Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
File: 01bbf67c-f7ae-457c-80b3-728a951b236a.roa (raw, json)
Hash identifier: 3fepTM8xdicW9X9+YqkR0nTJU6bmaMqlyzHwRjkiMVc=
Subject key identifier: DC:D8:5A:C0:5A:D6:A7:46:17:BD:F8:B0:2D:41:02:53:5C:B5:02:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 151A4FF2D0BB75525AB4ED423C1C97AEB8AF9C12
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
Signing time: Fri 08 May 2026 03:20:54 +0000
ROA not before: Fri 08 May 2026 03:20:54 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:1a:4f:f2:d0:bb:75:52:5a:b4:ed:42:3c:1c:97:ae:b8:af:9c:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:54 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=89e90d43561fa739bae93d4731c06532dc4cd416a13294bac23475e326b5aed7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2b:ab:76:14:8f:a6:30:e2:c4:74:83:5f:6b:
92:d9:aa:17:8b:d5:64:52:93:8f:af:d8:83:19:dd:
1d:39:b1:44:b2:86:d4:09:0d:99:89:88:eb:e3:8f:
56:b5:1c:cf:29:38:12:75:50:82:dc:a8:a5:3d:9e:
2d:60:34:0a:89:6b:b6:10:55:00:ef:c1:34:0b:fd:
f1:41:85:a6:55:cf:31:3c:55:2a:ec:c8:f8:a3:a3:
bd:92:2d:6d:24:58:8e:68:3e:55:2c:e4:46:8d:23:
47:68:66:e4:3e:e9:6f:88:b5:ec:ef:00:20:26:2f:
a5:dc:59:a1:0c:f3:62:76:64:d2:bb:fd:ff:f5:4f:
95:63:a8:18:c8:0c:1a:eb:7c:32:04:2c:23:0b:77:
f3:ad:dd:ae:2e:6a:8d:6f:5c:17:ce:58:48:eb:f0:
c5:6a:fb:88:e6:7d:23:90:a7:4d:9b:a8:8f:7b:e9:
70:b7:63:cf:8d:88:cd:8c:c9:e2:62:2e:e9:68:14:
13:30:cb:22:fb:d9:62:8f:29:9e:21:b5:f1:8c:10:
41:b4:fb:b3:be:83:6f:e6:bd:99:0e:a8:d8:61:e2:
55:34:54:03:26:8c:04:5e:44:1a:9b:f4:62:18:1d:
ca:7e:a2:88:8d:33:e9:1d:ae:99:e5:e1:36:58:e9:
c1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D8:5A:C0:5A:D6:A7:46:17:BD:F8:B0:2D:41:02:53:5C:B5:02:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/18
Signature Algorithm: sha256WithRSAEncryption
ad:ba:02:71:ab:f9:a4:a7:70:cc:c8:00:11:7a:ec:91:e5:88:
f4:3a:75:f8:3c:58:e6:ff:b3:06:ed:07:47:87:1e:01:1f:86:
1c:20:1f:bd:ac:24:42:6f:27:f0:b8:e5:d0:f2:54:fb:93:62:
39:1e:fe:aa:93:89:3c:58:c7:36:e8:4b:2b:20:be:0d:2a:fc:
84:93:4d:1a:84:c8:5b:ad:74:4f:66:9b:c2:51:e5:e6:05:39:
55:17:32:a0:f0:f2:3c:dc:9c:84:e2:eb:3e:bb:bd:55:e7:da:
8e:49:d8:67:f8:95:ba:d7:23:23:16:17:0a:88:2d:6e:03:5a:
f2:6d:91:18:81:87:f6:f5:5a:ed:cc:c6:31:0b:61:84:9e:51:
6b:7f:47:4e:34:5a:b9:af:83:37:ee:25:f2:95:b3:16:46:54:
03:83:06:03:76:cc:40:56:8e:1b:09:7f:a6:a5:0d:e3:8e:d1:
c5:d0:c9:73:54:7b:1f:71:26:c9:93:3b:07:a3:f6:53:ce:31:
20:48:dc:2f:ef:fc:ad:dc:23:ee:d7:04:36:b8:65:93:e2:d0:
fe:88:81:42:cf:91:f0:b5:ec:24:9c:09:03:e0:aa:77:66:e0:
71:cf:dc:c6:04:9f:96:61:b2:ae:a1:3b:ee:03:80:65:86:bf:
e8:39:38:fc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFRpP8tC7dVJatO1CPByXrrivnBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwNTRaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5ZTkwZDQzNTYxZmE3MzliYWU5M2Q0NzMxYzA2NTMyZGM0Y2Q0MTZhMTMy
OTRiYWMyMzQ3NWUzMjZiNWFlZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANArq3YUj6Yw4sR0g19rktmqF4vVZFKTj6/YgxndHTmxRLKG1AkNmYmI6+OP
VrUczyk4EnVQgtyopT2eLWA0ColrthBVAO/BNAv98UGFplXPMTxVKuzI+KOjvZIt
bSRYjmg+VSzkRo0jR2hm5D7pb4i17O8AICYvpdxZoQzzYnZk0rv9//VPlWOoGMgM
Gut8MgQsIwt3863dri5qjW9cF85YSOvwxWr7iOZ9I5CnTZuoj3vpcLdjz42IzYzJ
4mIu6WgUEzDLIvvZYo8pniG18YwQQbT7s76Db+a9mQ6o2GHiVTRUAyaMBF5EGpv0
Yhgdyn6iiI0z6R2umeXhNljpwS0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTc2FrA
WtanRhe9+LAtQQJTXLUCczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDFiYmY2N2MtZjdhZS00NTdjLTgwYjMtNzI4YTk1MWIyMzZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEArboCcav5pKdwzMgAEXrskeWI9Dp1+DxY5v+zBu0H
R4ceAR+GHCAfvawkQm8n8Ljl0PJU+5NiOR7+qpOJPFjHNuhLKyC+DSr8hJNNGoTI
W610T2abwlHl5gU5VRcyoPDyPNychOLrPru9VefajknYZ/iVutcjIxYXCogtbgNa
8m2RGIGH9vVa7czGMQthhJ5Ra39HTjRaua+DN+4l8pWzFkZUA4MGA3bMQFaOGwl/
pqUN447RxdDJc1R7H3EmyZM7B6P2U84xIEjcL+/8rdwj7tcENrhlk+LQ/oiBQs+R
8LXsJJwJA+Cqd2bgcc/cxgSflmGyrqE77gOAZYa/6Dk4/A==
-----END CERTIFICATE-----
Generated at Tue May 12 23:17:58 2026 by rpki-client