Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
File: b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa (raw, json)
Hash identifier: TKSE7aToI+gJ2fgLZF6Y/73moy4gpxrGL9OJYC+J460=
Subject key identifier: 31:E5:20:A3:A8:7F:86:4F:0F:75:41:3A:02:DA:98:94:6E:C9:D8:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FF8E7B2A60A243A0F150269748DE37087751945
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
Signing time: Tue 17 Feb 2026 03:10:06 +0000
ROA not before: Tue 17 Feb 2026 03:10:06 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:f8:e7:b2:a6:0a:24:3a:0f:15:02:69:74:8d:e3:70:87:75:19:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:06 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=280e52fafcf9177735319d1983c779484502a6258f60b2e3dff9108e30a6e30b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a6:84:ff:42:d3:b7:f6:61:e8:0f:f4:98:8b:
9d:72:a5:ac:28:18:1c:a4:44:9f:f1:e2:fa:61:98:
e7:fe:98:61:bc:92:e6:5e:f1:f5:75:4e:ec:90:55:
2e:37:d3:04:23:06:c8:7b:58:9d:d2:fd:1c:db:2c:
f8:3b:94:4d:cd:23:a2:33:21:fd:60:63:e9:18:4d:
93:85:0b:9a:c5:83:64:a0:c8:23:91:07:e8:41:8c:
dc:a5:a8:19:c8:5f:67:c0:70:20:38:97:10:f9:91:
d6:fe:ab:82:d6:ee:f1:0d:0a:87:95:23:f2:32:85:
1b:0e:e1:57:bd:66:d7:15:1a:92:12:91:6a:a0:62:
2e:7d:d8:2f:14:c6:6f:80:00:dd:58:29:79:2c:4c:
3b:14:a3:8e:33:dd:5a:ef:4a:f5:9e:d6:8c:8a:36:
20:54:5c:8e:fc:d5:79:de:77:4f:2a:3b:bd:df:09:
70:93:3d:e4:97:11:59:1a:f2:7c:1f:64:8f:50:91:
af:41:4d:4a:99:f3:0b:10:d0:43:8b:8f:31:bc:b4:
00:c9:79:c0:4f:19:ba:42:bb:5f:f5:39:d6:a8:05:
dd:25:70:0f:a6:70:92:64:b8:4b:5d:a8:c5:4c:ee:
c8:50:58:49:39:0f:4b:5d:c6:73:2d:4b:63:05:14:
29:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E5:20:A3:A8:7F:86:4F:0F:75:41:3A:02:DA:98:94:6E:C9:D8:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.160.0/21
Signature Algorithm: sha256WithRSAEncryption
12:97:c3:0c:75:80:3e:4f:c2:b4:b1:0d:3d:93:e1:c5:35:0a:
28:91:2a:b1:92:c6:60:b2:1a:45:7c:94:49:f0:cf:16:c8:fe:
aa:bb:f4:4e:36:b7:32:a4:3c:08:d1:79:d1:4d:c0:34:59:07:
fa:bd:f8:af:00:79:8b:7e:af:78:45:e9:f3:b3:96:d9:a2:e4:
8d:94:80:12:ad:e9:32:6a:25:5b:9d:1a:11:0d:d6:6f:48:b9:
af:35:95:82:ce:1b:1a:4d:d1:51:5e:73:20:f7:4f:a6:1a:c1:
77:42:e9:28:fe:28:a5:d1:c1:35:bb:25:51:f4:23:57:c3:39:
28:7a:fb:c0:98:fe:fa:10:e5:71:c4:77:07:cc:1b:c5:4f:37:
10:ad:6b:36:90:30:b2:05:f3:81:f3:c3:d4:87:12:d1:fd:dc:
5c:96:74:7c:34:d9:4b:54:49:0c:6a:84:b8:33:52:f3:24:26:
ab:0a:0a:07:9e:c5:f1:08:75:4b:6b:27:0d:e8:b1:46:d2:9b:
2e:a5:56:8c:d8:3e:c4:32:90:07:a6:aa:29:97:8a:3c:2c:40:
e8:12:9d:29:10:52:0c:b2:48:9e:b9:62:ac:b2:0b:b8:ed:d9:
7f:14:c9:0e:de:9c:15:7f:3a:ac:f0:36:ca:81:9a:79:22:60:
2d:77:4f:9e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUL/jnsqYKJDoPFQJpdI3jcId1GUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMDZaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4MGU1MmZhZmNmOTE3NzczNTMxOWQxOTgzYzc3OTQ4NDUwMmE2MjU4ZjYw
YjJlM2RmZjkxMDhlMzBhNmUzMGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWmhP9C07f2YegP9JiLnXKlrCgYHKREn/Hi+mGY5/6YYbyS5l7x9XVO7JBV
LjfTBCMGyHtYndL9HNss+DuUTc0jojMh/WBj6RhNk4ULmsWDZKDII5EH6EGM3KWo
GchfZ8BwIDiXEPmR1v6rgtbu8Q0Kh5Uj8jKFGw7hV71m1xUakhKRaqBiLn3YLxTG
b4AA3VgpeSxMOxSjjjPdWu9K9Z7WjIo2IFRcjvzVed53Tyo7vd8JcJM95JcRWRry
fB9kj1CRr0FNSpnzCxDQQ4uPMby0AMl5wE8ZukK7X/U51qgF3SVwD6ZwkmS4S12o
xUzuyFBYSTkPS13Gcy1LYwUUKRMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQx5SCj
qH+GTw91QToC2piUbsnY9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjczMGVlZjAtYmI5NC00ZDMxLWJmOWEtYzBmYjlhNDdiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4zoDAN
BgkqhkiG9w0BAQsFAAOCAQEAEpfDDHWAPk/CtLENPZPhxTUKKJEqsZLGYLIaRXyU
SfDPFsj+qrv0Tja3MqQ8CNF50U3ANFkH+r34rwB5i36veEXp87OW2aLkjZSAEq3p
MmolW50aEQ3Wb0i5rzWVgs4bGk3RUV5zIPdPphrBd0LpKP4opdHBNbslUfQjV8M5
KHr7wJj++hDlccR3B8wbxU83EK1rNpAwsgXzgfPD1IcS0f3cXJZ0fDTZS1RJDGqE
uDNS8yQmqwoKB57F8Qh1S2snDeixRtKbLqVWjNg+xDKQB6aqKZeKPCxA6BKdKRBS
DLJInrlirLILuO3ZfxTJDt6cFX86rPA2yoGaeSJgLXdPng==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:01:31 2026 by rpki-client