Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
File: 842bd74b-e507-47ea-bb4e-32057136b2bd.roa (raw, json)
Hash identifier: FHWvrAA823pAFNIZWQmEU3XHvkTiGjPmb/DqrDmB3WE=
Subject key identifier: ED:6D:E6:8C:8A:80:B7:2B:E9:D6:3F:C4:DA:C0:E6:4A:CC:DA:DD:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 208989E439A2D7382877AEB3B268D8D226F11E54
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
Signing time: Tue 17 Feb 2026 03:10:29 +0000
ROA not before: Tue 17 Feb 2026 03:10:29 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:89:89:e4:39:a2:d7:38:28:77:ae:b3:b2:68:d8:d2:26:f1:1e:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:29 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=0e91b003864246252434a8d6724d0b8757f64ced010e1b91e4880c428b6afebb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6f:3f:f5:8b:70:13:d8:08:61:ea:4f:00:cd:
50:73:54:3b:0b:2d:aa:ab:98:e7:03:85:ac:ef:e5:
7d:5e:dd:38:4d:c3:f0:9d:bb:32:f7:b8:5a:a1:e4:
d2:53:80:f2:68:d0:84:3c:c3:a5:bf:a8:7a:d3:58:
2c:45:f9:0e:6a:7d:08:0a:6c:b6:01:26:19:30:6d:
d1:45:bb:00:02:6c:66:61:49:6f:3b:40:be:b0:89:
f0:11:e5:57:8d:5e:4f:f9:64:f6:3e:af:51:5f:8e:
22:36:02:df:10:c1:d8:c5:e8:91:cd:71:f9:84:6f:
40:74:4e:2c:20:4a:5c:b4:7e:53:91:5f:56:93:ee:
6f:77:4d:06:55:01:4b:c5:96:bc:58:8c:fa:f5:55:
b6:a5:94:81:a6:61:11:1a:bd:31:86:d2:92:74:d0:
47:0f:8b:62:01:69:27:79:88:a8:6c:74:b6:82:aa:
e5:c0:06:0a:67:17:a9:d0:46:90:5e:36:4b:9b:88:
72:88:78:b6:f1:f4:a3:c8:28:e0:8c:21:4c:66:39:
2c:e8:08:2b:8d:8e:7e:93:02:83:42:ac:59:23:39:
14:e2:73:f8:de:31:58:d7:00:f0:3f:43:17:c4:2b:
95:f4:76:ae:fd:79:22:da:5c:b1:2b:d6:87:08:56:
6d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:6D:E6:8C:8A:80:B7:2B:E9:D6:3F:C4:DA:C0:E6:4A:CC:DA:DD:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/18
Signature Algorithm: sha256WithRSAEncryption
b5:21:84:35:f0:6d:78:56:85:21:3b:5d:33:dc:77:8e:7b:a0:
62:f7:71:75:9d:c4:20:22:29:bf:71:a8:c2:6e:1b:f6:fa:56:
19:ea:3d:0c:34:4e:1a:a6:67:20:84:44:ff:c8:bc:f0:1d:d7:
d8:94:c9:5c:8a:e7:b3:77:9d:c7:2a:05:a6:3f:f0:7d:f6:66:
f9:67:44:d3:55:53:67:3f:c1:1f:5c:dc:ed:ef:5a:6e:ed:63:
bc:cd:3a:cc:f9:07:f3:4c:7d:a5:e9:07:87:5e:a9:3a:b2:7b:
64:7f:2e:e1:7f:4d:99:a9:4d:4f:90:00:39:d4:13:12:b5:66:
ce:78:53:c0:7b:56:c8:44:65:b0:78:68:32:3e:a5:5f:7f:06:
0f:0f:94:52:f9:79:19:69:12:9b:84:06:4a:e2:e5:d3:f8:99:
a3:2d:8b:b8:f9:36:fe:d4:7c:78:6a:50:ac:66:66:70:a5:b3:
6d:6d:75:cd:47:63:34:b2:18:39:f3:e4:1d:66:6e:93:92:14:
07:ce:2b:cf:c9:a1:05:d2:de:a4:62:e6:af:2f:8f:22:46:4b:
69:76:8f:17:5e:31:bf:b4:46:a0:62:b2:d4:fc:82:34:12:d2:
7d:9f:ef:05:93:ee:12:5d:69:55:0e:ea:d4:bd:81:9c:2d:01:
9a:a4:04:d4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIImJ5Dmi1zgod66zsmjY0ibxHlQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMjlaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlOTFiMDAzODY0MjQ2MjUyNDM0YThkNjcyNGQwYjg3NTdmNjRjZWQwMTBl
MWI5MWU0ODgwYzQyOGI2YWZlYmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI9vP/WLcBPYCGHqTwDNUHNUOwstqquY5wOFrO/lfV7dOE3D8J27Mve4WqHk
0lOA8mjQhDzDpb+oetNYLEX5Dmp9CApstgEmGTBt0UW7AAJsZmFJbztAvrCJ8BHl
V41eT/lk9j6vUV+OIjYC3xDB2MXokc1x+YRvQHROLCBKXLR+U5FfVpPub3dNBlUB
S8WWvFiM+vVVtqWUgaZhERq9MYbSknTQRw+LYgFpJ3mIqGx0toKq5cAGCmcXqdBG
kF42S5uIcoh4tvH0o8go4IwhTGY5LOgIK42OfpMCg0KsWSM5FOJz+N4xWNcA8D9D
F8QrlfR2rv15ItpcsSvWhwhWbfMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTtbeaM
ioC3K+nWP8TawOZKzNrdyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQyYmQ3NGItZTUwNy00N2VhLWJiNGUtMzIwNTcxMzZiMmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi6JADAN
BgkqhkiG9w0BAQsFAAOCAQEAtSGENfBteFaFITtdM9x3jnugYvdxdZ3EICIpv3Go
wm4b9vpWGeo9DDROGqZnIIRE/8i88B3X2JTJXIrns3edxyoFpj/wffZm+WdE01VT
Zz/BH1zc7e9abu1jvM06zPkH80x9pekHh16pOrJ7ZH8u4X9NmalNT5AAOdQTErVm
znhTwHtWyERlsHhoMj6lX38GDw+UUvl5GWkSm4QGSuLl0/iZoy2LuPk2/tR8eGpQ
rGZmcKWzbW11zUdjNLIYOfPkHWZuk5IUB84rz8mhBdLepGLmry+PIkZLaXaPF14x
v7RGoGKy1PyCNBLSfZ/vBZPuEl1pVQ7q1L2BnC0BmqQE1A==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:40:45 2026 by rpki-client