Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
File: 07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa (raw, json)
Hash identifier: 1bQJl89oW2EqdC8n762s99xOZgqLdSW2DMvZH1ayNsY=
Subject key identifier: F7:91:66:B9:61:93:54:9A:33:09:A2:FE:EF:02:9D:62:51:C8:23:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BA4BBEC04306557DE2A63B0AA2DDF2982DE58B9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
Signing time: Fri 08 May 2026 03:21:15 +0000
ROA not before: Fri 08 May 2026 03:21:15 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:a4:bb:ec:04:30:65:57:de:2a:63:b0:aa:2d:df:29:82:de:58:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:21:15 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=b2d4a494acc825bb757d85af278c780dfaa83fb81a1b317f60fbfd4100d6d433, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d7:df:c0:f9:25:30:7f:68:30:d5:80:e4:0d:
f0:2c:bf:6b:60:aa:83:3f:52:ef:91:d7:11:d4:a6:
32:0a:67:d2:3f:5f:bc:ea:d7:c0:c4:a5:c8:29:63:
f4:98:d6:c7:77:32:37:3c:71:26:ec:df:b1:76:0c:
eb:4b:f5:b4:c4:be:78:3b:46:9e:ba:46:22:99:df:
ad:1e:49:5b:a8:8f:37:72:eb:f1:04:47:9f:8e:85:
62:4a:9d:26:c7:4b:88:78:96:4c:a9:e3:58:01:a9:
bf:44:3c:f4:f3:d4:e6:27:07:34:4f:3e:c8:d1:96:
4b:94:6e:60:69:18:da:4f:42:53:11:0e:96:bc:fd:
c9:94:ed:09:03:1c:48:e7:63:3f:b5:4b:17:99:c3:
86:c1:e1:8b:8d:5b:1c:bc:4d:ba:54:88:6d:7f:e3:
28:d5:fa:15:df:2c:66:5b:7c:42:6b:04:c2:5d:1e:
f3:dd:a7:6f:68:8b:53:07:b1:53:4d:23:4b:63:c2:
b8:95:5b:fb:66:76:4b:b3:8e:67:62:90:71:1e:32:
67:78:7d:c4:1f:83:e8:d9:d9:8a:67:ef:e0:d4:73:
9a:80:0a:48:fe:2e:4d:7f:a2:ce:53:34:5a:78:fb:
11:ec:21:6d:1b:0a:63:b3:0d:81:ed:f4:23:25:4b:
8d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:91:66:B9:61:93:54:9A:33:09:A2:FE:EF:02:9D:62:51:C8:23:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.176.0/20
Signature Algorithm: sha256WithRSAEncryption
1e:4e:33:cf:db:74:88:65:b5:ec:b5:18:5c:25:a8:43:eb:5f:
3d:b2:f0:e5:f8:24:71:7e:7b:2b:f2:09:c4:73:da:bf:a4:e3:
79:a5:f4:28:f3:6d:3d:3e:47:c0:9b:0b:1a:32:41:0d:64:80:
54:92:6e:63:6b:26:46:e0:98:c5:6b:c8:55:52:2f:9e:cd:20:
83:4e:b0:12:55:65:f9:8d:87:e9:c4:ab:9a:52:cd:ee:7f:87:
bc:43:09:7a:d4:70:5a:b4:da:1e:19:48:c5:30:fe:c5:13:95:
28:0d:5f:5e:64:c5:23:88:2b:a1:0d:7f:cb:8a:d5:3d:05:1b:
b6:78:52:de:1f:52:5f:7e:36:6d:dc:9a:76:f0:0a:2c:06:42:
5d:1f:f8:79:09:0c:2b:21:79:9b:04:e0:bb:56:cd:ba:a3:75:
d3:d4:9a:a7:c7:c4:87:16:a1:8a:22:4e:ac:63:b5:d8:9a:ac:
6f:5a:d8:2b:4b:96:94:ce:62:94:82:0e:98:32:f8:f4:06:2a:
be:ec:55:d0:4e:9b:e8:a1:cc:92:52:54:76:14:cb:0d:b4:be:
fc:ff:f4:f7:f0:e5:3d:ae:fd:0e:67:91:15:e0:8d:05:95:23:
7e:72:ef:62:d9:1f:d9:8e:f0:f7:fc:dc:ad:6e:a5:f2:78:ff:
4e:78:5b:0d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUa6S77AQwZVfeKmOwqi3fKYLeWLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIxMTVaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyZDRhNDk0YWNjODI1YmI3NTdkODVhZjI3OGM3ODBkZmFhODNmYjgxYTFi
MzE3ZjYwZmJmZDQxMDBkNmQ0MzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7X38D5JTB/aDDVgOQN8Cy/a2Cqgz9S75HXEdSmMgpn0j9fvOrXwMSlyClj
9JjWx3cyNzxxJuzfsXYM60v1tMS+eDtGnrpGIpnfrR5JW6iPN3Lr8QRHn46FYkqd
JsdLiHiWTKnjWAGpv0Q89PPU5icHNE8+yNGWS5RuYGkY2k9CUxEOlrz9yZTtCQMc
SOdjP7VLF5nDhsHhi41bHLxNulSIbX/jKNX6Fd8sZlt8QmsEwl0e892nb2iLUwex
U00jS2PCuJVb+2Z2S7OOZ2KQcR4yZ3h9xB+D6NnZimfv4NRzmoAKSP4uTX+izlM0
Wnj7EewhbRsKY7MNge30IyVLjccCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT3kWa5
YZNUmjMJov7vAp1iUcgj0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDcxNDRmMzgtZWQ0Ni00MGJjLWEzZWQtMzA3ODVjMGNjM2UyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JsDAN
BgkqhkiG9w0BAQsFAAOCAQEAHk4zz9t0iGW17LUYXCWoQ+tfPbLw5fgkcX57K/IJ
xHPav6TjeaX0KPNtPT5HwJsLGjJBDWSAVJJuY2smRuCYxWvIVVIvns0gg06wElVl
+Y2H6cSrmlLN7n+HvEMJetRwWrTaHhlIxTD+xROVKA1fXmTFI4groQ1/y4rVPQUb
tnhS3h9SX342bdyadvAKLAZCXR/4eQkMKyF5mwTgu1bNuqN109Sap8fEhxahiiJO
rGO12Jqsb1rYK0uWlM5ilIIOmDL49AYqvuxV0E6b6KHMklJUdhTLDbS+/P/09/Dl
Pa79DmeRFeCNBZUjfnLvYtkf2Y7w9/zcrW6l8nj/TnhbDQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:39:36 2026 by rpki-client