Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
File: bb73d62f-513c-4673-8547-902e7fa2148b.roa (raw, json)
Hash identifier: PBe/9/YuwIdbb+BaP97cHgToABBjmyzhEbPu+V/JRWg=
Subject key identifier: 9A:0E:18:F1:8F:2E:7B:25:A1:AB:42:AC:CB:8A:B3:8A:C1:8D:4D:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 719CCA3B164A8EF5E74448FB953457007AEAFD2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
Signing time: Tue 17 Feb 2026 03:10:11 +0000
ROA not before: Tue 17 Feb 2026 03:10:11 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:9c:ca:3b:16:4a:8e:f5:e7:44:48:fb:95:34:57:00:7a:ea:fd:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:11 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=33c1483663055f8ea27f1ce374ccbffa15e7726de451428e8e8475b1adc17785, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9b:c2:6a:fc:8f:fc:51:88:db:99:ca:53:ce:
b1:8c:ca:d1:13:f4:46:1e:a4:bb:1c:2d:d5:a6:fb:
c2:1e:9b:41:d4:db:df:cc:4d:c4:4b:28:62:3d:86:
5f:e2:5c:eb:b3:43:98:c7:19:a3:6c:e8:b5:f3:4d:
8c:e3:43:ff:13:7d:68:d4:92:1b:11:81:9b:0d:2d:
cb:51:9d:7a:1b:25:d3:e3:61:48:6c:55:d8:8c:19:
11:2f:b2:10:09:9f:95:e3:45:46:c3:30:e5:d3:29:
fb:d0:84:af:33:5c:a6:b0:1c:da:b8:97:3c:e8:b7:
53:d6:33:b0:c5:ec:54:96:09:29:81:f3:df:28:58:
49:1e:dd:f9:8e:df:6f:08:50:b3:8f:a2:72:1e:29:
98:af:bd:42:46:b6:6f:6d:2c:31:8e:9d:d5:ef:30:
24:ec:ef:35:62:e3:34:d0:e6:17:dc:ce:88:c2:39:
c9:68:f6:6e:3f:96:02:41:ce:23:2f:bc:11:d6:70:
f3:9a:88:99:50:4f:3f:4a:81:ae:33:27:73:3d:75:
95:57:87:8f:64:a9:a0:ad:aa:e7:e1:1b:d1:76:f1:
58:78:a3:bd:4c:0d:56:e3:ea:78:2f:fd:f0:41:02:
fa:43:59:f5:25:8e:d7:a7:45:bf:8a:24:f9:f5:6f:
30:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:0E:18:F1:8F:2E:7B:25:A1:AB:42:AC:CB:8A:B3:8A:C1:8D:4D:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/17
Signature Algorithm: sha256WithRSAEncryption
3c:76:e9:d9:94:f7:22:ee:37:aa:ce:73:41:d6:9c:ab:96:a4:
5e:d2:a9:bd:b9:e7:d7:e2:85:9d:d4:ea:08:bb:6e:16:c6:e3:
4e:c0:f8:bc:cc:2c:27:48:14:34:38:8c:42:ef:27:f9:2c:a7:
82:9e:cf:55:3e:43:9f:eb:83:77:5b:53:a3:81:d5:3b:a3:8a:
9a:5d:46:1e:62:bc:d3:ec:ec:3d:9e:33:3a:52:cc:a3:65:91:
85:c4:9e:54:91:02:b1:f0:71:76:66:b4:90:47:31:26:b7:a9:
4f:e1:65:a7:1b:f0:ec:f1:e4:25:ec:85:44:ce:e0:3a:5f:23:
44:ac:41:06:0e:bd:39:04:56:56:cd:84:c4:ec:a1:c2:9c:23:
5e:73:89:10:2d:7e:56:1b:b1:3e:e1:07:16:01:03:77:f8:8c:
5e:48:15:9e:04:eb:a9:d8:3e:62:7c:08:f0:f3:c1:74:12:ff:
01:de:3c:33:15:2a:0e:12:aa:dc:ff:9a:7a:74:8f:81:9f:c2:
45:d1:53:50:e4:4c:36:b2:a9:38:72:e4:c2:70:dd:44:a4:99:
c4:85:bb:0b:1a:57:45:fc:c6:ce:fc:db:1b:05:69:89:69:5c:
e1:a1:88:cd:e1:95:59:9e:b7:6c:b2:85:fd:c0:1d:1c:80:3f:
c8:4a:dd:6e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcZzKOxZKjvXnREj7lTRXAHrq/S4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMTFaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzYzE0ODM2NjMwNTVmOGVhMjdmMWNlMzc0Y2NiZmZhMTVlNzcyNmRlNDUx
NDI4ZThlODQ3NWIxYWRjMTc3ODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCbwmr8j/xRiNuZylPOsYzK0RP0Rh6kuxwt1ab7wh6bQdTb38xNxEsoYj2G
X+Jc67NDmMcZo2zotfNNjOND/xN9aNSSGxGBmw0ty1Gdehsl0+NhSGxV2IwZES+y
EAmfleNFRsMw5dMp+9CErzNcprAc2riXPOi3U9YzsMXsVJYJKYHz3yhYSR7d+Y7f
bwhQs4+ich4pmK+9Qka2b20sMY6d1e8wJOzvNWLjNNDmF9zOiMI5yWj2bj+WAkHO
Iy+8EdZw85qImVBPP0qBrjMncz11lVeHj2SpoK2q5+Eb0XbxWHijvUwNVuPqeC/9
8EEC+kNZ9SWO16dFv4ok+fVvMDcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSaDhjx
jy57JaGrQqzLirOKwY1NjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmI3M2Q2MmYtNTEzYy00NjczLTg1NDctOTAyZTdmYTIxNDhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBy6JADAN
BgkqhkiG9w0BAQsFAAOCAQEAPHbp2ZT3Iu43qs5zQdacq5akXtKpvbnn1+KFndTq
CLtuFsbjTsD4vMwsJ0gUNDiMQu8n+Syngp7PVT5Dn+uDd1tTo4HVO6OKml1GHmK8
0+zsPZ4zOlLMo2WRhcSeVJECsfBxdma0kEcxJrepT+Flpxvw7PHkJeyFRM7gOl8j
RKxBBg69OQRWVs2ExOyhwpwjXnOJEC1+VhuxPuEHFgEDd/iMXkgVngTrqdg+YnwI
8PPBdBL/Ad48MxUqDhKq3P+aenSPgZ/CRdFTUORMNrKpOHLkwnDdRKSZxIW7CxpX
RfzGzvzbGwVpiWlc4aGIzeGVWZ63bLKF/cAdHIA/yErdbg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:46:40 2026 by rpki-client