Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
File: 062e9317-b5ab-4d01-a462-4dc8d164e17c.roa (raw, json)
Hash identifier: TG5CzjW2a1Ffbwan/RrgTxu0VT/DsbGepLQZghkd2HE=
Subject key identifier: 12:5E:D6:13:16:B2:7C:0D:83:71:31:30:E4:80:DE:E4:FC:D9:65:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 540756DE241A0F82116AC3F915C58335CC17F3BC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
Signing time: Fri 08 May 2026 03:30:30 +0000
ROA not before: Fri 08 May 2026 03:30:30 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:07:56:de:24:1a:0f:82:11:6a:c3:f9:15:c5:83:35:cc:17:f3:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:30:30 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=ec073609eefdcd01b1169125d066f24244476976eaabb77027751fa8717bf2c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:18:8c:2b:cb:52:ba:13:1a:b8:ad:4a:e2:e0:
8b:84:38:54:cb:4a:20:4e:3a:51:0b:76:1a:62:81:
f5:fe:b1:14:19:16:30:ef:72:17:11:c0:1c:fa:c3:
ad:c7:97:81:d3:d3:42:b0:20:19:68:f2:0f:da:ad:
77:16:8b:1c:98:47:a5:7f:cc:c3:87:28:c7:eb:34:
34:72:34:aa:95:b3:ea:37:42:64:cc:00:73:87:62:
73:34:e6:d0:a6:51:d7:58:bf:df:1a:12:b8:99:cb:
f2:96:1a:82:44:4c:7e:9a:a0:02:33:88:06:a7:63:
29:da:59:69:3d:66:43:f5:cd:b2:59:48:45:d2:b2:
a5:59:fc:43:4d:f6:5b:98:52:9f:12:86:fc:6a:fc:
ac:ab:a2:f9:c2:3e:16:7a:3d:38:41:ef:4c:df:bd:
43:3b:00:75:d9:91:9b:ed:ee:03:ff:e3:78:5c:2c:
12:f1:33:9d:eb:f2:a4:12:8b:f9:df:45:93:b3:d2:
49:5d:1b:4d:85:c3:53:6e:cb:1c:50:2b:9c:6e:47:
2f:7c:fb:8c:b7:33:e3:e2:1f:b5:5a:0e:a2:e3:25:
89:69:c0:58:cf:b3:10:ec:db:d4:f8:38:bc:71:9f:
53:0f:8c:02:13:cf:c5:5d:c3:b0:7d:47:48:38:93:
3b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:5E:D6:13:16:B2:7C:0D:83:71:31:30:E4:80:DE:E4:FC:D9:65:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.172.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:74:23:da:b2:4b:b1:c2:3e:ce:8d:58:1c:45:d1:44:a1:5f:
df:2b:48:c2:72:24:29:63:f1:e2:55:60:b1:12:b9:09:44:32:
51:0a:02:72:40:6f:92:f3:40:be:a9:77:1a:73:8e:f7:a3:f6:
c6:4a:0a:b1:57:44:f7:02:09:15:6f:63:23:68:88:39:55:bd:
5a:ab:a3:7b:b2:22:b0:16:6f:eb:55:f0:cf:93:66:4b:22:4d:
df:66:08:a4:80:5b:37:56:60:e5:13:21:bd:e9:fc:05:6d:95:
bf:1d:21:3a:73:2f:c4:19:5e:9e:96:48:44:51:b9:83:64:74:
8f:90:c6:27:8c:68:f2:75:a9:bc:52:51:8a:02:b8:d1:e5:ce:
1c:04:50:36:a5:6f:ff:1d:92:1b:1b:01:41:8e:a5:4e:9f:26:
08:d8:71:3f:83:3e:25:c6:b6:fa:a5:02:6a:cc:97:09:8d:43:
55:a1:a6:24:a3:ef:55:1a:80:7b:f4:77:38:c9:b9:e4:6a:8f:
12:ec:f8:8b:11:9e:93:05:15:c0:20:4c:e7:ac:28:33:4c:ab:
5e:76:c6:33:22:12:d9:d4:92:7e:47:79:0d:e0:13:b9:fc:0a:
7b:6b:63:83:86:0f:0a:12:e8:59:46:13:32:75:8e:a8:9e:66:
ce:07:02:e9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVAdW3iQaD4IRasP5FcWDNcwX87wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzMwMzBaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjMDczNjA5ZWVmZGNkMDFiMTE2OTEyNWQwNjZmMjQyNDQ0NzY5NzZlYWFi
Yjc3MDI3NzUxZmE4NzE3YmYyYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIgYjCvLUroTGritSuLgi4Q4VMtKIE46UQt2GmKB9f6xFBkWMO9yFxHAHPrD
rceXgdPTQrAgGWjyD9qtdxaLHJhHpX/Mw4cox+s0NHI0qpWz6jdCZMwAc4diczTm
0KZR11i/3xoSuJnL8pYagkRMfpqgAjOIBqdjKdpZaT1mQ/XNsllIRdKypVn8Q032
W5hSnxKG/Gr8rKui+cI+Fno9OEHvTN+9QzsAddmRm+3uA//jeFwsEvEznevypBKL
+d9Fk7PSSV0bTYXDU27LHFArnG5HL3z7jLcz4+IftVoOouMliWnAWM+zEOzb1Pg4
vHGfUw+MAhPPxV3DsH1HSDiTO+sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQSXtYT
FrJ8DYNxMTDkgN7k/NllDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDYyZTkzMTctYjVhYi00ZDAxLWE0NjItNGRjOGQxNjRlMTdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JrDAN
BgkqhkiG9w0BAQsFAAOCAQEAfHQj2rJLscI+zo1YHEXRRKFf3ytIwnIkKWPx4lVg
sRK5CUQyUQoCckBvkvNAvql3GnOO96P2xkoKsVdE9wIJFW9jI2iIOVW9Wquje7Ii
sBZv61Xwz5NmSyJN32YIpIBbN1Zg5RMhven8BW2Vvx0hOnMvxBlenpZIRFG5g2R0
j5DGJ4xo8nWpvFJRigK40eXOHARQNqVv/x2SGxsBQY6lTp8mCNhxP4M+Jca2+qUC
asyXCY1DVaGmJKPvVRqAe/R3OMm55GqPEuz4ixGekwUVwCBM56woM0yrXnbGMyIS
2dSSfkd5DeATufwKe2tjg4YPChLoWUYTMnWOqJ5mzgcC6Q==
-----END CERTIFICATE-----
Generated at Tue May 12 23:12:23 2026 by rpki-client