Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
File: a472a17f-cded-45fb-a444-3393023f0b36.roa (raw, json)
Hash identifier: dOQcKxKss5SO4/MVKiRrIEiCkgXqDmX7dDLCWcp6UYE=
Subject key identifier: 9F:92:E0:CE:86:79:BA:D8:C7:3A:18:69:B2:D4:99:E4:C3:58:E3:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10D44611FD5DDCB9BD5D6DEA59C2A3D3E6563CD6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
Signing time: Tue 17 Feb 2026 03:10:04 +0000
ROA not before: Tue 17 Feb 2026 03:10:04 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:d4:46:11:fd:5d:dc:b9:bd:5d:6d:ea:59:c2:a3:d3:e6:56:3c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:04 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=3a4161c3dc0b0b20af8239c4195a11f3b7013e818ba6d965c9303070c64fe07e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:67:f1:62:81:21:88:f3:53:8e:c3:23:a5:55:
35:95:3b:6f:bb:4f:5a:7f:d6:a2:1c:8d:8c:a8:b0:
38:08:d7:6f:53:1b:63:3f:19:a0:64:46:aa:88:40:
bd:46:1f:b8:4a:74:ea:aa:c3:35:31:4a:f3:83:38:
3c:e5:30:d4:d7:02:27:aa:94:b5:20:86:0b:1f:6c:
76:11:aa:05:59:33:88:eb:b9:40:ad:28:81:cd:6e:
db:02:5a:6a:2b:6c:a3:c2:80:b4:a1:96:28:cf:81:
bb:a6:b8:fc:e5:29:6e:b6:ab:ac:43:bc:e1:cd:ee:
a0:ff:56:54:1b:73:8b:57:04:27:e6:3e:3b:eb:69:
ee:26:46:40:a5:74:d0:4c:09:0b:0b:4b:99:78:ed:
70:19:4d:17:5c:14:5e:e6:17:84:4c:b5:82:b0:35:
69:d2:17:d1:41:f8:71:ab:1b:4e:9d:6a:1c:30:45:
f0:c5:cd:93:78:f1:3d:ea:de:62:55:a7:05:04:44:
37:b2:ea:b0:29:58:e3:fc:6a:00:9f:4a:fd:90:67:
5d:83:06:ef:3f:97:78:92:9a:71:f3:8a:a2:48:29:
21:14:5e:ab:f8:1e:8c:93:f1:b5:12:0f:dc:2d:cf:
81:60:7f:3e:ad:ba:5a:4a:da:79:8c:0b:23:27:0f:
9d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:92:E0:CE:86:79:BA:D8:C7:3A:18:69:B2:D4:99:E4:C3:58:E3:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
35:a7:10:47:43:e8:05:be:c0:e4:78:93:ca:08:24:b8:e3:36:
80:cb:fb:f9:8e:f2:67:3a:d0:25:13:66:c1:6b:bb:cf:ea:38:
a6:16:21:85:eb:32:a2:bf:2d:88:47:6e:5e:a3:23:e5:70:a5:
92:03:9a:09:9b:43:26:21:3e:28:fc:8a:4b:f4:ed:14:28:b3:
66:68:ab:e8:72:31:96:27:da:92:b4:7b:2f:8a:fb:3e:04:bf:
72:d6:73:c6:9b:39:8f:60:01:dc:08:45:cf:2c:3e:1b:04:0a:
ad:0f:c7:48:a9:4b:25:ed:bc:7b:f7:8e:61:8c:98:ba:5f:ff:
31:c6:8d:bb:fc:82:e6:8a:f8:31:e9:62:37:c5:d7:c0:93:c1:
ad:62:71:c4:4f:cc:25:71:91:33:01:5f:63:e4:d9:ab:65:a4:
b6:ee:be:c3:0e:b7:b8:60:11:90:d1:aa:b9:e2:20:8b:03:95:
67:26:91:c4:38:31:a9:28:3f:cf:14:e6:15:5c:4e:90:92:8f:
5a:fd:4b:eb:80:1e:3c:72:39:fa:98:fe:58:b3:9a:4d:d3:78:
2f:5c:a0:c6:f3:99:59:cc:84:8d:2a:c0:15:db:58:c9:f0:56:
04:e0:e9:8c:ea:24:60:86:5c:a7:e7:aa:83:0b:ad:26:ab:6a:
7d:01:6c:eb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUENRGEf1d3Lm9XW3qWcKj0+ZWPNYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMDRaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhNDE2MWMzZGMwYjBiMjBhZjgyMzljNDE5NWExMWYzYjcwMTNlODE4YmE2
ZDk2NWM5MzAzMDcwYzY0ZmUwN2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAONn8WKBIYjzU47DI6VVNZU7b7tPWn/WohyNjKiwOAjXb1MbYz8ZoGRGqohA
vUYfuEp06qrDNTFK84M4POUw1NcCJ6qUtSCGCx9sdhGqBVkziOu5QK0ogc1u2wJa
aitso8KAtKGWKM+Bu6a4/OUpbrarrEO84c3uoP9WVBtzi1cEJ+Y+O+tp7iZGQKV0
0EwJCwtLmXjtcBlNF1wUXuYXhEy1grA1adIX0UH4casbTp1qHDBF8MXNk3jxPere
YlWnBQREN7LqsClY4/xqAJ9K/ZBnXYMG7z+XeJKacfOKokgpIRReq/gejJPxtRIP
3C3PgWB/Pq26WkraeYwLIycPncUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSfkuDO
hnm62Mc6GGmy1Jnkw1jjcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQ3MmExN2YtY2RlZC00NWZiLWE0NDQtMzM5MzAyM2YwYjM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEANacQR0PoBb7A5HiTyggkuOM2gMv7+Y7yZzrQJRNm
wWu7z+o4phYhhesyor8tiEduXqMj5XClkgOaCZtDJiE+KPyKS/TtFCizZmir6HIx
lifakrR7L4r7PgS/ctZzxps5j2AB3AhFzyw+GwQKrQ/HSKlLJe28e/eOYYyYul//
McaNu/yC5or4MeliN8XXwJPBrWJxxE/MJXGRMwFfY+TZq2Wktu6+ww63uGARkNGq
ueIgiwOVZyaRxDgxqSg/zxTmFVxOkJKPWv1L64AePHI5+pj+WLOaTdN4L1ygxvOZ
WcyEjSrAFdtYyfBWBODpjOokYIZcp+eqgwutJqtqfQFs6w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:22 2026 by rpki-client