Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
File: 279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa (raw, json)
Hash identifier: 4stqIbFoXKvXrWVxN42tUdhxLwgwQMPMB47/P2Xiw3c=
Subject key identifier: FA:D4:13:7C:7C:18:0F:93:D6:38:A3:9B:FB:65:97:16:7B:0A:BD:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67F6CF093EF7A781D1A35F8CDF95F8C560E4DBF4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
Signing time: Fri 08 May 2026 03:20:37 +0000
ROA not before: Fri 08 May 2026 03:20:37 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.144.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:f6:cf:09:3e:f7:a7:81:d1:a3:5f:8c:df:95:f8:c5:60:e4:db:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:37 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=1fc5afa709aaa5774899055f2acf49db92c455d286179b1d789ce888b13fe541, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ca:75:ef:db:52:1a:4a:3e:83:c5:0d:4a:f6:
4b:1d:55:69:47:41:84:61:2d:01:37:a2:f9:09:be:
0a:8f:f4:d2:6e:72:48:bb:05:03:37:a2:84:ed:8c:
6c:16:3f:b1:0e:f8:5a:4f:30:f5:a9:f8:49:41:d2:
e1:c2:73:e5:fa:6d:9c:7e:8c:57:ec:82:5e:aa:be:
27:50:a4:1b:57:79:96:71:dc:19:3c:ee:43:c7:75:
84:d5:24:e1:32:4f:fb:44:ba:5b:7c:81:73:88:81:
7f:91:ad:42:20:34:9c:32:74:3d:ca:f3:a2:ff:34:
a9:c5:62:88:2b:ad:72:aa:6d:44:db:55:56:96:e8:
57:8c:1d:2f:10:cc:69:d4:38:51:b9:7e:06:fe:07:
ba:d6:90:e0:5d:4d:3e:76:9c:75:34:64:0c:90:6b:
8e:be:34:87:9e:f6:70:57:fa:e1:94:60:2e:eb:7b:
50:47:79:24:21:b0:bf:c3:82:37:7f:71:2a:70:9b:
0d:9d:2a:2a:32:d6:f2:32:b0:72:31:98:ea:0a:20:
02:b0:fc:42:9d:49:7d:21:77:f1:cb:cc:32:20:b1:
6a:96:8a:bd:bb:d5:13:68:8c:6c:e0:53:36:c9:a1:
a2:a9:b9:51:03:fe:36:81:a8:4c:e4:42:2c:51:94:
28:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D4:13:7C:7C:18:0F:93:D6:38:A3:9B:FB:65:97:16:7B:0A:BD:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.144.0/21
Signature Algorithm: sha256WithRSAEncryption
94:b8:fd:e4:15:e9:9c:74:24:da:81:6b:aa:6a:1e:51:13:34:
8a:7b:2b:49:14:6e:24:02:b8:02:f0:7b:16:96:b6:9d:2c:6a:
67:70:74:77:98:4d:9e:da:bc:47:9c:f1:f2:5f:1c:28:0b:39:
cf:c5:ad:dd:cf:32:6f:04:e3:4a:d8:a1:00:a2:b4:a7:e6:10:
51:4f:1b:63:ec:b3:c6:b9:cd:74:34:e5:68:08:6d:75:80:ff:
a1:30:c7:a1:68:57:13:4d:d1:7f:22:62:d0:69:3f:63:e0:e0:
19:fc:ee:78:d6:70:f4:cd:44:dc:c6:d0:99:32:d3:ec:d6:15:
1d:3b:55:2d:74:c6:bf:09:65:c6:b0:db:e9:de:38:2b:cf:b5:
84:7c:0b:c1:71:e1:0a:c5:cc:89:2d:fd:81:1b:ca:f9:2c:eb:
0c:79:77:88:5b:62:62:e0:c1:59:27:10:05:63:73:5e:24:0b:
28:b4:57:80:c7:7e:d9:eb:1a:07:f0:5b:68:50:c7:76:af:39:
63:bc:97:32:f8:5a:8c:95:96:dd:c9:55:9e:10:71:de:e5:a7:
44:4c:10:0a:dd:62:17:c9:55:c7:32:0d:ee:2c:96:df:02:99:
3b:04:54:09:c3:aa:f0:33:b8:6b:6e:5f:85:1a:e8:fd:d9:9b:
5e:e1:b1:cb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZ/bPCT73p4HRo1+M35X4xWDk2/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMzdaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmYzVhZmE3MDlhYWE1Nzc0ODk5MDU1ZjJhY2Y0OWRiOTJjNDU1ZDI4NjE3
OWIxZDc4OWNlODg4YjEzZmU1NDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAObKde/bUhpKPoPFDUr2Sx1VaUdBhGEtATei+Qm+Co/00m5ySLsFAzeihO2M
bBY/sQ74Wk8w9an4SUHS4cJz5fptnH6MV+yCXqq+J1CkG1d5lnHcGTzuQ8d1hNUk
4TJP+0S6W3yBc4iBf5GtQiA0nDJ0Pcrzov80qcViiCutcqptRNtVVpboV4wdLxDM
adQ4Ubl+Bv4HutaQ4F1NPnacdTRkDJBrjr40h572cFf64ZRgLut7UEd5JCGwv8OC
N39xKnCbDZ0qKjLW8jKwcjGY6gogArD8Qp1JfSF38cvMMiCxapaKvbvVE2iMbOBT
Nsmhoqm5UQP+NoGoTORCLFGUKEsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT61BN8
fBgPk9Y4o5v7ZZcWewq9wTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc5ZGE5ZDYtMTBjMi00ZmQ1LTlkNzUtMGE5NjNjMjljOGQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JkDAN
BgkqhkiG9w0BAQsFAAOCAQEAlLj95BXpnHQk2oFrqmoeURM0insrSRRuJAK4AvB7
Fpa2nSxqZ3B0d5hNntq8R5zx8l8cKAs5z8Wt3c8ybwTjStihAKK0p+YQUU8bY+yz
xrnNdDTlaAhtdYD/oTDHoWhXE03RfyJi0Gk/Y+DgGfzueNZw9M1E3MbQmTLT7NYV
HTtVLXTGvwllxrDb6d44K8+1hHwLwXHhCsXMiS39gRvK+SzrDHl3iFtiYuDBWScQ
BWNzXiQLKLRXgMd+2esaB/BbaFDHdq85Y7yXMvhajJWW3clVnhBx3uWnREwQCt1i
F8lVxzIN7iyW3wKZOwRUCcOq8DO4a25fhRro/dmbXuGxyw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:14 2026 by rpki-client