Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
File: bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa (raw, json)
Hash identifier: q/owS9pTlLvAWIUBPrwLqCLHDjXJk/wwnx6G8NwdrCk=
Subject key identifier: 81:57:D7:2A:0B:2A:12:4D:9B:24:22:38:3E:4E:EB:52:BD:2B:A6:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14D92C06599F4D663C95BA6E1A0A99F274E52FE1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
Signing time: Tue 17 Feb 2026 03:10:09 +0000
ROA not before: Tue 17 Feb 2026 03:10:09 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:d9:2c:06:59:9f:4d:66:3c:95:ba:6e:1a:0a:99:f2:74:e5:2f:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:09 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=48ae9fdfa3d2aee46e46942c0688831ff8c7f0ea6b8c301603681730f3a860a5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:13:3d:70:0c:f7:f2:d9:32:26:64:82:3e:78:
85:c5:5c:68:62:95:70:d1:1d:d4:ff:be:77:d8:a1:
63:ad:57:1b:c6:11:ce:c4:dd:2f:f8:f8:53:89:02:
2c:1e:a6:a3:8b:30:dc:ea:02:c9:07:ac:54:e0:f4:
58:dc:11:cd:46:89:94:33:fd:bf:69:e0:34:ec:29:
53:11:03:b1:80:19:b5:a0:a8:6c:f5:1b:03:97:ba:
b2:75:0d:a0:e7:fe:2b:9f:40:01:d3:c5:1f:71:c2:
ba:31:3f:7c:4b:cf:c3:0c:34:10:33:8b:5c:c0:19:
6b:d7:34:60:73:8c:47:55:bd:fa:33:22:ae:bd:08:
e4:90:10:0d:b9:c5:41:6a:59:77:81:1e:98:cc:ab:
f5:86:b6:8f:ad:74:be:66:dc:29:5e:0b:cd:e1:08:
7d:cb:ad:55:89:2f:e1:f0:3b:c1:9b:17:3a:73:d3:
e8:fe:18:1f:50:df:d6:24:34:43:b4:91:cb:3e:27:
30:f5:67:2f:11:b5:13:1c:49:d3:e0:a9:87:15:c6:
28:ac:34:9b:33:94:23:8e:e9:76:70:cc:3e:c0:b2:
05:24:14:fa:13:67:78:0c:b5:a0:a2:64:08:81:42:
98:11:d9:d6:4c:eb:5c:52:fb:d6:3b:e1:a4:77:cd:
c5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:57:D7:2A:0B:2A:12:4D:9B:24:22:38:3E:4E:EB:52:BD:2B:A6:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.204.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:a1:7f:05:43:66:f9:b7:d0:c8:37:3e:8a:de:83:b1:67:9f:
85:8a:d2:0d:5f:8f:43:b0:db:88:b5:80:84:76:4e:0d:af:dd:
98:48:82:26:6d:f7:d3:5a:29:35:e3:2b:f9:ed:7e:10:75:fc:
76:39:cc:90:d6:24:29:1d:55:37:88:0f:79:27:d5:97:20:0d:
24:d7:80:db:1a:98:fd:2b:57:b5:72:e3:f7:06:0e:d5:13:97:
2e:64:b9:58:1b:fa:e6:15:5d:50:ed:5b:65:8e:66:0d:95:48:
5a:24:52:c3:8f:6c:28:ef:95:ea:ca:78:cc:bb:3a:f0:4e:d4:
ac:6d:cf:f3:0d:a2:3a:2e:3f:1f:ec:4c:23:2a:ab:2a:87:19:
ac:87:cd:46:9a:a2:cd:39:0d:73:b1:4f:c7:e4:65:5e:18:13:
a0:25:64:90:74:15:03:27:8d:b1:29:22:7a:41:cf:e8:0e:67:
7f:5c:be:9b:78:f0:b7:30:51:7e:38:3c:56:57:d0:c4:e6:6b:
a1:f4:4a:57:c6:2e:40:71:86:40:07:78:84:ba:fd:40:87:be:
94:83:52:2c:b2:ff:96:13:c9:ae:30:53:8f:44:52:59:1a:73:
75:d4:a0:aa:3f:ad:e0:f5:08:8e:81:97:80:a1:99:da:6d:b9:
b9:1b:84:2f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFNksBlmfTWY8lbpuGgqZ8nTlL+EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMDlaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4YWU5ZmRmYTNkMmFlZTQ2ZTQ2OTQyYzA2ODg4MzFmZjhjN2YwZWE2Yjhj
MzAxNjAzNjgxNzMwZjNhODYwYTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMETPXAM9/LZMiZkgj54hcVcaGKVcNEd1P++d9ihY61XG8YRzsTdL/j4U4kC
LB6mo4sw3OoCyQesVOD0WNwRzUaJlDP9v2ngNOwpUxEDsYAZtaCobPUbA5e6snUN
oOf+K59AAdPFH3HCujE/fEvPwww0EDOLXMAZa9c0YHOMR1W9+jMirr0I5JAQDbnF
QWpZd4EemMyr9Ya2j610vmbcKV4LzeEIfcutVYkv4fA7wZsXOnPT6P4YH1Df1iQ0
Q7SRyz4nMPVnLxG1ExxJ0+CphxXGKKw0mzOUI47pdnDMPsCyBSQU+hNneAy1oKJk
CIFCmBHZ1kzrXFL71jvhpHfNxV8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSBV9cq
CyoSTZskIjg+TutSvSumpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRjODMxZWItMDdjMi00N2JiLWE3M2QtMTc3YWJjOWIxNGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JzDAN
BgkqhkiG9w0BAQsFAAOCAQEAyaF/BUNm+bfQyDc+it6DsWefhYrSDV+PQ7DbiLWA
hHZODa/dmEiCJm3301opNeMr+e1+EHX8djnMkNYkKR1VN4gPeSfVlyANJNeA2xqY
/StXtXLj9wYO1ROXLmS5WBv65hVdUO1bZY5mDZVIWiRSw49sKO+V6sp4zLs68E7U
rG3P8w2iOi4/H+xMIyqrKocZrIfNRpqizTkNc7FPx+RlXhgToCVkkHQVAyeNsSki
ekHP6A5nf1y+m3jwtzBRfjg8VlfQxOZrofRKV8YuQHGGQAd4hLr9QIe+lINSLLL/
lhPJrjBTj0RSWRpzddSgqj+t4PUIjoGXgKGZ2m25uRuELw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:49:08 2026 by rpki-client