Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
File: 46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa (raw, json)
Hash identifier: MUtu9OAHXn2VOBEohIJIChOkK2OC72g0WuSymB9ZGi4=
Subject key identifier: E8:D7:76:F2:43:97:FF:8A:22:1F:9C:97:D4:60:80:7E:79:76:61:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C92647C974F9C7DBEA56B7EEF94287439F774DC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
Signing time: Fri 08 May 2026 03:21:12 +0000
ROA not before: Fri 08 May 2026 03:21:12 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:92:64:7c:97:4f:9c:7d:be:a5:6b:7e:ef:94:28:74:39:f7:74:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:21:12 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=96144f5c7dbd922d576df1780e30a3900c7e2a7474978566605d0277665dfafd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:80:76:81:b1:70:4f:9f:5a:5f:a6:b2:e1:bf:
1c:84:f6:c4:3e:92:88:87:56:aa:ce:bb:ad:11:25:
a0:c4:8b:9f:d5:c8:84:70:03:31:f6:c9:4c:a0:c7:
6f:23:eb:78:c8:a5:a2:3c:f3:d1:62:da:66:e1:7c:
bb:ac:b4:82:5d:bc:00:a1:1c:3d:d1:ea:37:b0:72:
24:e4:09:5c:d0:55:6b:b8:fd:43:68:68:d7:e9:6f:
66:f4:a1:51:71:44:05:8a:ef:aa:a7:17:5b:19:09:
f8:ed:14:60:e0:d0:cb:3b:fa:3f:3f:77:b4:da:7c:
a6:f0:71:05:be:3b:94:cd:a9:a4:72:d2:6a:26:46:
56:f2:72:26:7e:56:fd:7e:b0:e2:e9:d3:e3:f2:64:
14:41:8c:67:01:99:5c:f8:85:f9:e3:42:10:1a:3d:
3f:c8:15:22:69:87:2e:9c:e9:bd:a8:2d:f3:1a:56:
d3:e0:2f:58:86:6e:65:cd:b5:03:95:87:6d:bb:ca:
c3:18:55:26:96:86:85:7c:69:e0:93:67:1d:05:9f:
9c:4a:ca:0e:5d:88:16:a7:62:d0:18:ad:e8:ce:60:
dc:78:1a:41:54:f5:dd:a8:57:50:a2:de:7f:21:4d:
43:7c:c7:28:56:dd:74:20:a2:07:2d:91:ae:1e:27:
85:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D7:76:F2:43:97:FF:8A:22:1F:9C:97:D4:60:80:7E:79:76:61:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.224.0/19
Signature Algorithm: sha256WithRSAEncryption
49:48:57:e8:a5:92:84:02:cd:16:e2:de:05:60:f7:c7:25:63:
f0:03:d8:52:62:8a:9e:20:18:a5:e7:28:5b:27:98:ea:2c:0b:
13:c8:5f:36:2e:20:ff:1c:94:13:b7:6d:10:10:ae:28:a8:c2:
cf:5d:9f:10:3d:6f:d6:86:7e:c6:2b:89:6c:5a:b4:04:68:cd:
79:5f:85:da:a2:1e:6c:5e:c5:8d:37:8f:14:f7:68:ed:58:65:
c6:ab:49:e6:8d:09:0f:1d:a9:9b:2f:9c:4f:3f:47:27:e6:21:
83:ea:a4:14:af:98:74:4f:a4:b8:e7:d8:be:2a:76:e6:a9:d8:
85:1d:ac:f3:19:70:57:e6:50:0b:50:9d:a0:43:47:52:0b:d1:
3c:58:02:80:22:07:d3:09:21:81:25:9f:b8:8a:c3:e4:22:08:
40:6a:37:d9:ef:20:56:60:95:0c:33:68:5a:42:e8:a6:79:25:
e5:46:a3:3f:2f:97:6d:92:c5:28:8f:e2:38:1f:81:ca:e1:5c:
6d:41:84:9a:1c:87:82:6c:16:85:42:b2:50:a5:1b:92:ef:75:
b9:47:c0:ab:96:83:ef:0a:d3:7d:82:53:a8:db:f6:87:6a:ac:
f3:cc:87:d1:db:c2:d5:31:bb:1c:c5:43:9d:b2:9e:0e:50:cf:
7e:27:8f:98
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfJJkfJdPnH2+pWt+75QodDn3dNwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIxMTJaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2MTQ0ZjVjN2RiZDkyMmQ1NzZkZjE3ODBlMzBhMzkwMGM3ZTJhNzQ3NDk3
ODU2NjYwNWQwMjc3NjY1ZGZhZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJqAdoGxcE+fWl+msuG/HIT2xD6SiIdWqs67rREloMSLn9XIhHADMfbJTKDH
byPreMilojzz0WLaZuF8u6y0gl28AKEcPdHqN7ByJOQJXNBVa7j9Q2ho1+lvZvSh
UXFEBYrvqqcXWxkJ+O0UYODQyzv6Pz93tNp8pvBxBb47lM2ppHLSaiZGVvJyJn5W
/X6w4unT4/JkFEGMZwGZXPiF+eNCEBo9P8gVImmHLpzpvagt8xpW0+AvWIZuZc21
A5WHbbvKwxhVJpaGhXxp4JNnHQWfnErKDl2IFqdi0Bit6M5g3HgaQVT13ahXUKLe
fyFNQ3zHKFbddCCiBy2Rrh4nhTECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTo13by
Q5f/iiIfnJfUYIB+eXZh9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDZhMjFmZjgtNGRlYS00ZGE0LWEyNzYtNmI0MjRkNGUzYmVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6J4DAN
BgkqhkiG9w0BAQsFAAOCAQEASUhX6KWShALNFuLeBWD3xyVj8APYUmKKniAYpeco
WyeY6iwLE8hfNi4g/xyUE7dtEBCuKKjCz12fED1v1oZ+xiuJbFq0BGjNeV+F2qIe
bF7FjTePFPdo7VhlxqtJ5o0JDx2pmy+cTz9HJ+Yhg+qkFK+YdE+kuOfYvip25qnY
hR2s8xlwV+ZQC1CdoENHUgvRPFgCgCIH0wkhgSWfuIrD5CIIQGo32e8gVmCVDDNo
WkLopnkl5UajPy+XbZLFKI/iOB+ByuFcbUGEmhyHgmwWhUKyUKUbku91uUfAq5aD
7wrTfYJTqNv2h2qs88yH0dvC1TG7HMVDnbKeDlDPfiePmA==
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:23 2026 by rpki-client