Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
File: b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa (raw, json)
Hash identifier: r5cmJa9wxdwutU/mYeVWcRnjBbDf0hmozqdsMYyjq2M=
Subject key identifier: 4C:10:13:7C:2F:A8:D0:BE:0E:81:E5:74:37:20:89:C4:67:0B:9E:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D6C167A7364DFB61306D49B9AB5D1CE14CFFB2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
Signing time: Tue 17 Feb 2026 03:10:26 +0000
ROA not before: Tue 17 Feb 2026 03:10:26 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:6c:16:7a:73:64:df:b6:13:06:d4:9b:9a:b5:d1:ce:14:cf:fb:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:26 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=55e95780bbb3014473b5f7385503a7d0b2d8a5e573dac579cd7d9e7c19b9f9d7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:36:15:9e:c7:db:7c:28:33:45:6c:9d:a5:e8:
2b:d6:da:28:d5:d2:71:f6:b6:d8:81:e1:02:8b:90:
6b:2d:07:20:f0:b9:cc:e9:e9:e4:64:64:99:10:be:
80:da:fd:4d:6c:87:55:0a:e0:ac:19:22:59:e2:8b:
e6:3c:fe:a6:c5:b3:33:58:d1:0d:17:42:b9:44:5b:
35:3c:a2:7a:41:bf:c0:05:7b:6a:3f:03:44:e2:7d:
be:9f:fb:6a:7e:16:a9:b9:bb:f2:b9:4d:fb:c5:4d:
40:99:6a:ae:90:19:b3:d4:c9:27:ca:ab:06:a8:95:
de:06:09:15:a1:f8:2a:92:da:ee:5f:ce:81:ae:5f:
cb:79:1b:d1:98:b3:02:f0:62:b2:3d:f1:b1:4d:46:
72:5f:ae:b6:3f:ad:7a:e9:59:48:e0:eb:8c:7d:bb:
fd:1b:b8:97:57:d3:82:4e:3a:14:31:f2:8e:ad:38:
4b:84:07:63:b6:76:23:ac:05:80:d8:4b:76:22:a3:
4f:4d:4f:1c:7c:80:37:6a:0d:e0:33:5e:21:e8:d1:
03:c1:63:16:71:53:bd:d8:6a:bb:3f:8a:04:a7:b5:
45:83:20:7d:9b:46:c7:04:54:aa:71:9b:3e:30:9e:
6b:78:b7:19:22:5f:b0:19:45:54:45:40:43:d2:9b:
b4:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:10:13:7C:2F:A8:D0:BE:0E:81:E5:74:37:20:89:C4:67:0B:9E:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.156.0/22
Signature Algorithm: sha256WithRSAEncryption
99:24:e5:1b:74:9e:9d:90:2d:c6:68:0d:9f:2c:5b:63:7e:b3:
c6:9e:df:1e:2f:f6:71:ff:69:44:ef:f3:82:61:09:2b:04:ff:
29:e1:5d:96:ae:46:30:98:14:63:ee:dd:4e:cc:b1:ed:5d:3a:
8d:9c:4e:4b:c5:86:47:6d:ca:5d:95:32:cf:a1:6f:74:c6:be:
01:3d:08:78:4a:d6:a7:83:65:65:2b:4d:4d:f8:0a:a1:d3:eb:
21:3f:2c:e6:b0:c0:52:e8:41:b9:5e:1d:d2:55:6b:8d:06:ee:
f7:b9:f8:2d:28:67:7c:bb:f6:4d:a8:da:38:9a:75:74:2b:a6:
09:32:c5:8a:86:ab:0e:b2:32:97:86:7a:a7:c1:05:dc:db:f7:
53:dc:05:b8:b7:2c:e5:5f:d1:3a:20:2d:de:54:c3:f8:9c:3d:
09:3c:36:cc:e1:79:0e:ec:66:d7:22:bd:6d:71:3e:44:bf:61:
ca:7c:56:f3:9c:c5:ce:9f:0d:63:15:fc:9b:3a:1d:1b:51:e0:
b3:01:e0:d1:11:d5:56:c1:ba:78:e7:90:21:07:91:dd:8d:a6:
b1:3e:37:a6:02:0d:fb:bc:db:fa:30:64:9c:08:a7:57:5b:be:
65:cc:de:ec:83:85:f9:44:aa:ef:c2:9c:c8:13:9a:2a:36:16:
92:c9:ae:08
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbWwWenNk37YTBtSbmrXRzhTP+y4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMjZaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1ZTk1NzgwYmJiMzAxNDQ3M2I1ZjczODU1MDNhN2QwYjJkOGE1ZTU3M2Rh
YzU3OWNkN2Q5ZTdjMTliOWY5ZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALU2FZ7H23woM0VsnaXoK9baKNXScfa22IHhAouQay0HIPC5zOnp5GRkmRC+
gNr9TWyHVQrgrBkiWeKL5jz+psWzM1jRDRdCuURbNTyiekG/wAV7aj8DROJ9vp/7
an4Wqbm78rlN+8VNQJlqrpAZs9TJJ8qrBqiV3gYJFaH4KpLa7l/Oga5fy3kb0Ziz
AvBisj3xsU1Gcl+utj+teulZSODrjH27/Ru4l1fTgk46FDHyjq04S4QHY7Z2I6wF
gNhLdiKjT01PHHyAN2oN4DNeIejRA8FjFnFTvdhquz+KBKe1RYMgfZtGxwRUqnGb
PjCea3i3GSJfsBlFVEVAQ9KbtBcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRMEBN8
L6jQvg6B5XQ3IInEZwueWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjllODUxNzQtMmZmZC00YjkzLTgzNTctMWUyYmE4NTQ0OWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JnDAN
BgkqhkiG9w0BAQsFAAOCAQEAmSTlG3SenZAtxmgNnyxbY36zxp7fHi/2cf9pRO/z
gmEJKwT/KeFdlq5GMJgUY+7dTsyx7V06jZxOS8WGR23KXZUyz6FvdMa+AT0IeErW
p4NlZStNTfgKodPrIT8s5rDAUuhBuV4d0lVrjQbu97n4LShnfLv2TajaOJp1dCum
CTLFioarDrIyl4Z6p8EF3Nv3U9wFuLcs5V/ROiAt3lTD+Jw9CTw2zOF5Duxm1yK9
bXE+RL9hynxW85zFzp8NYxX8mzodG1HgswHg0RHVVsG6eOeQIQeR3Y2msT43pgIN
+7zb+jBknAinV1u+Zcze7IOF+USq78KcyBOaKjYWksmuCA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:00:30 2026 by rpki-client