Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa
File: 11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa (raw, json)
Hash identifier: TvFtKMp6N5D54y0GSdFXjMHHCMlMroikmaPQQ0hgnKw=
Subject key identifier: 9B:4B:B3:DE:43:F8:59:03:FC:49:89:34:AC:2D:07:26:11:C8:96:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 606F9DBFCCF9B8E9526804B47C9F1C265240DD55
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa
Signing time: Fri 08 May 2026 03:30:32 +0000
ROA not before: Fri 08 May 2026 03:30:32 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.64.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:6f:9d:bf:cc:f9:b8:e9:52:68:04:b4:7c:9f:1c:26:52:40:dd:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:30:32 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=754f0f45841b2da2090b31c87a83a6ee158f16421ea085e0bfecdc086c2faa6b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:89:1e:77:4b:94:de:1a:71:8e:f0:7f:d1:50:
61:ed:cd:ba:5b:f0:8e:72:90:4a:a1:e7:de:4b:7e:
82:2d:43:61:07:0d:eb:f8:e6:95:e7:ad:44:77:dc:
6e:ea:b9:9a:76:00:1d:eb:95:26:2a:0e:4d:94:cd:
32:b0:ba:4f:00:dd:21:8b:94:62:b2:6b:cf:5c:0b:
39:3e:60:9d:d3:a1:c7:1e:c2:4c:0e:99:08:29:be:
98:73:76:b9:b9:a4:32:ef:68:9d:41:63:06:55:54:
b4:81:b7:0e:6b:6c:bc:b3:14:90:b4:48:93:b3:c6:
9d:fa:3d:27:81:c3:41:f4:11:f9:91:10:e4:e2:03:
1e:ad:73:0e:f7:39:f0:dd:10:5e:1a:99:1d:74:f0:
79:cf:3e:2a:70:31:3a:01:57:3c:c6:56:24:1e:02:
ee:67:d8:78:5d:53:b5:6d:42:75:b8:e5:29:86:df:
df:cd:c4:c5:47:be:76:5c:4b:58:43:85:7d:49:84:
9d:45:3d:bc:18:33:0a:d1:cf:35:29:a4:51:ee:c5:
28:b9:35:3a:14:98:e6:c4:85:ea:7f:b2:af:53:04:
35:c0:7e:7d:ea:16:3b:e9:01:bd:8d:f2:7b:35:ce:
b0:84:c3:4b:a4:f3:6f:2e:43:1d:0d:44:d6:5d:88:
a7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:4B:B3:DE:43:F8:59:03:FC:49:89:34:AC:2D:07:26:11:C8:96:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.64.0/21
Signature Algorithm: sha256WithRSAEncryption
16:61:65:b5:96:2d:b7:a1:8b:d9:2e:14:70:11:a9:77:be:aa:
81:7d:cf:7c:61:a5:38:9f:c7:d4:6a:f8:cc:63:46:37:44:fc:
bb:f2:8d:19:0a:26:56:c8:4c:83:d4:4c:fb:47:7a:c3:67:21:
c9:45:1d:96:f1:b0:c2:20:20:d1:ac:38:49:6e:75:00:8e:93:
6a:eb:9f:3e:2c:b1:f7:18:91:e8:7d:91:8f:86:42:ae:1c:c7:
ba:0a:55:f9:97:5b:a0:39:a3:25:b8:43:85:24:aa:b5:82:65:
e2:e4:71:4b:fe:e9:04:7c:f1:40:f8:2a:c2:24:04:00:c1:5e:
08:42:04:ad:fc:ab:25:44:90:f1:ee:0e:f5:ea:1c:f2:9e:da:
4c:8b:82:43:f1:aa:6b:79:86:88:fb:c9:e8:a9:d0:66:7e:fb:
34:9b:80:70:29:2c:84:42:6a:be:20:fb:d4:32:71:7e:8e:25:
8b:4e:1e:ab:b3:45:08:fd:7a:30:d4:30:05:d0:a6:de:26:4e:
24:91:df:03:20:dc:3d:2b:0b:39:ef:72:4d:06:13:86:f6:62:
d7:99:11:11:b1:7d:da:06:51:29:4e:35:65:9c:00:fe:cb:41:
96:02:b9:c9:77:46:6e:19:bc:c4:43:ad:17:a9:bb:a8:6f:f8:
5f:ad:4e:12
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYG+dv8z5uOlSaAS0fJ8cJlJA3VUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzMwMzJaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1NGYwZjQ1ODQxYjJkYTIwOTBiMzFjODdhODNhNmVlMTU4ZjE2NDIxZWEw
ODVlMGJmZWNkYzA4NmMyZmFhNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6JHndLlN4acY7wf9FQYe3NulvwjnKQSqHn3kt+gi1DYQcN6/jmleetRHfc
buq5mnYAHeuVJioOTZTNMrC6TwDdIYuUYrJrz1wLOT5gndOhxx7CTA6ZCCm+mHN2
ubmkMu9onUFjBlVUtIG3DmtsvLMUkLRIk7PGnfo9J4HDQfQR+ZEQ5OIDHq1zDvc5
8N0QXhqZHXTwec8+KnAxOgFXPMZWJB4C7mfYeF1TtW1CdbjlKYbf383ExUe+dlxL
WEOFfUmEnUU9vBgzCtHPNSmkUe7FKLk1OhSY5sSF6n+yr1MENcB+feoWO+kBvY3y
ezXOsITDS6Tzby5DHQ1E1l2Ip0ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSbS7Pe
Q/hZA/xJiTSsLQcmEciWizAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFjOTI0ZTUtYjVhNC00ZTM5LWJkOWItM2FhMDQ2MzQyMTJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JQDAN
BgkqhkiG9w0BAQsFAAOCAQEAFmFltZYtt6GL2S4UcBGpd76qgX3PfGGlOJ/H1Gr4
zGNGN0T8u/KNGQomVshMg9RM+0d6w2chyUUdlvGwwiAg0aw4SW51AI6TauufPiyx
9xiR6H2Rj4ZCrhzHugpV+ZdboDmjJbhDhSSqtYJl4uRxS/7pBHzxQPgqwiQEAMFe
CEIErfyrJUSQ8e4O9eoc8p7aTIuCQ/Gqa3mGiPvJ6KnQZn77NJuAcCkshEJqviD7
1DJxfo4li04eq7NFCP16MNQwBdCm3iZOJJHfAyDcPSsLOe9yTQYThvZi15kREbF9
2gZRKU41ZZwA/stBlgK5yXdGbhm8xEOtF6m7qG/4X61OEg==
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:54 2026 by rpki-client