Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
File: b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa (raw, json)
Hash identifier: qPV0dLH+th5e94E95SptV1p6M4J0RPbfa2v/5yhEp20=
Subject key identifier: 43:57:99:B3:A8:F7:94:E6:8B:88:A3:61:94:5C:EC:E8:D9:AC:55:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18CE2968E0364890F2E89619C8C52176983513C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
Signing time: Tue 17 Feb 2026 03:00:11 +0000
ROA not before: Tue 17 Feb 2026 03:00:11 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:ce:29:68:e0:36:48:90:f2:e8:96:19:c8:c5:21:76:98:35:13:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:11 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=de5c7f236d2d90ddbc360989cac6f40a5cc8d93362793ccb60e56b7cf85ab998, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b1:c2:9b:90:50:56:b2:7b:75:0c:4c:92:b1:
ad:59:fe:0c:38:7d:2e:cd:82:9a:63:e4:ab:6a:e6:
fe:15:98:e4:2c:fe:72:2a:43:aa:cd:b2:4c:2c:61:
5a:2a:27:aa:7e:f3:66:d0:1b:a4:fd:71:00:25:72:
53:2f:42:f5:94:d3:5f:49:62:a6:45:06:6e:36:70:
30:c0:b6:61:49:ac:4f:62:f9:5b:9e:8e:13:cc:58:
90:45:fa:9f:2d:05:0d:57:eb:64:bb:ed:9c:46:ec:
c4:3e:3b:12:f8:45:c3:fa:2c:24:e4:96:92:30:9b:
2b:1d:48:61:29:f1:3b:94:b8:34:b1:d0:bf:b4:69:
e3:3c:27:ad:47:6d:1f:76:0c:67:0f:3b:04:2c:96:
be:9e:dd:21:60:d5:18:4f:65:48:94:50:b0:ba:3e:
ac:d2:6b:b6:c4:a9:64:c7:7d:c4:1b:5c:bc:b8:53:
b2:19:cb:11:47:84:c3:a4:fa:d5:9f:e5:47:d8:17:
21:37:20:fd:38:dc:80:95:8b:b7:89:6f:f9:a2:1c:
7a:8f:6a:3a:be:df:9e:32:49:eb:d1:4e:19:bb:5c:
3b:a7:5b:d8:92:f1:e3:14:bb:3a:0e:21:c0:f4:ef:
92:86:cc:a7:09:85:1b:08:0a:11:08:6a:06:08:67:
f2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:57:99:B3:A8:F7:94:E6:8B:88:A3:61:94:5C:EC:E8:D9:AC:55:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.240.0/20
Signature Algorithm: sha256WithRSAEncryption
6c:c4:7d:73:cc:31:21:b6:21:2d:c5:cd:0a:a7:fd:71:e0:5f:
fe:2e:b1:ae:87:ef:0f:bf:f9:c2:40:5a:8b:57:76:ca:3e:74:
ab:c2:a0:1d:b3:a8:c5:4c:e7:5b:91:1a:90:36:12:8f:89:aa:
bd:83:41:52:3a:ea:50:cd:7f:5e:6d:e4:44:d9:3f:98:45:2b:
ae:cb:17:05:ab:fc:af:19:28:e7:b7:9e:52:1e:44:52:c3:9c:
ad:25:10:35:55:70:a0:bb:50:22:fd:b1:f9:d3:9b:c3:71:7f:
b0:23:19:d6:53:de:2f:e5:a3:eb:f7:6f:7f:f4:20:53:1c:8b:
79:8b:49:ec:09:2b:b5:b5:4f:dd:36:d0:6a:21:94:c0:73:88:
26:59:1a:0b:95:e0:f7:bd:43:f0:ed:64:74:22:94:9c:01:ac:
26:34:a9:85:a8:a1:1b:f1:3a:fd:4a:bf:44:c9:64:95:b6:22:
97:24:34:7e:ca:d3:ec:06:74:20:1c:ed:1a:3b:35:f2:fa:a3:
c0:fc:9d:a8:f6:6d:e3:6b:2e:37:9f:8a:3d:90:8e:a9:64:06:
84:d2:9e:f2:7c:18:27:86:bb:1a:68:16:c0:c8:ee:f5:d4:eb:
52:5c:e4:02:53:28:22:8b:c4:13:9d:2f:d6:7d:0a:8c:78:17:
38:97:26:7e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGM4paOA2SJDy6JYZyMUhdpg1E8gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMTFaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlNWM3ZjIzNmQyZDkwZGRiYzM2MDk4OWNhYzZmNDBhNWNjOGQ5MzM2Mjc5
M2NjYjYwZTU2YjdjZjg1YWI5OTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSxwpuQUFaye3UMTJKxrVn+DDh9Ls2CmmPkq2rm/hWY5Cz+cipDqs2yTCxh
Wionqn7zZtAbpP1xACVyUy9C9ZTTX0lipkUGbjZwMMC2YUmsT2L5W56OE8xYkEX6
ny0FDVfrZLvtnEbsxD47EvhFw/osJOSWkjCbKx1IYSnxO5S4NLHQv7Rp4zwnrUdt
H3YMZw87BCyWvp7dIWDVGE9lSJRQsLo+rNJrtsSpZMd9xBtcvLhTshnLEUeEw6T6
1Z/lR9gXITcg/TjcgJWLt4lv+aIceo9qOr7fnjJJ69FOGbtcO6db2JLx4xS7Og4h
wPTvkobMpwmFGwgKEQhqBghn8v8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRDV5mz
qPeU5ouIo2GUXOzo2axVhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQ0MzYzYjktYmE0OC00OTEzLWI4YTQtOWNkMGRjMzJiYTAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4z8DAN
BgkqhkiG9w0BAQsFAAOCAQEAbMR9c8wxIbYhLcXNCqf9ceBf/i6xrofvD7/5wkBa
i1d2yj50q8KgHbOoxUznW5EakDYSj4mqvYNBUjrqUM1/Xm3kRNk/mEUrrssXBav8
rxko57eeUh5EUsOcrSUQNVVwoLtQIv2x+dObw3F/sCMZ1lPeL+Wj6/dvf/QgUxyL
eYtJ7AkrtbVP3TbQaiGUwHOIJlkaC5Xg971D8O1kdCKUnAGsJjSphaihG/E6/Uq/
RMlklbYilyQ0fsrT7AZ0IBztGjs18vqjwPydqPZt42suN5+KPZCOqWQGhNKe8nwY
J4a7GmgWwMju9dTrUlzkAlMoIovEE50v1n0KjHgXOJcmfg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:01 2026 by rpki-client