Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
File: 4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa (raw, json)
Hash identifier: V3bfVjG5id3b/zWMgzWyfHklE2orpJKBaEzWDtDPELg=
Subject key identifier: EA:8C:FC:86:E3:3C:89:9B:C6:F8:91:95:0D:AB:15:D0:CC:B0:31:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34FB95C8A0F1F2C236B0BE5D58380A9C878F299E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
Signing time: Tue 17 Feb 2026 03:00:37 +0000
ROA not before: Tue 17 Feb 2026 03:00:37 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:fb:95:c8:a0:f1:f2:c2:36:b0:be:5d:58:38:0a:9c:87:8f:29:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:37 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=cfcb1dfdf7f4da8bc001fef21529399a4361f067d87cd8b0b265a87a3a1fa1d1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:21:c5:3b:4f:fe:f3:21:0e:52:be:bb:cb:d1:
93:33:db:aa:78:bd:08:74:34:05:82:90:bb:a5:40:
f1:d1:f3:bc:77:38:a0:da:a9:1f:ee:07:c1:af:3e:
2f:a0:79:26:d6:bd:55:26:14:4c:bc:ae:92:e0:7d:
16:2c:05:71:b4:10:24:a7:c2:52:5e:be:ea:35:c6:
c4:4a:d2:2c:e1:28:3a:3e:cb:a8:11:15:3f:b7:54:
71:4f:39:2a:c3:15:15:e3:27:10:d3:c8:63:d0:0a:
d8:92:80:45:c3:bc:0f:cf:06:79:64:73:43:34:6f:
08:ae:30:b7:92:44:2a:82:7b:34:a8:96:1c:7e:b4:
a7:bd:e5:ed:26:7c:84:10:1a:c1:6a:d4:e9:d4:dc:
45:57:42:03:52:74:a4:00:e3:37:42:55:43:8c:ec:
4b:58:8a:22:9c:ee:8e:0a:7d:db:fe:79:0f:c1:4e:
e6:17:4a:a5:c3:3d:1e:1b:9e:f5:46:22:5c:a3:4a:
36:6e:f5:f4:f3:f8:ca:24:f3:87:f4:09:b2:04:56:
c4:77:98:39:a9:6c:86:12:03:de:9f:13:86:f2:f2:
f3:b1:67:a1:a6:15:80:a3:4e:a6:cd:08:1c:f4:98:
3b:38:31:1b:49:71:6f:ef:5e:8a:8f:a9:90:5b:2e:
4c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:8C:FC:86:E3:3C:89:9B:C6:F8:91:95:0D:AB:15:D0:CC:B0:31:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.224.0/19
Signature Algorithm: sha256WithRSAEncryption
80:64:55:2a:46:ea:e0:cf:19:90:64:7f:75:15:d0:7d:84:cd:
ea:23:55:9e:80:88:eb:5b:12:dd:f0:1c:04:7e:68:6f:33:4e:
3c:d8:f9:16:b0:d5:1e:bb:0c:b9:47:73:ff:a4:cb:ca:07:22:
4f:15:ca:bf:70:72:f0:24:64:69:52:02:d2:be:a6:0e:ef:ad:
25:f8:dd:7a:12:89:0c:aa:76:0f:d4:43:90:ca:c8:27:49:ae:
3d:31:15:dc:49:a9:8e:2d:7c:6a:85:b3:e9:16:06:fe:ad:c5:
6e:a8:83:55:6e:c3:a7:78:da:be:bb:e9:cc:32:60:e5:48:2e:
aa:a2:8d:1c:33:31:d1:66:4b:1f:e7:57:f6:ea:e4:56:a8:1e:
b2:03:d4:03:5e:16:db:a5:e7:55:3c:d7:e5:e8:82:98:80:bd:
62:14:b5:ed:0a:81:da:ff:3b:bb:13:09:a8:39:b4:35:86:06:
7e:ba:d3:48:32:4c:ca:ee:1f:53:a8:d2:45:75:f4:99:24:05:
4d:09:f2:5e:dd:86:23:84:72:38:0a:91:a0:bc:f5:56:14:35:
c4:3b:9e:3b:94:cd:0c:e1:c0:77:ae:38:f6:9b:9c:69:85:62:
68:42:84:51:1b:78:07:2d:91:f2:17:ed:de:e4:fa:7c:8f:b3:
f0:c2:6f:91
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNPuVyKDx8sI2sL5dWDgKnIePKZ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMzdaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmY2IxZGZkZjdmNGRhOGJjMDAxZmVmMjE1MjkzOTlhNDM2MWYwNjdkODdj
ZDhiMGIyNjVhODdhM2ExZmExZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0hxTtP/vMhDlK+u8vRkzPbqni9CHQ0BYKQu6VA8dHzvHc4oNqpH+4Hwa8+
L6B5Jta9VSYUTLyukuB9FiwFcbQQJKfCUl6+6jXGxErSLOEoOj7LqBEVP7dUcU85
KsMVFeMnENPIY9AK2JKARcO8D88GeWRzQzRvCK4wt5JEKoJ7NKiWHH60p73l7SZ8
hBAawWrU6dTcRVdCA1J0pADjN0JVQ4zsS1iKIpzujgp92/55D8FO5hdKpcM9Hhue
9UYiXKNKNm719PP4yiTzh/QJsgRWxHeYOalshhID3p8ThvLy87FnoaYVgKNOps0I
HPSYOzgxG0lxb+9eio+pkFsuTIcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTqjPyG
4zyJm8b4kZUNqxXQzLAxjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDk1NmU1MDctNjNiNy00ZDdkLWFjMTktNmU1YzVkMWRkZGQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS4z4DAN
BgkqhkiG9w0BAQsFAAOCAQEAgGRVKkbq4M8ZkGR/dRXQfYTN6iNVnoCI61sS3fAc
BH5obzNOPNj5FrDVHrsMuUdz/6TLygciTxXKv3By8CRkaVIC0r6mDu+tJfjdehKJ
DKp2D9RDkMrIJ0muPTEV3Empji18aoWz6RYG/q3FbqiDVW7Dp3javrvpzDJg5Ugu
qqKNHDMx0WZLH+dX9urkVqgesgPUA14W26XnVTzX5eiCmIC9YhS17QqB2v87uxMJ
qDm0NYYGfrrTSDJMyu4fU6jSRXX0mSQFTQnyXt2GI4RyOAqRoLz1VhQ1xDueO5TN
DOHAd6449pucaYViaEKEURt4By2R8hft3uT6fI+z8MJvkQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:10 2026 by rpki-client