Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
File: 4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa (raw, json)
Hash identifier: HhUKzetRq6kOm+a4NfEKqgnBWn2K+I16xTWe5YfN+XE=
Subject key identifier: FC:6A:42:FE:57:43:43:FD:FF:13:77:04:CA:C4:E8:61:16:4B:36:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0DDC0D6D763F4BA70F1902BC10AC06C90BFA176C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
Signing time: Tue 17 Feb 2026 03:00:36 +0000
ROA not before: Tue 17 Feb 2026 03:00:36 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:dc:0d:6d:76:3f:4b:a7:0f:19:02:bc:10:ac:06:c9:0b:fa:17:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:36 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=8d5dedc976a08c88cec5d8352b3f0e0f3690818a3356913e952052527700161b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:76:2f:5a:f5:1d:ff:c9:90:bf:45:3e:82:62:
a2:dd:fe:48:1f:d5:6d:f4:43:92:49:b1:59:f3:90:
26:d9:16:bf:22:3e:af:54:bf:83:5f:61:9c:7d:e3:
35:a4:3e:45:a5:62:ff:a8:1f:ec:50:ba:2e:6e:3a:
da:05:76:96:39:06:e2:7f:1f:5b:65:84:85:4b:f9:
de:96:be:d6:37:8f:ac:ed:07:db:db:22:58:ec:28:
32:46:bf:a0:82:1b:fb:29:14:53:ba:21:11:69:c8:
7c:cf:5f:25:29:66:14:df:d2:3d:17:02:99:21:23:
eb:41:af:05:e5:7a:3b:56:a5:75:7a:b6:04:5c:eb:
cf:33:8c:42:15:19:99:3a:ae:96:44:55:0c:6c:3e:
91:11:4f:9d:bf:9d:fc:b5:93:b9:42:49:68:5a:dc:
5b:de:51:5a:96:d9:cd:b3:df:af:68:f1:c5:0d:cb:
f3:7f:99:d6:5f:3a:3d:a2:ff:a3:b7:bb:ed:f2:c1:
a1:90:27:29:52:24:b4:de:3f:e4:4d:d0:3d:61:89:
56:dc:07:46:5f:d8:dd:5b:5e:68:aa:fd:90:0c:c9:
81:bf:36:7c:cf:57:08:c2:3f:33:0e:34:4f:a3:38:
87:66:7d:12:91:03:da:97:58:63:f2:93:c3:07:9f:
36:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:6A:42:FE:57:43:43:FD:FF:13:77:04:CA:C4:E8:61:16:4B:36:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.240.0/20
Signature Algorithm: sha256WithRSAEncryption
81:5d:7a:7f:0c:e3:17:80:38:36:38:27:4e:25:d4:14:b6:bc:
5c:2d:3b:8d:57:d9:37:ae:3e:e2:83:1c:4b:a3:45:59:d3:13:
2a:33:ad:10:81:9b:0e:eb:b8:3f:8c:a5:7a:65:2c:5f:f5:ea:
15:19:c2:94:2a:e5:0c:dc:9e:f2:08:0f:35:64:5c:e9:14:8a:
43:e3:48:bb:cd:78:dd:06:24:75:0f:7a:04:ab:73:75:99:65:
68:83:a2:a2:66:bd:3a:5f:9d:d4:68:41:24:a2:10:f2:0b:31:
af:c5:60:89:4b:45:8e:61:48:0c:fb:b0:ff:55:8b:ef:85:58:
0c:f4:99:74:80:0f:99:1a:49:38:67:60:d8:33:e9:f6:72:68:
6b:cb:a5:1f:93:ff:6a:0d:a3:36:18:da:5e:a1:b1:51:6a:4b:
80:2e:7a:6a:a7:72:c1:c3:7e:fb:78:63:6a:ef:48:f5:35:56:
7c:e8:42:23:cc:a9:7d:60:11:6c:4f:a2:9b:37:af:a4:69:12:
1e:d9:58:7b:03:b4:76:3b:bd:a0:85:67:ee:1d:49:ba:63:43:
8b:c1:c0:dd:d1:40:6b:87:25:21:fc:04:7b:77:21:8e:42:fd:
92:07:bd:88:30:ec:56:05:2c:57:84:c6:a7:96:9f:30:95:4a:
a9:11:04:78
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDdwNbXY/S6cPGQK8EKwGyQv6F2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMzZaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkNWRlZGM5NzZhMDhjODhjZWM1ZDgzNTJiM2YwZTBmMzY5MDgxOGEzMzU2
OTEzZTk1MjA1MjUyNzcwMDE2MWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKl2L1r1Hf/JkL9FPoJiot3+SB/VbfRDkkmxWfOQJtkWvyI+r1S/g19hnH3j
NaQ+RaVi/6gf7FC6Lm462gV2ljkG4n8fW2WEhUv53pa+1jePrO0H29siWOwoMka/
oIIb+ykUU7ohEWnIfM9fJSlmFN/SPRcCmSEj60GvBeV6O1aldXq2BFzrzzOMQhUZ
mTqulkRVDGw+kRFPnb+d/LWTuUJJaFrcW95RWpbZzbPfr2jxxQ3L83+Z1l86PaL/
o7e77fLBoZAnKVIktN4/5E3QPWGJVtwHRl/Y3VteaKr9kAzJgb82fM9XCMI/Mw40
T6M4h2Z9EpED2pdYY/KTwwefNp8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT8akL+
V0ND/f8TdwTKxOhhFks27TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRkMzExNjMtMmFkNy00OWY1LWEyNGQtMmVhNDE3MGJiMDVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6J8DAN
BgkqhkiG9w0BAQsFAAOCAQEAgV16fwzjF4A4NjgnTiXUFLa8XC07jVfZN64+4oMc
S6NFWdMTKjOtEIGbDuu4P4ylemUsX/XqFRnClCrlDNye8ggPNWRc6RSKQ+NIu814
3QYkdQ96BKtzdZllaIOioma9Ol+d1GhBJKIQ8gsxr8VgiUtFjmFIDPuw/1WL74VY
DPSZdIAPmRpJOGdg2DPp9nJoa8ulH5P/ag2jNhjaXqGxUWpLgC56aqdywcN++3hj
au9I9TVWfOhCI8ypfWARbE+imzevpGkSHtlYewO0dju9oIVn7h1JumNDi8HA3dFA
a4clIfwEe3chjkL9kge9iDDsVgUsV4TGp5afMJVKqREEeA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:04 2026 by rpki-client