Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
File: df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa (raw, json)
Hash identifier: l47QktJhooziK9uU5iFnyf6kN7HSx6ZtWobxJZdPBB4=
Subject key identifier: 1F:73:D6:84:C4:68:27:48:25:C4:5F:0C:60:E6:6A:AA:52:F9:CA:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 140568E0338AB2114CB3021BC98EABD61FFE5EAD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
Signing time: Tue 17 Feb 2026 03:00:11 +0000
ROA not before: Tue 17 Feb 2026 03:00:11 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.200.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:05:68:e0:33:8a:b2:11:4c:b3:02:1b:c9:8e:ab:d6:1f:fe:5e:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:11 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=288ed8d81c65b32a09ebe5c930472d4d4f24dc494f4912b2836675872d874c1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:67:4b:94:7e:be:15:8b:a8:e4:75:87:36:87:
4b:a7:b2:34:36:be:52:0d:29:ac:d9:30:d2:4c:66:
9c:68:7b:a9:b8:e9:ce:ae:c1:0b:06:47:9f:d6:2a:
e6:c8:ba:73:11:52:98:f6:57:23:35:a4:b0:b2:66:
19:06:61:57:d3:69:db:25:6a:52:54:60:2d:32:4e:
8e:4d:44:35:76:57:3b:be:96:7e:d7:ca:d9:db:9f:
b7:b1:c7:e4:fc:a3:a2:7d:2d:24:8b:f3:f3:80:18:
f6:3e:75:f1:42:1f:a3:1f:d7:88:07:1f:8f:d3:0a:
09:f8:8d:f9:b4:6c:66:5e:d9:61:ac:00:55:33:64:
9e:61:a7:27:de:0c:89:19:fa:70:fe:3d:59:31:2e:
4f:aa:0d:32:a1:79:7d:af:83:c3:cd:0e:98:55:cc:
4b:81:63:fd:67:70:5f:a8:83:09:bf:e4:d5:f8:29:
17:2e:ec:f1:3e:78:c4:95:96:21:25:f0:c2:65:f4:
b1:df:87:a9:91:0b:0f:53:96:02:e7:a7:0a:8d:6d:
1a:64:75:3f:19:d8:98:81:2a:f0:ec:71:ae:ff:4a:
25:87:dc:b0:44:a0:8f:fb:c7:84:a1:8f:bf:fd:66:
59:0a:d4:49:0d:d3:52:d4:3d:27:2e:9d:3f:f8:07:
73:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:73:D6:84:C4:68:27:48:25:C4:5F:0C:60:E6:6A:AA:52:F9:CA:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.200.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:76:ff:0f:b8:b6:1d:04:24:7e:0a:b6:39:59:2c:11:f1:cc:
2e:36:d5:1a:8c:a6:34:6c:90:32:3a:a3:60:a9:b0:01:16:41:
ca:fe:bc:23:57:2d:f0:ed:21:b7:ca:2b:0f:8b:a1:66:71:be:
31:e2:2e:fb:df:ea:82:64:61:3d:7c:f9:02:8b:6d:82:17:78:
3a:ea:a3:dd:5d:cb:47:d8:35:28:18:08:94:73:6b:d7:4c:c2:
2c:c8:81:52:9d:de:92:7f:46:a4:23:77:4a:c5:19:75:aa:ed:
bc:29:86:11:7b:44:49:da:95:ea:fe:66:a6:64:a0:10:e7:fb:
af:76:7e:e2:4c:10:c2:42:fa:1b:9d:5f:45:66:ae:df:fa:ae:
bf:34:45:ff:3f:59:a0:b1:5f:1a:97:d6:2e:dc:04:2c:f6:b4:
2c:a1:f8:b1:c6:1f:3a:89:c3:10:4b:d6:a7:14:42:e0:6c:49:
f3:55:b0:50:5e:ee:78:67:59:02:db:46:ff:94:7f:4f:26:1d:
3c:f2:1a:a6:de:3b:52:7d:1c:42:0a:e1:20:bb:4b:95:9e:8e:
e2:bf:46:fb:cd:0a:ef:1c:ed:76:3f:b1:b3:5e:97:a3:0a:86:
b4:91:89:21:01:59:0a:a9:f7:1d:79:aa:e0:f1:f8:73:ae:9b:
21:88:d9:19
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFAVo4DOKshFMswIbyY6r1h/+Xq0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMTFaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4OGVkOGQ4MWM2NWIzMmEwOWViZTVjOTMwNDcyZDRkNGYyNGRjNDk0ZjQ5
MTJiMjgzNjY3NTg3MmQ4NzRjMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpnS5R+vhWLqOR1hzaHS6eyNDa+Ug0prNkw0kxmnGh7qbjpzq7BCwZHn9Yq
5si6cxFSmPZXIzWksLJmGQZhV9Np2yVqUlRgLTJOjk1ENXZXO76WftfK2duft7HH
5Pyjon0tJIvz84AY9j518UIfox/XiAcfj9MKCfiN+bRsZl7ZYawAVTNknmGnJ94M
iRn6cP49WTEuT6oNMqF5fa+Dw80OmFXMS4Fj/WdwX6iDCb/k1fgpFy7s8T54xJWW
ISXwwmX0sd+HqZELD1OWAuenCo1tGmR1PxnYmIEq8Oxxrv9KJYfcsESgj/vHhKGP
v/1mWQrUSQ3TUtQ9Jy6dP/gHc7MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQfc9aE
xGgnSCXEXwxg5mqqUvnKTzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGY3NDBlMmYtOGNlNS00YjFiLWE5NWUtNjA0ODdkOTM4OGE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JyDAN
BgkqhkiG9w0BAQsFAAOCAQEAfXb/D7i2HQQkfgq2OVksEfHMLjbVGoymNGyQMjqj
YKmwARZByv68I1ct8O0ht8orD4uhZnG+MeIu+9/qgmRhPXz5Aottghd4Ouqj3V3L
R9g1KBgIlHNr10zCLMiBUp3ekn9GpCN3SsUZdartvCmGEXtESdqV6v5mpmSgEOf7
r3Z+4kwQwkL6G51fRWau3/quvzRF/z9ZoLFfGpfWLtwELPa0LKH4scYfOonDEEvW
pxRC4GxJ81WwUF7ueGdZAttG/5R/TyYdPPIapt47Un0cQgrhILtLlZ6O4r9G+80K
7xztdj+xs16XowqGtJGJIQFZCqn3HXmq4PH4c66bIYjZGQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:51:22 2026 by rpki-client