Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
File: be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa (raw, json)
Hash identifier: MPFoH6v2ku+22StsTljnLuIeQfy3nWx8Ws6bgJiKn30=
Subject key identifier: CE:A7:FD:E6:43:31:F9:0A:BB:A4:31:23:98:AB:05:85:00:37:31:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FC8EFF915A8C1269554F76761660D786A6FF1E0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
Signing time: Tue 17 Feb 2026 03:00:35 +0000
ROA not before: Tue 17 Feb 2026 03:00:35 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.96.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:c8:ef:f9:15:a8:c1:26:95:54:f7:67:61:66:0d:78:6a:6f:f1:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:35 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=514d727cbd5dc42011a23bb9623378a9ac67ceb0723eaaa7be85d7a4afae0585, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e4:0b:2b:55:4a:b9:9a:3b:78:ac:be:0a:92:
8f:a5:b3:85:c2:ca:0d:0a:0f:c5:ed:56:af:fd:09:
12:3c:ef:45:3e:6f:eb:93:d3:b7:a6:44:0d:aa:a9:
10:4d:96:35:e1:96:23:77:c2:e3:1d:45:be:6c:15:
45:af:d0:68:e8:24:53:72:43:8f:49:17:f2:00:4e:
c3:89:a3:4f:16:06:23:d3:46:38:13:81:ec:a0:4f:
7f:48:b1:ae:6d:1c:63:6e:cf:f7:02:2b:52:c6:ad:
88:fa:20:0e:de:a4:8a:f5:9e:69:36:2a:74:25:f6:
12:ea:cd:a5:a8:1f:f1:bf:16:e4:23:6b:7e:17:12:
1e:ee:33:5b:ac:92:e6:74:d7:82:82:ed:81:ae:2c:
80:82:40:20:cf:d5:32:43:ce:95:8e:5b:17:17:9a:
00:51:ee:80:24:f0:da:f7:66:02:d3:e7:cb:f2:fb:
6e:84:31:de:a2:78:33:ce:79:6e:68:35:61:6b:8d:
cf:d3:8a:f0:58:67:2c:02:82:2d:01:6b:28:05:97:
8b:d4:83:b6:52:96:db:88:9b:bf:eb:46:67:1c:bc:
89:ce:28:88:95:c2:f4:17:74:f7:10:f4:65:73:20:
c8:51:96:fd:b7:f3:15:fe:36:99:b2:b4:c9:d0:23:
56:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A7:FD:E6:43:31:F9:0A:BB:A4:31:23:98:AB:05:85:00:37:31:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.96.0/19
Signature Algorithm: sha256WithRSAEncryption
b5:be:66:3c:31:f8:ec:74:d5:97:1e:7f:de:fe:2e:6a:a3:2f:
17:55:e6:db:c2:79:d2:d6:a8:f4:91:ac:d6:e2:94:f1:5d:01:
40:cb:4a:eb:db:50:b7:fe:c3:fb:07:58:b9:51:0e:c3:0c:78:
f5:ff:11:6d:b4:a7:e3:4b:62:2b:30:49:8c:e7:97:08:2f:4b:
a6:89:0e:de:bf:eb:e0:7a:e5:e4:03:0a:cf:38:f3:ad:37:e5:
fb:36:8b:f8:5c:2d:60:40:60:f0:74:fd:31:82:6f:84:3d:ec:
5b:85:96:a7:dc:1b:74:47:bb:47:2b:f2:53:7a:16:42:6e:38:
80:61:09:40:44:f0:2a:ac:99:a4:6b:06:c4:63:45:83:61:5f:
5f:48:35:94:d1:2b:d7:a0:69:09:12:13:4e:ff:f2:d7:8f:5b:
7c:ae:2e:60:74:58:c2:86:a4:65:6e:ea:77:88:9c:f3:06:ca:
35:2c:d0:0d:90:78:0b:21:49:33:1a:38:1a:c0:dd:88:6f:30:
fa:57:1f:9b:84:ca:c6:90:5e:57:fa:1f:c7:2c:6d:7c:e5:a1:
6b:53:fe:32:26:d7:65:0a:21:8c:d1:ee:c2:67:e9:8d:2a:91:
52:fb:11:07:94:11:6c:8e:22:dd:32:f0:22:95:f2:c4:26:8c:
7c:e3:33:fd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUb8jv+RWowSaVVPdnYWYNeGpv8eAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMzVaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxNGQ3MjdjYmQ1ZGM0MjAxMWEyM2JiOTYyMzM3OGE5YWM2N2NlYjA3MjNl
YWFhN2JlODVkN2E0YWZhZTA1ODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvkCytVSrmaO3isvgqSj6WzhcLKDQoPxe1Wr/0JEjzvRT5v65PTt6ZEDaqp
EE2WNeGWI3fC4x1FvmwVRa/QaOgkU3JDj0kX8gBOw4mjTxYGI9NGOBOB7KBPf0ix
rm0cY27P9wIrUsatiPogDt6kivWeaTYqdCX2EurNpagf8b8W5CNrfhcSHu4zW6yS
5nTXgoLtga4sgIJAIM/VMkPOlY5bFxeaAFHugCTw2vdmAtPny/L7boQx3qJ4M855
bmg1YWuNz9OK8FhnLAKCLQFrKAWXi9SDtlKW24ibv+tGZxy8ic4oiJXC9Bd09xD0
ZXMgyFGW/bfzFf42mbK0ydAjViMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTOp/3m
QzH5CrukMSOYqwWFADcxmTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2YjdjYjAtM2M1NS00YTY1LWIwMGEtNDViYzEzMTA4NjhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JYDAN
BgkqhkiG9w0BAQsFAAOCAQEAtb5mPDH47HTVlx5/3v4uaqMvF1Xm28J50tao9JGs
1uKU8V0BQMtK69tQt/7D+wdYuVEOwwx49f8RbbSn40tiKzBJjOeXCC9LpokO3r/r
4Hrl5AMKzzjzrTfl+zaL+FwtYEBg8HT9MYJvhD3sW4WWp9wbdEe7RyvyU3oWQm44
gGEJQETwKqyZpGsGxGNFg2FfX0g1lNEr16BpCRITTv/y149bfK4uYHRYwoakZW7q
d4ic8wbKNSzQDZB4CyFJMxo4GsDdiG8w+lcfm4TKxpBeV/ofxyxtfOWha1P+MibX
ZQohjNHuwmfpjSqRUvsRB5QRbI4i3TLwIpXyxCaMfOMz/Q==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:00 2026 by rpki-client