Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
File: 8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa (raw, json)
Hash identifier: /ZgT+7QcV74rMat8093kwiYhJOlZsnnoxWdpi9hw9lw=
Subject key identifier: 0B:4D:21:21:B2:E6:42:29:1B:BC:30:FE:2E:CA:B2:DA:6F:0A:2E:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 084607D47D8D10A0DCBCCCDA2FE49D35643537FC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
Signing time: Tue 17 Feb 2026 03:00:50 +0000
ROA not before: Tue 17 Feb 2026 03:00:50 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.192.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:46:07:d4:7d:8d:10:a0:dc:bc:cc:da:2f:e4:9d:35:64:35:37:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:50 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=83f6154a6748fd9feb9dd0e28d78da09638ed2c875102b5b85aaaae798883298, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b4:22:3c:79:f8:30:0e:63:e5:47:86:ef:32:
c4:d4:24:1d:6f:b3:77:51:bd:33:da:5a:a9:ca:ed:
46:08:75:0f:32:58:4c:39:e0:e3:58:c8:af:06:c8:
cf:5d:3f:6e:4a:81:6c:75:c7:9a:be:05:a2:da:ea:
37:c8:24:db:9a:19:ff:f5:b8:4f:33:89:e9:b4:48:
24:a7:c8:10:ac:7c:8c:90:7e:f5:43:79:2f:a6:bc:
9d:4e:01:ef:72:55:de:f2:03:19:2c:68:bf:92:49:
47:3b:61:45:12:7a:b2:ca:44:7b:4e:da:7f:76:db:
7a:ea:f6:f1:03:32:3a:10:05:10:ea:9e:3c:7f:06:
41:f7:f2:44:a1:1e:58:fb:ec:dd:4b:fe:da:d9:83:
a9:af:f5:79:79:83:90:44:fc:86:df:09:e2:09:6f:
e5:9e:e4:89:88:9d:63:9a:ca:47:5c:9f:51:69:67:
81:1a:31:b1:d4:1a:07:d8:d6:be:85:e3:51:b6:fa:
7e:b1:23:b3:28:51:e4:26:56:46:2f:09:7a:bd:97:
36:aa:5b:be:3b:78:fb:b4:7e:8c:35:0e:08:5d:eb:
10:6c:3b:20:06:89:05:40:73:8f:08:e6:5d:15:08:
a6:b6:b0:c8:e0:26:94:d2:2f:30:ab:c5:11:1f:85:
cc:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:4D:21:21:B2:E6:42:29:1B:BC:30:FE:2E:CA:B2:DA:6F:0A:2E:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.192.0/20
Signature Algorithm: sha256WithRSAEncryption
79:a3:00:4f:17:84:d4:a1:ea:08:f0:03:2e:47:69:5d:57:fe:
e0:95:2b:7e:1d:c9:48:1c:bd:1d:bc:fb:64:cb:c5:26:92:6f:
67:18:0f:47:4e:89:3d:69:c2:ad:d5:64:55:9e:0a:17:93:55:
74:b1:27:67:7b:a1:d7:7f:d6:40:92:f8:8a:30:48:ba:d0:19:
f3:d8:34:f2:49:3e:4a:cc:88:05:d2:52:59:c7:d3:f1:e5:a3:
5d:f0:b1:f3:2e:23:0d:f9:bf:33:db:97:23:80:25:e8:9f:9e:
87:52:9a:2b:78:39:25:18:ae:2f:ab:86:10:4e:96:dd:51:35:
3e:1f:00:d5:32:a9:e3:92:43:26:69:66:9d:86:5a:bd:ae:ed:
27:e8:47:3e:b1:3f:b8:26:57:53:82:ad:4e:61:eb:5b:05:8d:
0d:42:ef:09:24:25:02:3f:c0:b9:9a:c3:63:8b:33:f3:dd:52:
3f:f4:59:2b:fa:0c:61:3f:f8:f3:05:9d:e4:ae:fe:0a:a0:b1:
70:2d:28:c4:db:25:81:c6:e5:2c:69:5b:b6:6c:2e:01:4a:2a:
f0:0c:24:fd:a7:ae:95:ab:7a:2d:85:90:2f:0a:24:2d:7c:1f:
c8:75:2a:6f:2f:48:76:1f:1f:21:1c:f7:b8:32:f5:6c:b4:9c:
2b:bf:28:09
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCEYH1H2NEKDcvMzaL+SdNWQ1N/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwNTBaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzZjYxNTRhNjc0OGZkOWZlYjlkZDBlMjhkNzhkYTA5NjM4ZWQyYzg3NTEw
MmI1Yjg1YWFhYWU3OTg4ODMyOTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANq0Ijx5+DAOY+VHhu8yxNQkHW+zd1G9M9paqcrtRgh1DzJYTDng41jIrwbI
z10/bkqBbHXHmr4FotrqN8gk25oZ//W4TzOJ6bRIJKfIEKx8jJB+9UN5L6a8nU4B
73JV3vIDGSxov5JJRzthRRJ6sspEe07af3bbeur28QMyOhAFEOqePH8GQffyRKEe
WPvs3Uv+2tmDqa/1eXmDkET8ht8J4glv5Z7kiYidY5rKR1yfUWlngRoxsdQaB9jW
voXjUbb6frEjsyhR5CZWRi8Jer2XNqpbvjt4+7R+jDUOCF3rEGw7IAaJBUBzjwjm
XRUIprawyOAmlNIvMKvFER+FzN0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQLTSEh
suZCKRu8MP4uyrLabwoupjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGFiOTMwODMtMDBmNy00ODQxLThjZWYtNmI1OTI2YjZlM2Y2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4zwDAN
BgkqhkiG9w0BAQsFAAOCAQEAeaMATxeE1KHqCPADLkdpXVf+4JUrfh3JSBy9Hbz7
ZMvFJpJvZxgPR06JPWnCrdVkVZ4KF5NVdLEnZ3uh13/WQJL4ijBIutAZ89g08kk+
SsyIBdJSWcfT8eWjXfCx8y4jDfm/M9uXI4Al6J+eh1KaK3g5JRiuL6uGEE6W3VE1
Ph8A1TKp45JDJmlmnYZava7tJ+hHPrE/uCZXU4KtTmHrWwWNDULvCSQlAj/AuZrD
Y4sz891SP/RZK/oMYT/48wWd5K7+CqCxcC0oxNslgcblLGlbtmwuAUoq8Awk/aeu
lat6LYWQLwokLXwfyHUqby9Idh8fIRz3uDL1bLScK78oCQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:32:23 2026 by rpki-client