Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
File: b1697edb-eb6c-486d-a5cc-c22724b14f96.roa (raw, json)
Hash identifier: NsZQTqIakQE6VdSmGypkoXNfcUGIWueTnr5FAQjRMq0=
Subject key identifier: E0:BB:B9:14:DF:94:97:11:47:5E:FA:7E:40:EB:90:7A:D3:BE:7B:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43C74E366A2D77D341C6916643E7D3E3D744EDBB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
Signing time: Tue 17 Feb 2026 03:00:09 +0000
ROA not before: Tue 17 Feb 2026 03:00:09 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:c7:4e:36:6a:2d:77:d3:41:c6:91:66:43:e7:d3:e3:d7:44:ed:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:09 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=079d159a69c08cc1eb95b4100348703127e7ec4c5d5ded82083a5b0f59d922c1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2e:ba:be:57:95:01:2c:48:74:e9:c4:a4:bc:
2a:83:4e:f1:bd:02:c1:1b:f3:2f:a9:58:94:a0:68:
94:e5:1c:d6:54:e8:97:5e:de:2e:0b:fc:5a:79:bb:
12:40:3e:d6:62:98:cf:f3:4c:e8:e2:9c:02:dc:a0:
0e:3e:65:c6:9c:22:dc:45:ce:cb:07:ad:a4:10:83:
a9:ed:93:bc:5e:b1:b7:08:21:a9:43:95:50:db:11:
45:dd:7d:5a:7b:e9:9b:42:22:94:2a:eb:9b:e1:72:
46:7e:c2:24:84:8c:d2:bb:35:89:4b:27:5f:e8:bc:
81:bf:d3:88:aa:bb:00:9d:be:3d:00:bb:00:42:24:
92:b6:89:c6:20:9f:d1:e8:b6:39:1b:6d:12:c2:bb:
10:a0:5c:d1:8a:50:c0:98:dc:44:33:bc:60:fa:22:
36:70:2c:e8:ef:c0:f1:9e:70:fa:2d:b0:99:8b:8b:
2d:ce:d9:5a:3c:01:41:86:6a:5f:9e:f8:58:31:be:
08:3e:1e:fc:ae:de:6f:03:21:81:09:7e:70:6c:69:
67:6e:99:31:9c:a4:f4:1b:08:04:70:85:29:3f:c9:
2e:d1:2c:22:af:b7:9d:32:44:81:98:7a:ef:ce:f3:
2a:96:5d:6d:ae:cf:ad:49:5f:09:0d:fd:ea:57:d1:
3a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:BB:B9:14:DF:94:97:11:47:5E:FA:7E:40:EB:90:7A:D3:BE:7B:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.170.0/24
Signature Algorithm: sha256WithRSAEncryption
87:e6:64:73:eb:50:65:cd:e2:81:0c:29:79:7a:28:f8:60:a9:
3a:17:a5:b1:1d:04:94:b6:37:34:58:84:49:66:68:91:73:83:
db:4c:b7:f5:68:6b:c3:50:7e:f0:51:45:a6:27:4c:be:68:4e:
36:0e:f6:32:40:3e:65:7d:83:1f:19:0d:90:0d:a1:7c:55:28:
d7:02:db:c0:77:13:51:b1:f7:b2:cc:ae:75:ef:52:ac:44:0d:
bf:4b:a4:b6:20:6f:2e:43:a9:f5:1c:af:50:be:10:16:00:9b:
65:86:c4:40:d7:84:3d:c5:ac:b8:6a:c9:69:cc:2a:22:1a:a6:
7d:ef:70:96:fc:0a:01:0b:cb:c4:fb:dc:af:c9:6e:26:f7:b5:
3c:e8:40:57:6d:2a:55:73:5d:dd:49:67:fb:dd:d7:4c:c4:63:
97:9c:88:64:0a:1e:36:ea:ce:77:0d:81:03:78:e7:19:5f:6e:
40:a0:4f:8e:a4:a5:62:95:44:c7:83:50:6d:11:41:75:cf:49:
47:ba:81:62:31:40:68:eb:43:ff:ad:2f:55:dc:be:54:5e:3b:
f1:91:27:25:b1:7d:dc:3a:1c:97:03:a5:23:cf:86:1f:4f:a5:
b1:60:9f:55:6f:62:c6:a5:2e:11:74:1b:f4:48:3f:43:0f:6c:
50:86:b9:85
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQ8dONmotd9NBxpFmQ+fT49dE7bswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMDlaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3OWQxNTlhNjljMDhjYzFlYjk1YjQxMDAzNDg3MDMxMjdlN2VjNGM1ZDVk
ZWQ4MjA4M2E1YjBmNTlkOTIyYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQuur5XlQEsSHTpxKS8KoNO8b0CwRvzL6lYlKBolOUc1lTol17eLgv8Wnm7
EkA+1mKYz/NM6OKcAtygDj5lxpwi3EXOywetpBCDqe2TvF6xtwghqUOVUNsRRd19
Wnvpm0IilCrrm+FyRn7CJISM0rs1iUsnX+i8gb/TiKq7AJ2+PQC7AEIkkraJxiCf
0ei2ORttEsK7EKBc0YpQwJjcRDO8YPoiNnAs6O/A8Z5w+i2wmYuLLc7ZWjwBQYZq
X574WDG+CD4e/K7ebwMhgQl+cGxpZ26ZMZyk9BsIBHCFKT/JLtEsIq+3nTJEgZh6
787zKpZdba7PrUlfCQ396lfROl0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTgu7kU
35SXEUde+n5A65B60757xzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE2OTdlZGItZWI2Yy00ODZkLWE1Y2MtYzIyNzI0YjE0Zjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC6JqjAN
BgkqhkiG9w0BAQsFAAOCAQEAh+Zkc+tQZc3igQwpeXoo+GCpOhelsR0ElLY3NFiE
SWZokXOD20y39Whrw1B+8FFFpidMvmhONg72MkA+ZX2DHxkNkA2hfFUo1wLbwHcT
UbH3ssyude9SrEQNv0uktiBvLkOp9RyvUL4QFgCbZYbEQNeEPcWsuGrJacwqIhqm
fe9wlvwKAQvLxPvcr8luJve1POhAV20qVXNd3Uln+93XTMRjl5yIZAoeNurOdw2B
A3jnGV9uQKBPjqSlYpVEx4NQbRFBdc9JR7qBYjFAaOtD/60vVdy+VF478ZEnJbF9
3DoclwOlI8+GH0+lsWCfVW9ixqUuEXQb9Eg/Qw9sUIa5hQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:07 2026 by rpki-client