Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
File: d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa (raw, json)
Hash identifier: 78Bfcvpn+VNo6w9feOX/tjYEey0ee/ZsEoJ4pwGXbA0=
Subject key identifier: 98:F8:5F:7B:87:BF:BF:0F:C9:72:36:ED:71:EE:88:77:5C:78:AB:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77A04A2B59513DECB3516518AA8CFB0B32335DBA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
Signing time: Tue 17 Feb 2026 03:00:51 +0000
ROA not before: Tue 17 Feb 2026 03:00:51 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.224.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:a0:4a:2b:59:51:3d:ec:b3:51:65:18:aa:8c:fb:0b:32:33:5d:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:51 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=51cd6aa3d5f3fd6cb6cc46c5652286b594e30b97a0476637919bb807334bb63e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:23:63:51:f9:da:e8:38:ca:e5:82:4d:f8:1d:
47:94:87:ee:bb:e9:15:fe:13:ad:d5:0d:49:d1:f4:
1c:fc:e8:76:5a:12:68:b3:2b:31:22:c8:80:fc:47:
38:1c:be:d2:ae:3b:a3:b3:e3:4b:68:f6:0f:62:63:
d5:90:cb:b9:d0:ad:e9:9d:bd:30:c8:ac:fa:6b:1c:
07:2f:b8:94:6a:c7:d5:6f:28:be:9c:18:70:cc:72:
31:c7:b1:e5:1e:63:ab:76:01:02:73:fb:81:63:e9:
d2:2f:5b:67:1d:f7:bd:a3:22:d8:e0:c4:ae:16:44:
5f:41:51:7e:06:fe:cc:6e:f0:ed:92:41:1c:58:72:
e6:ae:29:6e:eb:b1:68:60:ed:71:46:6a:b8:f2:3f:
7b:ba:03:9c:99:b9:1d:08:ed:1a:a6:c7:ee:3c:a8:
f6:de:78:f6:72:b3:b6:ef:4c:1c:c7:49:fa:e9:04:
8d:a1:68:52:6e:31:28:10:d2:d6:3c:7c:82:30:16:
a3:58:c1:6c:01:42:d0:37:88:f4:43:e2:13:08:a0:
f7:ae:22:9c:07:50:26:81:0a:cf:9d:6d:30:cf:da:
75:88:df:65:05:c4:8f:b8:5a:d6:75:40:27:fa:b7:
ae:f4:fa:86:0a:4b:3f:cb:86:d0:5d:3a:dd:03:2c:
c3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F8:5F:7B:87:BF:BF:0F:C9:72:36:ED:71:EE:88:77:5C:78:AB:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.224.0/20
Signature Algorithm: sha256WithRSAEncryption
4e:68:10:90:72:ea:40:ce:fb:fd:80:78:6d:70:8f:37:92:01:
0c:6c:a3:3d:7f:14:1a:1c:4e:7c:6a:6d:11:91:7c:70:1a:82:
dd:20:87:71:7b:23:7f:3e:60:48:85:83:07:a3:b5:5c:46:9f:
08:23:b6:f7:11:c8:80:63:20:f1:97:f4:d9:8a:45:78:02:c2:
26:2e:d2:5d:e4:86:a6:9c:0a:f6:cf:07:f3:8d:77:76:d6:5d:
99:eb:f2:0f:ca:2b:c5:f0:65:f1:ae:1a:74:8d:f9:64:d9:01:
59:c6:66:7c:f7:58:7a:c2:08:10:de:81:07:9d:64:72:c0:4b:
ff:12:e9:b6:50:cd:9f:1b:68:81:d9:a4:d0:c8:9b:9a:cb:7f:
61:cc:b7:7d:e6:c8:ee:cd:58:89:28:2a:73:3d:16:79:7e:0f:
50:2f:3f:10:61:9f:1c:c3:e3:51:27:57:06:2c:ba:5b:54:c7:
2e:b6:52:fa:37:02:7f:e0:2b:30:aa:6b:7c:b8:4b:8a:30:8b:
4d:ae:33:ad:4a:ac:20:ba:9d:7c:d6:76:07:56:5a:ed:ee:4b:
ff:a3:fd:4f:f9:76:ce:01:8a:ec:17:75:f4:e9:fd:c1:60:6f:
c0:e9:7b:66:85:e1:40:99:ec:65:7e:2d:9a:e7:1d:88:2c:90:
6f:9a:bf:58
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUd6BKK1lRPeyzUWUYqoz7CzIzXbowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwNTFaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxY2Q2YWEzZDVmM2ZkNmNiNmNjNDZjNTY1MjI4NmI1OTRlMzBiOTdhMDQ3
NjYzNzkxOWJiODA3MzM0YmI2M2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUjY1H52ug4yuWCTfgdR5SH7rvpFf4TrdUNSdH0HPzodloSaLMrMSLIgPxH
OBy+0q47o7PjS2j2D2Jj1ZDLudCt6Z29MMis+mscBy+4lGrH1W8ovpwYcMxyMcex
5R5jq3YBAnP7gWPp0i9bZx33vaMi2ODErhZEX0FRfgb+zG7w7ZJBHFhy5q4pbuux
aGDtcUZquPI/e7oDnJm5HQjtGqbH7jyo9t549nKztu9MHMdJ+ukEjaFoUm4xKBDS
1jx8gjAWo1jBbAFC0DeI9EPiEwig964inAdQJoEKz51tMM/adYjfZQXEj7ha1nVA
J/q3rvT6hgpLP8uG0F063QMsw4UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSY+F97
h7+/D8lyNu1x7oh3XHirgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDgzNjRjMDYtYjc1ZS00ZDg1LThjOGMtYWZhZDRkZjdjZDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6J4DAN
BgkqhkiG9w0BAQsFAAOCAQEATmgQkHLqQM77/YB4bXCPN5IBDGyjPX8UGhxOfGpt
EZF8cBqC3SCHcXsjfz5gSIWDB6O1XEafCCO29xHIgGMg8Zf02YpFeALCJi7SXeSG
ppwK9s8H8413dtZdmevyD8orxfBl8a4adI35ZNkBWcZmfPdYesIIEN6BB51kcsBL
/xLptlDNnxtogdmk0Mibmst/Ycy3febI7s1YiSgqcz0WeX4PUC8/EGGfHMPjUSdX
Biy6W1THLrZS+jcCf+ArMKprfLhLijCLTa4zrUqsILqdfNZ2B1Za7e5L/6P9T/l2
zgGK7Bd19On9wWBvwOl7ZoXhQJnsZX4tmucdiCyQb5q/WA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:48:42 2026 by rpki-client