Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
File: e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa (raw, json)
Hash identifier: 3lTgscyCLec1rhp3vbTW67+Ddkrykch9MR+x4OnNB0s=
Subject key identifier: 80:7F:19:12:4D:54:C2:E2:1C:AF:5A:3D:06:0B:6A:73:C9:B7:57:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 719A14A719B448A182A6FAA9E57F657A59C573E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
Signing time: Tue 17 Feb 2026 03:00:46 +0000
ROA not before: Tue 17 Feb 2026 03:00:46 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:9a:14:a7:19:b4:48:a1:82:a6:fa:a9:e5:7f:65:7a:59:c5:73:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:46 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=5230122863086d36131aed72b19d116e01e1e2f05a16e501926a1438b658592f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:58:c1:d5:fe:d7:29:6c:e4:ad:bb:44:ca:37:
0e:eb:c5:27:55:81:68:0d:f4:0b:cc:fd:2a:2f:89:
c6:5c:98:5e:f3:4b:da:45:95:9b:7b:95:b9:c5:33:
a6:da:fe:67:cf:11:f2:1e:3f:fc:00:72:a2:1d:4f:
21:52:bd:de:f0:94:5a:5d:cb:30:1f:20:81:d7:0e:
0c:95:18:a4:48:92:b7:c0:e4:dd:fe:97:75:3a:c1:
79:20:da:c8:67:08:0f:ba:fb:a9:03:0b:82:a5:8c:
23:b4:d7:02:f0:49:f3:6b:32:bb:1e:2b:58:d9:67:
6a:07:56:15:45:2e:2f:95:15:c4:90:8c:4e:78:bf:
a6:37:bf:8a:06:99:db:ae:ba:83:85:44:90:a0:b3:
b1:30:62:53:9e:b0:9b:cd:5a:e1:d1:4a:ad:56:02:
5d:b3:5f:2d:82:bd:64:92:37:64:df:bb:bf:a8:e7:
85:9d:89:9f:8f:09:e5:ac:1d:e8:ac:e1:68:9a:64:
8d:6d:cd:15:e5:f9:e4:7e:aa:08:94:cf:23:b6:9a:
c2:c5:9e:c9:df:b0:10:ee:95:6f:d5:d2:53:74:53:
9e:a9:1b:a2:46:ee:08:ee:61:b6:37:69:00:fd:66:
1f:8f:02:4b:92:15:80:2a:d9:09:a9:e6:9b:f2:0b:
a8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:7F:19:12:4D:54:C2:E2:1C:AF:5A:3D:06:0B:6A:73:C9:B7:57:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.160.0/21
Signature Algorithm: sha256WithRSAEncryption
0c:f5:81:b8:d8:58:0c:55:f1:7b:0e:77:64:4f:0c:73:8a:6a:
7a:9e:ec:94:19:eb:f5:6b:45:60:50:09:6a:7b:c2:df:e0:ab:
56:0c:29:81:7c:b6:76:a3:52:b5:09:40:ce:33:d2:5b:01:3e:
72:e8:63:69:21:72:85:5f:58:f4:be:14:60:98:f4:29:77:bc:
74:de:31:29:f3:b4:e4:7c:a0:1c:0f:8c:30:77:d2:64:37:43:
77:0a:65:b6:0b:18:b6:11:ea:d0:10:31:d1:3e:2e:9e:d2:2b:
7a:2e:1b:5a:7b:39:f4:67:48:46:79:7f:02:87:7d:57:98:85:
13:01:4c:58:65:67:01:e8:01:0a:65:b9:97:19:9a:c4:4b:44:
3d:0a:7b:b3:08:22:3e:b1:f8:11:ac:f2:65:59:6b:e1:98:20:
01:74:f3:1d:ea:14:6e:a6:e7:6a:0c:41:6b:b4:76:58:cf:84:
54:0e:39:a1:68:21:70:55:f3:26:cb:c7:b0:40:cb:dc:94:c0:
0d:d6:ba:80:5d:b4:79:13:49:c2:d7:31:b2:f0:d8:e3:00:7a:
23:69:2e:24:91:df:7f:bf:07:b8:5d:b6:7d:c9:3f:e4:6e:b9:
50:4f:0e:45:10:84:d5:15:a2:33:6d:02:95:a3:38:a6:8e:eb:
d9:5a:8a:1c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcZoUpxm0SKGCpvqp5X9lelnFc+EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwNDZaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyMzAxMjI4NjMwODZkMzYxMzFhZWQ3MmIxOWQxMTZlMDFlMWUyZjA1YTE2
ZTUwMTkyNmExNDM4YjY1ODU5MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpYwdX+1yls5K27RMo3DuvFJ1WBaA30C8z9Ki+JxlyYXvNL2kWVm3uVucUz
ptr+Z88R8h4//AByoh1PIVK93vCUWl3LMB8ggdcODJUYpEiSt8Dk3f6XdTrBeSDa
yGcID7r7qQMLgqWMI7TXAvBJ82syux4rWNlnagdWFUUuL5UVxJCMTni/pje/igaZ
2666g4VEkKCzsTBiU56wm81a4dFKrVYCXbNfLYK9ZJI3ZN+7v6jnhZ2Jn48J5awd
6KzhaJpkjW3NFeX55H6qCJTPI7aawsWeyd+wEO6Vb9XSU3RTnqkbokbuCO5htjdp
AP1mH48CS5IVgCrZCanmm/ILqCMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSAfxkS
TVTC4hyvWj0GC2pzybdX1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTkxYjYyYTktMjg4NS00NTA0LTg0YTQtYmEyY2MyZjJhYzgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JoDAN
BgkqhkiG9w0BAQsFAAOCAQEADPWBuNhYDFXxew53ZE8Mc4pqep7slBnr9WtFYFAJ
anvC3+CrVgwpgXy2dqNStQlAzjPSWwE+cuhjaSFyhV9Y9L4UYJj0KXe8dN4xKfO0
5HygHA+MMHfSZDdDdwpltgsYthHq0BAx0T4untIrei4bWns59GdIRnl/Aod9V5iF
EwFMWGVnAegBCmW5lxmaxEtEPQp7swgiPrH4EazyZVlr4ZggAXTzHeoUbqbnagxB
a7R2WM+EVA45oWghcFXzJsvHsEDL3JTADda6gF20eRNJwtcxsvDY4wB6I2kuJJHf
f78HuF22fck/5G65UE8ORRCE1RWiM20ClaM4po7r2VqKHA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:34:44 2026 by rpki-client