e:4f:49:de:91:0b:0f:ba:e7:2e:85:26:b9:2e:
58:f7:3c:5d:5f:45:66:56:45:e0:54:47:34:ef:92:
af:3e:7b:65:20:10:23:50:e4:6d:c4:71:ac:c5:3b:
02:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:FB:1C:D6:4F:78:FA:A7:34:FC:5A:27:10:40:04:2D:05:33:F5:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.224.0/19
Signature Algorithm: sha256WithRSAEncryption
6e:fb:f2:d3:05:09:f8:25:b3:ff:ae:8a:c2:78:64:ba:83:53:
ba:9c:22:38:71:20:f4:3a:73:15:85:7f:93:f1:2f:d5:34:3c:
95:7b:32:f4:fc:3c:86:f4:56:3f:0a:02:44:e5:7a:40:be:55:
43:4f:13:54:b4:c5:e0:4e:9a:3f:93:35:b6:6e:71:b4:36:d9:
e2:96:c7:3e:f2:24:3d:12:0e:0f:2b:31:fd:c2:e5:ce:ae:ba:
7c:b5:25:05:bc:07:f7:18:78:c1:7d:b0:97:86:50:ec:8d:78:
2d:df:83:a1:ea:17:9c:71:26:03:ed:28:86:93:4e:71:61:27:
f3:3d:7d:06:c0:3b:1a:bc:fb:6b:ea:6b:fe:1c:6b:49:5e:a1:
1a:9d:5f:52:e9:29:3b:10:f6:fd:a7:54:a5:fa:8e:4b:52:63:
7b:da:5d:bd:ce:39:d8:05:db:f8:46:97:af:43:52:86:1c:14:
a3:5f:df:9c:6f:60:ad:ca:f5:6f:0d:fe:20:b7:81:7d:8c:95:
f1:45:cf:89:d4:2c:3d:91:0e:16:54:e2:7c:b9:fc:a7:cf:75:
27:1b:5d:7e:bb:3c:37:35:82:51:eb:2b:1d:47:e0:6d:41:96:
51:31:b2:d9:d1:be:6e:63:5e:c0:aa:79:b7:56:68:a8:f5:ee:
f5:69:fb:bf
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFl/ljNaCGJ0wTqyR/8ZEP+HVHqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwNDZaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0M2FlYmQwN2FhZWJkYjRhZDBhMjlmN2I3MTRkM2E4YTQyY2MxNzMzNmU5
MTFmZDVkNzhiNTQwMjBlNDA2ZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALolIXBW5iGRVPWKYM/Q9sCEpJMdUFUpU9nueZmxCJuGIh571CEuUZYJqMwl
2AE7pORjazYrcyxN1MeABvqv0XxkjN09BYmwqy5GcUTwwC8pW6wdEsrpYCWsCYAm
LSZY3cmbM9qGlD/a3TbtiHephJEWxa5CIt0WKIW8K0+yR3bgpdUMp/JVWZP7RLRN
6jN01DrVNtz1btVsVnVVS+hER+APOw+WhjY6o41GKBBZXDzFC59Q0vmFRxi7r0cc
CAlWjvVK3Fnkuw5Z6EsxSQ9Vs3rfFy5PSd6RCw+65y6FJrkuWPc8XV9FZlZF4FRH
NO+Srz57ZSAQI1DkbcRxrMU7AikCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTG+xzW
T3j6pzT8WicQQAQtBTP1vjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDZhMjFmZjgtNGRlYS00ZGE0LWEyNzYtNmI0MjRkNGUzYmVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6J4DAN
BgkqhkiG9w0BAQsFAAOCAQEAbvvy0wUJ+CWz/66KwnhkuoNTupwiOHEg9DpzFYV/
k/Ev1TQ8lXsy9Pw8hvRWPwoCROV6QL5VQ08TVLTF4E6aP5M1tm5xtDbZ4pbHPvIk
PRIODysx/cLlzq66fLUlBbwH9xh4wX2wl4ZQ7I14Ld+DoeoXnHEmA+0ohpNOcWEn
8z19BsA7Grz7a+pr/hxrSV6hGp1fUukpOxD2/adUpfqOS1Jje9pdvc452AXb+EaX
r0NShhwUo1/fnG9grcr1bw3+ILeBfYyV8UXPidQsPZEOFlTifLn8p891Jxtdfrs8
NzWCUesrHUfgbUGWUTGy2dG+bmNewKp5t1ZoqPXu9Wn7vw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:43:37 2026 by rpki-client