Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
File: 9c3be55c-de0f-4901-938e-229a296fa31f.roa (raw, json)
Hash identifier: sGtRenB5nhuHsooGIWuErgJddgpmWe1UpokMXyktPKY=
Subject key identifier: F4:10:F0:A6:12:F9:24:C4:A6:87:04:F0:30:69:F4:C1:04:A1:51:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D02F03AE57C0D614E7972509CF3E3CA6F75AFFE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
Signing time: Tue 17 Feb 2026 03:00:11 +0000
ROA not before: Tue 17 Feb 2026 03:00:11 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.168.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:02:f0:3a:e5:7c:0d:61:4e:79:72:50:9c:f3:e3:ca:6f:75:af:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:11 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=a2023d49a907757b887427486890514a04ebdd872cbd4362a363b5b803342cf9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:25:ed:dc:c5:8f:6c:d2:fa:04:84:aa:55:f4:
1e:ad:5c:32:a8:87:be:2f:b1:87:ce:bc:17:34:ed:
a0:a8:56:e5:ed:48:22:32:de:0f:b8:75:52:ca:01:
35:4d:4c:0d:97:02:97:71:2d:a3:b3:d3:14:42:55:
b6:41:ae:82:db:00:d5:b2:12:a6:87:57:5c:60:98:
ba:0b:d4:e1:65:07:65:7a:8e:73:ba:58:08:fc:2f:
74:4a:77:53:3f:54:c0:f8:9f:7f:5c:83:d1:1d:c9:
74:46:e6:11:81:9e:28:a5:bf:5e:0a:5e:67:d3:53:
12:cf:4e:e1:04:5d:9d:8b:d5:3e:6d:31:43:ea:3e:
5c:96:7a:fc:c5:35:79:fa:c8:68:29:78:6d:18:f2:
93:e3:bd:61:2c:fd:91:dd:f3:91:5e:34:80:1c:b9:
7d:4a:f5:5d:b0:e5:41:20:5f:81:b5:13:9e:7b:b4:
64:ae:39:05:ea:8b:0b:e7:94:f3:40:44:8a:bb:9c:
ba:cf:2f:bf:f6:25:50:d8:3e:75:b0:93:50:0b:f2:
a7:8e:ef:83:59:9b:f7:8c:c6:75:56:88:55:67:b3:
5d:bd:44:c5:43:6a:47:92:f4:9e:6e:3a:82:05:00:
e1:67:ed:23:3a:82:dd:37:69:ff:5d:13:0b:2d:ba:
ce:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:10:F0:A6:12:F9:24:C4:A6:87:04:F0:30:69:F4:C1:04:A1:51:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.168.0/23
Signature Algorithm: sha256WithRSAEncryption
52:1f:a9:14:d8:cb:f2:3d:d4:cb:36:d8:39:87:f2:e9:4e:f7:
94:35:ba:9e:c1:0b:e1:62:e6:a1:87:1a:16:53:3a:e6:09:85:
4f:9d:bf:03:29:20:49:6f:d5:ea:01:eb:53:30:bd:e1:86:89:
47:8b:bc:10:b8:cd:48:18:08:16:2c:ec:77:98:f9:1c:e1:8d:
04:cc:6b:0d:d4:3b:4d:8b:85:bf:c2:49:5b:a6:c4:ef:05:17:
4c:1e:bf:4c:d9:7e:fb:5e:27:16:d9:32:9f:65:de:92:c9:f8:
02:05:34:56:31:05:9a:37:03:b8:1e:d5:df:00:d7:3d:0c:6a:
c2:e5:bd:ad:68:ef:1e:24:df:74:9a:cc:70:8c:43:94:1b:af:
79:bd:93:ca:15:d9:9c:ff:bd:d3:17:5f:97:d4:a5:e0:7a:a9:
b8:96:20:0b:89:ef:2b:7b:f2:54:ad:88:5c:6a:d6:aa:11:ed:
88:8f:36:7e:4b:55:6f:71:a7:ea:ea:a5:66:15:4b:67:77:a4:
42:19:9e:70:9e:bb:78:e4:87:b6:22:27:6c:54:1e:e5:04:f3:
a4:4f:ff:61:ca:3d:2f:8c:bf:9a:24:e6:0b:a4:ab:86:60:21:
65:8f:76:66:03:e3:97:2e:f6:af:dc:d4:a3:ff:62:95:44:67:
d6:4f:b6:8b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHQLwOuV8DWFOeXJQnPPjym91r/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMTFaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyMDIzZDQ5YTkwNzc1N2I4ODc0Mjc0ODY4OTA1MTRhMDRlYmRkODcyY2Jk
NDM2MmEzNjNiNWI4MDMzNDJjZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwl7dzFj2zS+gSEqlX0Hq1cMqiHvi+xh868FzTtoKhW5e1IIjLeD7h1UsoB
NU1MDZcCl3Eto7PTFEJVtkGugtsA1bISpodXXGCYugvU4WUHZXqOc7pYCPwvdEp3
Uz9UwPiff1yD0R3JdEbmEYGeKKW/XgpeZ9NTEs9O4QRdnYvVPm0xQ+o+XJZ6/MU1
efrIaCl4bRjyk+O9YSz9kd3zkV40gBy5fUr1XbDlQSBfgbUTnnu0ZK45BeqLC+eU
80BEirucus8vv/YlUNg+dbCTUAvyp47vg1mb94zGdVaIVWezXb1ExUNqR5L0nm46
ggUA4WftIzqC3Tdp/10TCy26zvECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT0EPCm
EvkkxKaHBPAwafTBBKFRGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWMzYmU1NWMtZGUwZi00OTAxLTkzOGUtMjI5YTI5NmZhMzFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS6JqDAN
BgkqhkiG9w0BAQsFAAOCAQEAUh+pFNjL8j3UyzbYOYfy6U73lDW6nsEL4WLmoYca
FlM65gmFT52/AykgSW/V6gHrUzC94YaJR4u8ELjNSBgIFizsd5j5HOGNBMxrDdQ7
TYuFv8JJW6bE7wUXTB6/TNl++14nFtkyn2Xeksn4AgU0VjEFmjcDuB7V3wDXPQxq
wuW9rWjvHiTfdJrMcIxDlBuveb2TyhXZnP+90xdfl9Sl4HqpuJYgC4nvK3vyVK2I
XGrWqhHtiI82fktVb3Gn6uqlZhVLZ3ekQhmecJ67eOSHtiInbFQe5QTzpE//Yco9
L4y/miTmC6SrhmAhZY92ZgPjly72r9zUo/9ilURn1k+2iw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:38 2026 by rpki-client