Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
File: fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa (raw, json)
Hash identifier: tbtfgUlycbqoQCIUVyMF53QdHMcDVX2mvqDxNrQ+gnk=
Subject key identifier: 66:49:D2:D8:F7:F4:E8:CC:8B:72:79:24:DF:29:E3:70:30:56:33:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78DB47EEF767A0B71B49E518B337B18B7D0A8812
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
Signing time: Tue 17 Feb 2026 03:10:08 +0000
ROA not before: Tue 17 Feb 2026 03:10:08 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:db:47:ee:f7:67:a0:b7:1b:49:e5:18:b3:37:b1:8b:7d:0a:88:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:10:08 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=2fc922a9707c2436fe583da3200d826d26fe23a7723da6249112e43e07b215da, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5f:44:f8:51:f7:8e:7d:38:80:a3:2e:c5:69:
ca:c5:e0:1f:1e:55:3b:6f:01:80:33:af:ab:38:6c:
ca:ab:75:f0:ee:e0:71:bb:9e:a8:42:ef:72:17:b5:
46:a7:9e:d9:e2:3b:91:6d:48:3d:59:75:9d:10:49:
d2:b0:eb:f9:87:8a:29:d2:55:bb:e8:59:a1:e9:5a:
f2:cc:4b:d6:2b:12:3e:a4:9c:f7:29:0a:93:a9:3d:
42:a5:d8:52:fc:58:4d:1f:b5:ba:fa:2e:6f:43:3b:
56:69:1f:4f:dc:58:72:0e:55:a4:ca:18:0d:e6:5a:
6a:fb:74:86:8a:8c:92:60:18:7f:06:92:63:5e:be:
83:1a:a4:e9:c7:c4:89:c5:58:50:c2:9c:8f:53:62:
31:c1:7a:25:35:cf:9c:b0:8c:d6:8b:1c:9f:a3:4d:
df:6c:96:f0:51:a6:66:d7:c1:c3:0d:1c:e8:5d:7d:
94:9d:49:5a:2f:6f:f1:e8:1b:73:fd:fa:85:6f:df:
91:c1:4c:f5:3d:02:03:c4:58:a9:e7:f9:41:36:df:
8b:16:a9:23:12:61:ac:f9:90:82:e6:27:38:41:4d:
4c:4f:07:fb:c6:0c:d1:b3:5a:85:53:bf:d2:38:89:
b5:43:e8:fe:9a:ac:89:a3:34:28:76:4c:2f:e1:aa:
81:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:49:D2:D8:F7:F4:E8:CC:8B:72:79:24:DF:29:E3:70:30:56:33:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/20
Signature Algorithm: sha256WithRSAEncryption
63:6f:a6:0e:02:1f:df:65:13:64:85:1a:aa:1f:48:da:29:c6:
23:22:a0:e4:92:78:ab:7d:ba:75:d5:dc:6a:16:e0:82:08:ea:
73:a8:4d:f1:10:c7:a2:ef:7a:0c:a4:c9:50:e8:7e:a7:d2:58:
b6:0d:9c:c4:d5:e7:83:96:7e:2c:0d:3f:9f:44:8c:77:fe:04:
b1:4a:83:4c:a1:82:c3:c3:a0:fa:86:6c:6e:f5:70:da:a8:36:
ac:1f:3a:73:64:e2:9e:64:1e:26:9e:39:00:92:16:b5:bd:5a:
3d:e3:82:7b:fb:19:3d:8d:55:ef:69:c7:2a:ef:4e:32:b9:d8:
a2:01:cf:ee:32:c9:c3:23:cb:f2:48:63:f2:b9:a5:6e:62:ac:
69:9e:fe:db:db:a5:2d:83:56:d3:bc:c0:28:db:96:24:37:3b:
03:60:cb:58:68:88:f1:22:00:99:13:7c:66:3a:5c:63:a7:f6:
a2:99:d4:7d:8e:d7:e0:24:5d:fe:13:63:ee:fb:a4:ef:65:74:
14:37:e6:e9:69:b1:c1:1d:c4:18:13:46:d3:c5:9e:d6:6b:60:
53:4a:c8:4a:c7:5e:1c:aa:be:7e:31:3f:a1:99:e4:53:fa:55:
e8:54:a7:96:91:77:15:3b:06:9e:39:94:ad:5b:5a:ae:41:ce:
76:ec:3b:37
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeNtH7vdnoLcbSeUYszexi30KiBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzEwMDhaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmYzkyMmE5NzA3YzI0MzZmZTU4M2RhMzIwMGQ4MjZkMjZmZTIzYTc3MjNk
YTYyNDkxMTJlNDNlMDdiMjE1ZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtfRPhR9459OICjLsVpysXgHx5VO28BgDOvqzhsyqt18O7gcbueqELvche1
Rqee2eI7kW1IPVl1nRBJ0rDr+YeKKdJVu+hZoela8sxL1isSPqSc9ykKk6k9QqXY
UvxYTR+1uvoub0M7VmkfT9xYcg5VpMoYDeZaavt0hoqMkmAYfwaSY16+gxqk6cfE
icVYUMKcj1NiMcF6JTXPnLCM1oscn6NN32yW8FGmZtfBww0c6F19lJ1JWi9v8egb
c/36hW/fkcFM9T0CA8RYqef5QTbfixapIxJhrPmQguYnOEFNTE8H+8YM0bNahVO/
0jiJtUPo/pqsiaM0KHZML+GqgUsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRmSdLY
9/TozItyeSTfKeNwMFYzkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNlZTY1Y2EtOWM2Ny00OTI1LWI0NmYtNjBlYzJlZWNiN2EzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEAY2+mDgIf32UTZIUaqh9I2inGIyKg5JJ4q326ddXc
ahbgggjqc6hN8RDHou96DKTJUOh+p9JYtg2cxNXng5Z+LA0/n0SMd/4EsUqDTKGC
w8Og+oZsbvVw2qg2rB86c2TinmQeJp45AJIWtb1aPeOCe/sZPY1V72nHKu9OMrnY
ogHP7jLJwyPL8khj8rmlbmKsaZ7+29ulLYNW07zAKNuWJDc7A2DLWGiI8SIAmRN8
ZjpcY6f2opnUfY7X4CRd/hNj7vuk72V0FDfm6WmxwR3EGBNG08We1mtgU0rISsde
HKq+fjE/oZnkU/pV6FSnlpF3FTsGnjmUrVtarkHOduw7Nw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:19:51 2026 by rpki-client