Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
File: 68677111-f27d-417a-8b43-a65f84482997.roa (raw, json)
Hash identifier: +wF85niRZn82URtJnAdZFlxKK/U1o4EEPvUt9S4kitk=
Subject key identifier: 46:D7:73:25:DB:21:93:69:ED:BE:4B:48:8E:0F:37:3D:CC:0B:11:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0663F3ADAE919259FB23767EDF2C2FA597029536
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
Signing time: Tue 17 Feb 2026 03:10:25 +0000
ROA not before: Tue 17 Feb 2026 03:10:25 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:63:f3:ad:ae:91:92:59:fb:23:76:7e:df:2c:2f:a5:97:02:95:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:25 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=49fdd45f888551d5aacc6f402fabeccd3411182d4a38991a22c53ddcd0aaf780, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:95:6d:db:c7:d3:34:28:66:ba:2c:7a:45:02:
1a:b3:08:f7:2f:c5:ce:c8:28:96:45:8e:4f:24:e6:
cc:b1:aa:22:f3:f1:31:d8:29:ef:3f:4e:e6:75:2e:
1a:97:50:da:bc:d8:c7:a9:5e:ee:15:7f:5a:fa:d0:
f4:7e:0c:bb:ba:a1:5f:8a:6b:77:bd:4c:86:b1:31:
1a:4b:80:6d:d4:45:d5:05:56:b4:85:c3:46:62:d3:
64:ee:b1:88:ef:f2:76:f6:5c:ae:ae:5c:43:82:2c:
22:39:f4:19:a3:1c:90:bf:44:84:4a:b6:c8:be:1d:
3c:a6:0c:b1:46:11:07:ac:12:64:40:04:fa:43:2c:
f7:e9:37:92:6a:f8:ba:a0:88:2b:c0:02:b0:71:f7:
4a:1e:d6:b6:8f:b9:ba:11:31:18:7c:70:b4:fa:d8:
97:47:f6:a8:2a:78:07:c5:84:a8:a8:fa:00:53:ca:
8c:0a:9a:19:96:51:0d:a7:96:17:75:29:d9:f4:a3:
d3:a6:c5:a6:95:80:8f:7f:88:d8:ea:dc:5f:75:76:
0d:0c:48:5b:39:17:d7:03:29:3b:ec:4a:d5:89:b5:
8a:26:dc:80:2b:4f:4a:c1:da:e2:6a:ad:6c:32:3a:
3b:1c:38:8b:15:83:55:40:e7:54:e9:38:bf:dd:76:
f1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:D7:73:25:DB:21:93:69:ED:BE:4B:48:8E:0F:37:3D:CC:0B:11:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/19
Signature Algorithm: sha256WithRSAEncryption
6c:c3:f6:ae:6e:af:c6:90:8f:bc:f9:e2:fa:6d:0d:72:4f:c0:
81:39:f2:6c:26:9f:f1:d2:83:c4:be:b3:06:cf:7a:b8:4f:f7:
6c:b5:e9:7e:d4:96:0f:4b:b3:7e:28:ba:fb:ea:11:aa:3b:8e:
23:21:af:42:36:93:15:1e:c0:a4:8c:8f:56:44:1b:f8:aa:d4:
f3:66:c8:b5:6d:2e:79:f9:2c:3d:9d:d9:31:89:d9:64:08:35:
f5:12:45:c2:17:df:a0:10:bf:97:c4:ca:80:b7:f6:6b:4c:9d:
a9:db:57:78:38:11:b2:77:1f:f9:ee:6b:b6:cf:72:41:32:81:
76:91:06:1f:84:56:39:bf:55:37:08:62:fe:aa:bd:fa:78:6f:
f8:a4:d4:59:bf:21:28:20:00:19:3d:b3:80:c6:bd:fc:97:5b:
7c:a9:ad:28:6e:b7:ff:8c:ae:9d:20:f1:72:0a:9e:20:15:6f:
e8:da:1a:62:c7:28:c4:e4:23:d7:7d:5e:de:e6:30:08:d3:60:
e3:d1:ce:db:6c:06:f1:4f:c4:d6:e0:e0:3f:e4:17:7a:5c:ff:
b3:a7:30:19:65:fb:00:d1:d4:58:c8:14:c7:e3:bb:c1:47:bf:
77:47:c9:bd:b9:b2:56:eb:33:d6:0f:81:ab:22:e6:a3:22:4a:
fe:6f:3f:a1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBmPzra6Rkln7I3Z+3ywvpZcClTYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMjVaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5ZmRkNDVmODg4NTUxZDVhYWNjNmY0MDJmYWJlY2NkMzQxMTE4MmQ0YTM4
OTkxYTIyYzUzZGRjZDBhYWY3ODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI+VbdvH0zQoZrosekUCGrMI9y/FzsgolkWOTyTmzLGqIvPxMdgp7z9O5nUu
GpdQ2rzYx6le7hV/WvrQ9H4Mu7qhX4prd71MhrExGkuAbdRF1QVWtIXDRmLTZO6x
iO/ydvZcrq5cQ4IsIjn0GaMckL9EhEq2yL4dPKYMsUYRB6wSZEAE+kMs9+k3kmr4
uqCIK8ACsHH3Sh7Wto+5uhExGHxwtPrYl0f2qCp4B8WEqKj6AFPKjAqaGZZRDaeW
F3Up2fSj06bFppWAj3+I2OrcX3V2DQxIWzkX1wMpO+xK1Ym1iibcgCtPSsHa4mqt
bDI6Oxw4ixWDVUDnVOk4v9128d0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRG13Ml
2yGTae2+S0iODzc9zAsRhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg2NzcxMTEtZjI3ZC00MTdhLThiNDMtYTY1Zjg0NDgyOTk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAbMP2rm6vxpCPvPni+m0Nck/AgTnybCaf8dKDxL6z
Bs96uE/3bLXpftSWD0uzfii6++oRqjuOIyGvQjaTFR7ApIyPVkQb+KrU82bItW0u
efksPZ3ZMYnZZAg19RJFwhffoBC/l8TKgLf2a0ydqdtXeDgRsncf+e5rts9yQTKB
dpEGH4RWOb9VNwhi/qq9+nhv+KTUWb8hKCAAGT2zgMa9/JdbfKmtKG63/4yunSDx
cgqeIBVv6NoaYscoxOQj131e3uYwCNNg49HO22wG8U/E1uDgP+QXelz/s6cwGWX7
ANHUWMgUx+O7wUe/d0fJvbmyVusz1g+BqyLmoyJK/m8/oQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:50:55 2026 by rpki-client