Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
File: 968c7897-1d8d-4c3a-b38e-6602ae947f34.roa (raw, json)
Hash identifier: Kdxt13nerL+pLBBMg0sLN3of04cF6RzyzvMHtuFr0S0=
Subject key identifier: 75:B5:8D:A5:0F:AA:8E:97:32:A9:AF:FD:D5:8F:6C:0B:2C:EF:A5:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66C8876092010FA67BD8BC0E4779F2933E44D4DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
Signing time: Tue 17 Feb 2026 03:10:05 +0000
ROA not before: Tue 17 Feb 2026 03:10:05 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.208.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:c8:87:60:92:01:0f:a6:7b:d8:bc:0e:47:79:f2:93:3e:44:d4:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:05 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=56e2673bc9bcf9ef3d363d42a250b41d8c90784c96738d45764780ebb602e460, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d6:d6:5e:7a:80:58:b9:ad:f3:53:71:95:31:
f2:eb:60:2e:39:c7:a2:eb:c2:51:0b:ef:bb:61:10:
25:6d:11:b5:8c:68:67:bd:97:c5:0a:d5:b0:7e:ba:
0c:57:0c:64:ff:7d:26:8c:8b:6d:b8:b0:f3:40:2b:
bc:76:1c:bf:d3:29:d4:8d:f1:03:20:37:0b:ef:9d:
7f:54:e1:38:0d:da:90:fb:93:4b:0f:c1:cf:c1:8c:
34:3c:33:f8:9d:16:3a:bf:81:73:fe:b8:22:ab:b7:
94:32:46:67:a6:10:00:24:41:65:7e:81:51:43:50:
99:84:12:07:71:21:54:34:ee:9d:84:bc:4e:b9:84:
bc:2f:a1:e9:df:12:55:4c:36:02:ce:fa:ec:a6:3e:
d5:12:76:e9:40:53:ea:9b:14:da:9f:0d:da:ab:19:
57:6b:3a:8d:aa:f2:d7:7a:98:3c:eb:91:8d:c5:5c:
71:65:27:f2:83:8f:a8:94:81:b7:79:f0:6d:ff:49:
44:b0:00:78:48:e5:03:a0:ac:e2:c8:b5:d7:d2:96:
c6:74:82:b7:a2:48:0e:a3:8f:b1:86:00:d1:a7:79:
14:4e:82:ff:11:2d:24:b4:0b:62:b7:1f:76:5b:68:
e6:b6:64:71:90:cb:0d:7e:48:ea:31:ae:7d:70:19:
e3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B5:8D:A5:0F:AA:8E:97:32:A9:AF:FD:D5:8F:6C:0B:2C:EF:A5:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.208.0/21
Signature Algorithm: sha256WithRSAEncryption
65:3c:47:c9:0e:16:a6:92:78:40:4a:61:0a:43:0f:f1:a4:a5:
18:d5:28:d8:e3:f5:3a:eb:90:a9:ec:62:18:12:86:e4:86:5a:
41:eb:30:b9:e6:67:e9:86:26:07:3f:f9:f6:5f:e0:e8:0a:cc:
4b:de:32:f2:2c:7c:ab:52:0f:5d:61:12:5b:3f:a3:a5:65:b5:
3e:d1:fb:28:9f:ee:6c:29:d3:f4:99:cf:04:22:21:48:75:16:
c4:10:c3:ed:74:7e:9f:bd:b7:3e:7e:e2:20:48:25:a5:b2:e9:
04:c2:14:a0:88:20:db:da:43:ac:8e:ae:13:fd:ae:bf:9e:21:
c0:c3:67:42:49:4b:36:74:98:fe:89:0e:80:cf:d6:4e:4e:0e:
14:f6:ef:b6:54:ac:5e:d6:87:09:e0:d2:e4:ef:2c:47:47:95:
b1:4b:a1:fe:b4:06:2f:52:0e:8a:36:24:4e:92:19:66:28:4c:
5d:b1:89:ba:6d:58:2d:56:3b:56:95:09:40:28:9d:7d:33:04:
60:9c:b6:82:fe:4e:a7:b7:c2:60:8e:1e:33:86:43:3c:b7:1c:
f1:90:35:25:b9:ba:40:25:a3:7b:7d:13:9b:d4:e0:ac:25:1a:
e6:0e:9d:dd:d8:77:44:3b:17:0a:97:7f:84:ae:a5:e1:c3:c6:
f3:e0:c6:dd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZsiHYJIBD6Z72LwOR3nykz5E1NowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMDVaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2ZTI2NzNiYzliY2Y5ZWYzZDM2M2Q0MmEyNTBiNDFkOGM5MDc4NGM5Njcz
OGQ0NTc2NDc4MGViYjYwMmU0NjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHW1l56gFi5rfNTcZUx8utgLjnHouvCUQvvu2EQJW0RtYxoZ72XxQrVsH66
DFcMZP99JoyLbbiw80ArvHYcv9Mp1I3xAyA3C++df1ThOA3akPuTSw/Bz8GMNDwz
+J0WOr+Bc/64Iqu3lDJGZ6YQACRBZX6BUUNQmYQSB3EhVDTunYS8TrmEvC+h6d8S
VUw2As767KY+1RJ26UBT6psU2p8N2qsZV2s6jary13qYPOuRjcVccWUn8oOPqJSB
t3nwbf9JRLAAeEjlA6Cs4si119KWxnSCt6JIDqOPsYYA0ad5FE6C/xEtJLQLYrcf
dlto5rZkcZDLDX5I6jGufXAZ4wkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR1tY2l
D6qOlzKpr/3Vj2wLLO+lFTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTY4Yzc4OTctMWQ4ZC00YzNhLWIzOGUtNjYwMmFlOTQ3ZjM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6J0DAN
BgkqhkiG9w0BAQsFAAOCAQEAZTxHyQ4WppJ4QEphCkMP8aSlGNUo2OP1OuuQqexi
GBKG5IZaQeswueZn6YYmBz/59l/g6ArMS94y8ix8q1IPXWESWz+jpWW1PtH7KJ/u
bCnT9JnPBCIhSHUWxBDD7XR+n723Pn7iIEglpbLpBMIUoIgg29pDrI6uE/2uv54h
wMNnQklLNnSY/okOgM/WTk4OFPbvtlSsXtaHCeDS5O8sR0eVsUuh/rQGL1IOijYk
TpIZZihMXbGJum1YLVY7VpUJQCidfTMEYJy2gv5Op7fCYI4eM4ZDPLcc8ZA1Jbm6
QCWje30Tm9TgrCUa5g6d3dh3RDsXCpd/hK6l4cPG8+DG3Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:27:41 2026 by rpki-client