Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
File: 9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa (raw, json)
Hash identifier: sg0nq6qFGt3V4PoGVUWbzKR7UaSEEm7lcRllcNt0pjE=
Subject key identifier: 2F:8F:A1:59:DB:77:23:F1:57:6C:7D:48:B1:55:5E:BE:60:24:F8:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69183280A250DFEDB52083F9D99A57DC08D9D3F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
Signing time: Tue 17 Feb 2026 03:00:48 +0000
ROA not before: Tue 17 Feb 2026 03:00:48 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:18:32:80:a2:50:df:ed:b5:20:83:f9:d9:9a:57:dc:08:d9:d3:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:48 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=e789e1707d650ce57a94e470c12d9f1171b4d0ba545d6979facb57c4adbacd50, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:25:1d:9b:f7:2b:99:b6:49:87:ea:43:ea:04:
c8:ea:c2:0f:f3:02:82:c6:d9:df:ca:d5:56:34:fc:
d2:19:9e:ca:fe:65:50:34:eb:c3:24:85:33:41:88:
7c:6f:af:a3:13:8f:74:36:c2:78:aa:d3:b3:ad:32:
99:6c:18:3d:52:cb:4a:02:84:8f:ad:47:1b:d6:3e:
10:61:d1:ef:1e:ab:cc:49:a6:0e:83:6d:a5:cc:ef:
f2:07:9a:6f:99:da:09:81:28:91:cd:31:2c:b3:2d:
b6:5d:d1:dd:bc:71:59:11:b1:bc:b2:6c:c5:ef:85:
ad:01:d5:9f:1d:f7:90:28:11:d6:9c:1f:f5:a3:51:
77:54:d1:f1:b7:2c:91:bc:65:2a:78:c7:92:66:a8:
e4:85:07:d4:51:74:60:c3:27:0e:50:3d:6a:16:a4:
72:dc:95:8f:d3:65:ef:4f:40:06:3a:f1:0a:59:72:
1e:06:e4:4d:95:f8:f5:ee:bc:35:5d:81:5e:68:df:
24:86:3d:f9:14:a9:46:46:df:fe:c4:0d:8d:23:10:
ce:c2:fa:a6:f5:c3:76:f5:f9:f8:24:41:fe:e8:05:
e3:c6:e8:c1:58:a0:3b:01:73:96:4a:d4:1f:80:b3:
16:22:25:70:18:66:d8:f6:6c:7f:25:43:aa:c0:9d:
9d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:8F:A1:59:DB:77:23:F1:57:6C:7D:48:B1:55:5E:BE:60:24:F8:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/21
Signature Algorithm: sha256WithRSAEncryption
9e:de:b3:11:cc:25:17:bc:95:ac:1a:32:e4:25:fe:44:08:0f:
ce:1c:11:b9:6d:df:e3:6e:be:e7:5f:e3:88:d2:a7:2c:32:4a:
6f:6a:5b:ed:a6:73:0c:28:af:b7:e0:78:7b:a4:99:e6:48:9b:
5e:69:f7:88:79:90:e9:1c:8b:87:31:71:38:28:80:b0:85:b0:
f1:05:ff:de:f6:6c:48:e6:27:08:f0:96:96:91:62:d9:ca:58:
c5:99:c6:5f:a6:c3:fc:84:e9:7b:c6:b4:83:b6:28:4b:31:35:
df:f7:5b:a9:ab:ff:0f:24:ac:ca:b9:68:dd:67:9f:0b:27:ba:
eb:70:b3:ff:aa:65:08:5a:14:ed:5e:0f:36:2a:ba:91:ac:e1:
7d:a1:d7:2e:f6:b0:f9:9a:cd:7a:89:35:91:af:86:4f:6c:5e:
34:e9:02:4a:67:d6:3d:7c:e3:64:e3:ae:bc:ac:10:c7:ed:dd:
19:1a:02:fd:bd:85:d6:d4:95:c5:c4:f0:2c:9b:69:44:e7:d1:
78:e3:ca:e7:76:83:83:38:3d:55:06:db:36:c5:d5:30:8f:e9:
23:4d:d7:bb:a2:27:b4:0b:b4:db:f7:fd:01:28:db:9e:e8:f8:
fc:b7:df:0f:15:e5:3a:15:ea:16:30:df:eb:eb:41:f1:11:fd:
5e:23:54:3f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaRgygKJQ3+21IIP52ZpX3AjZ0/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwNDhaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3ODllMTcwN2Q2NTBjZTU3YTk0ZTQ3MGMxMmQ5ZjExNzFiNGQwYmE1NDVk
Njk3OWZhY2I1N2M0YWRiYWNkNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYlHZv3K5m2SYfqQ+oEyOrCD/MCgsbZ38rVVjT80hmeyv5lUDTrwySFM0GI
fG+voxOPdDbCeKrTs60ymWwYPVLLSgKEj61HG9Y+EGHR7x6rzEmmDoNtpczv8gea
b5naCYEokc0xLLMttl3R3bxxWRGxvLJsxe+FrQHVnx33kCgR1pwf9aNRd1TR8bcs
kbxlKnjHkmao5IUH1FF0YMMnDlA9ahakctyVj9Nl709ABjrxCllyHgbkTZX49e68
NV2BXmjfJIY9+RSpRkbf/sQNjSMQzsL6pvXDdvX5+CRB/ugF48bowVigOwFzlkrU
H4CzFiIlcBhm2PZsfyVDqsCdnX8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQvj6FZ
23cj8VdsfUixVV6+YCT4hDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTgzNGExMmEtYTVkOS00Y2FhLWFlMDktYjFlMzMyMzU5NmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAnt6zEcwlF7yVrBoy5CX+RAgPzhwRuW3f426+51/j
iNKnLDJKb2pb7aZzDCivt+B4e6SZ5kibXmn3iHmQ6RyLhzFxOCiAsIWw8QX/3vZs
SOYnCPCWlpFi2cpYxZnGX6bD/ITpe8a0g7YoSzE13/dbqav/DySsyrlo3WefCye6
63Cz/6plCFoU7V4PNiq6kazhfaHXLvaw+ZrNeok1ka+GT2xeNOkCSmfWPXzjZOOu
vKwQx+3dGRoC/b2F1tSVxcTwLJtpROfReOPK53aDgzg9VQbbNsXVMI/pI03Xu6In
tAu02/f9ASjbnuj4/LffDxXlOhXqFjDf6+tB8RH9XiNUPw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:55:39 2026 by rpki-client