Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
File: bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa (raw, json)
Hash identifier: q4yaDLVnwcalsmqyXM7Z8MHO6wE/Rr+NeRTEddVkb7w=
Subject key identifier: BF:CD:9D:7F:68:62:FE:FE:08:D2:4B:A9:12:ED:54:7D:1C:DC:71:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33F6482192B2BA1C26FD4059B493534D9499CBB2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
Signing time: Tue 17 Feb 2026 03:10:21 +0000
ROA not before: Tue 17 Feb 2026 03:10:21 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:f6:48:21:92:b2:ba:1c:26:fd:40:59:b4:93:53:4d:94:99:cb:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:21 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=87ca911b421d2b0a352b3caa1395f47d4667eebf6c7d1a7a288cfe5d962842f2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0b:e5:b5:d7:b5:f6:ee:f6:dd:42:95:18:27:
ad:08:9e:a8:12:7d:83:c9:b3:de:fd:b9:9c:b2:6c:
aa:c7:dd:d0:fc:a2:f4:04:6f:9a:0c:a2:bd:7e:bc:
96:9f:d3:76:03:c8:ad:b5:a6:7c:d2:53:64:fe:6b:
6f:cd:1a:2c:73:cf:e1:75:09:98:da:b0:4e:fc:72:
d0:fa:a5:29:d8:eb:6e:f2:68:99:27:ff:eb:97:2d:
e4:c6:fa:86:c7:1a:d4:be:53:64:22:74:4a:e3:12:
52:af:4d:95:91:30:97:ca:7c:e1:5e:36:14:44:4c:
ba:20:fc:3d:db:b1:f0:c4:2c:56:de:64:0f:64:f4:
e7:12:10:58:1c:ab:7e:25:6a:e2:14:00:eb:dd:74:
b3:ce:55:90:42:4d:da:6f:71:17:8d:0b:82:3a:e4:
83:5c:29:66:8c:f0:0e:e7:07:35:75:bb:70:15:ef:
6d:1e:28:fa:7b:e2:92:a5:6c:a1:7b:b4:df:ae:42:
a3:ff:2e:fa:6a:fe:57:99:0a:43:86:ba:0d:21:68:
b4:89:fb:e1:77:14:55:65:09:48:e1:47:d7:6c:9f:
e4:7d:7f:7d:72:ea:ba:94:79:a6:da:52:eb:27:e9:
91:68:1b:a8:f5:d4:6f:11:ce:6f:fe:e4:fd:e1:ce:
be:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CD:9D:7F:68:62:FE:FE:08:D2:4B:A9:12:ED:54:7D:1C:DC:71:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:14:9c:be:cb:35:49:9c:f5:b6:04:83:02:2f:cd:4d:02:4b:
bd:44:3b:f4:c4:5d:90:f2:36:82:d5:a8:2c:4c:9c:46:3f:be:
e2:e6:dc:fc:26:47:49:e7:f8:0a:8c:f9:c5:ac:79:38:06:77:
01:e6:9f:59:d4:d2:8f:9c:3c:a8:ea:a7:46:26:a3:89:94:f5:
fc:4f:66:a4:d6:5f:21:11:0b:e2:b7:20:f5:97:91:6b:40:62:
6e:0e:6d:33:cb:03:41:84:8c:8a:3e:e2:e6:fb:06:c1:68:d1:
41:2f:f3:4e:40:d0:f1:86:bc:02:46:76:6c:e4:39:ec:17:44:
8a:38:f6:07:dd:7b:8e:c3:15:78:ab:12:54:04:1a:cb:6a:e1:
2c:2c:43:9c:a3:34:d9:5f:85:bf:f3:f1:8d:2a:62:02:d2:33:
89:35:95:b5:aa:7e:d8:e9:93:81:78:c1:77:7d:9a:37:57:0c:
e5:cd:83:c9:43:13:33:36:72:2c:be:d0:1f:97:89:29:73:8b:
ff:12:b7:90:50:97:6c:03:5e:c9:38:3a:f1:0d:ef:68:5a:57:
9e:ac:3c:17:26:13:d3:0f:7e:78:2b:da:a0:02:3b:03:4c:9c:
ca:60:0f:e7:24:1e:0e:37:4b:1a:13:ae:de:49:81:23:fd:66:
e6:b8:13:d7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUM/ZIIZKyuhwm/UBZtJNTTZSZy7IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMjFaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3Y2E5MTFiNDIxZDJiMGEzNTJiM2NhYTEzOTVmNDdkNDY2N2VlYmY2Yzdk
MWE3YTI4OGNmZTVkOTYyODQyZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJoL5bXXtfbu9t1ClRgnrQieqBJ9g8mz3v25nLJsqsfd0Pyi9ARvmgyivX68
lp/TdgPIrbWmfNJTZP5rb80aLHPP4XUJmNqwTvxy0PqlKdjrbvJomSf/65ct5Mb6
hsca1L5TZCJ0SuMSUq9NlZEwl8p84V42FERMuiD8Pdux8MQsVt5kD2T05xIQWByr
fiVq4hQA6910s85VkEJN2m9xF40Lgjrkg1wpZozwDucHNXW7cBXvbR4o+nvikqVs
oXu0365Co/8u+mr+V5kKQ4a6DSFotIn74XcUVWUJSOFH12yf5H1/fXLqupR5ptpS
6yfpkWgbqPXUbxHOb/7k/eHOvrECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS/zZ1/
aGL+/gjSS6kS7VR9HNxx0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRkZDVkNTItZjA5Ny00YWEwLTlhNzEtYWE3YjY3NTJkY2FhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAC6JMA0G
CSqGSIb3DQEBCwUAA4IBAQB0FJy+yzVJnPW2BIMCL81NAku9RDv0xF2Q8jaC1ags
TJxGP77i5tz8JkdJ5/gKjPnFrHk4BncB5p9Z1NKPnDyo6qdGJqOJlPX8T2ak1l8h
EQvityD1l5FrQGJuDm0zywNBhIyKPuLm+wbBaNFBL/NOQNDxhrwCRnZs5DnsF0SK
OPYH3XuOwxV4qxJUBBrLauEsLEOcozTZX4W/8/GNKmIC0jOJNZW1qn7Y6ZOBeMF3
fZo3VwzlzYPJQxMzNnIsvtAfl4kpc4v/EreQUJdsA17JODrxDe9oWleerDwXJhPT
D354K9qgAjsDTJzKYA/nJB4ON0saE67eSYEj/WbmuBPX
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:06 2026 by rpki-client