Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
File: 68677111-f27d-417a-8b43-a65f84482997.roa (raw, json)
Hash identifier: owrYNCljon9KkTefWBManrodIAi6DMETmWu2/dYXPtw=
Subject key identifier: 6A:50:F2:7A:8E:7A:51:64:C5:6A:5D:0A:9E:A1:AD:AC:CD:C9:5D:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15AC6D098B954876F9DC39E640567C7419F2CE92
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
Signing time: Fri 08 May 2026 03:20:10 +0000
ROA not before: Fri 08 May 2026 03:20:10 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:ac:6d:09:8b:95:48:76:f9:dc:39:e6:40:56:7c:74:19:f2:ce:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:10 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=ad5138e5ea3c4c4b53aa399174bb56b58500f26366835bc9da8501c697db88fc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:37:30:ef:c7:d2:6a:02:30:51:62:98:d1:24:
5a:29:20:22:27:df:d6:ef:5b:73:19:8b:ca:55:e2:
f7:c7:eb:bd:0d:fe:f8:dd:f0:04:f9:1e:a5:9a:94:
f9:e9:94:5c:14:5e:75:94:89:de:6c:96:28:1d:b3:
a2:b9:38:bb:36:17:29:26:1d:99:e4:ab:b2:86:f4:
59:a3:29:e9:41:cc:55:68:47:1c:8f:6f:f7:1c:54:
3c:12:ff:19:63:33:a5:b7:13:f5:4e:c5:aa:af:65:
c6:c0:f9:70:cd:34:d2:c5:55:7f:e7:ee:81:c5:fd:
2d:89:0e:4c:51:a3:6e:fa:e2:72:a9:db:29:4f:b5:
74:e8:d6:ed:2a:6c:68:5e:26:9a:e7:2b:64:68:14:
d7:c1:40:f3:3b:a3:69:10:69:04:77:08:aa:ec:08:
12:46:2d:46:54:83:25:57:9f:d7:82:fc:23:08:fd:
97:fe:3d:43:10:94:ef:91:bb:1f:ed:e3:9a:f3:f6:
e1:ad:80:6d:fc:01:81:0f:f9:a3:2d:d8:1e:b5:ac:
5e:b7:52:c5:eb:d4:ce:e5:63:9b:66:27:22:e6:04:
40:93:66:20:7d:29:7d:47:64:3c:19:50:7c:7e:3b:
c1:16:27:25:cd:9f:80:38:33:0b:1e:e6:46:f8:45:
62:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:50:F2:7A:8E:7A:51:64:C5:6A:5D:0A:9E:A1:AD:AC:CD:C9:5D:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/19
Signature Algorithm: sha256WithRSAEncryption
86:fe:a7:25:b8:46:66:a4:ff:61:68:04:32:62:0e:2e:2c:74:
e3:47:a7:17:c0:a5:8e:13:84:a4:59:12:ff:96:b1:b6:fb:1e:
c8:31:be:39:32:81:dc:c0:74:8c:a6:36:76:cd:24:61:cf:9d:
e0:19:de:a9:bf:d3:70:69:8a:1a:38:47:5b:d0:62:d0:be:4b:
72:6f:54:d6:97:07:0a:c9:32:37:5f:87:f5:3b:04:fd:9b:7d:
cd:a0:d3:55:cc:81:22:ac:5e:1a:64:9e:52:d0:6f:c5:88:78:
e6:f7:95:60:11:f7:29:6b:0b:6d:eb:fc:92:49:3b:83:d1:0b:
bf:4f:ee:98:81:3b:fe:e3:dd:cb:3b:25:38:78:89:e4:36:01:
07:ec:cd:2d:17:58:a8:25:71:f4:41:7a:aa:40:d6:22:3b:d2:
be:51:94:5b:12:53:2a:f2:ab:51:3b:9c:93:98:fe:5f:0f:26:
12:1e:13:a1:4b:87:9e:77:20:6e:89:e1:17:bb:18:69:29:5e:
6d:9e:38:8a:0a:43:83:47:b3:b9:a7:ac:3c:1a:6a:54:1a:ad:
43:78:4a:fb:44:5c:fd:ad:bd:26:3e:08:52:58:22:b2:bd:92:
cf:45:8d:53:c2:24:b3:b4:6b:6c:60:ad:5c:9f:31:d8:a7:a1:
c3:71:d8:f1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFaxtCYuVSHb53DnmQFZ8dBnyzpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMTBaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkNTEzOGU1ZWEzYzRjNGI1M2FhMzk5MTc0YmI1NmI1ODUwMGYyNjM2Njgz
NWJjOWRhODUwMWM2OTdkYjg4ZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALE3MO/H0moCMFFimNEkWikgIiff1u9bcxmLylXi98frvQ3++N3wBPkepZqU
+emUXBRedZSJ3myWKB2zork4uzYXKSYdmeSrsob0WaMp6UHMVWhHHI9v9xxUPBL/
GWMzpbcT9U7Fqq9lxsD5cM000sVVf+fugcX9LYkOTFGjbvricqnbKU+1dOjW7Sps
aF4mmucrZGgU18FA8zujaRBpBHcIquwIEkYtRlSDJVef14L8Iwj9l/49QxCU75G7
H+3jmvP24a2AbfwBgQ/5oy3YHrWsXrdSxevUzuVjm2YnIuYEQJNmIH0pfUdkPBlQ
fH47wRYnJc2fgDgzCx7mRvhFYssCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRqUPJ6
jnpRZMVqXQqeoa2szcldqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg2NzcxMTEtZjI3ZC00MTdhLThiNDMtYTY1Zjg0NDgyOTk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAhv6nJbhGZqT/YWgEMmIOLix040enF8CljhOEpFkS
/5axtvseyDG+OTKB3MB0jKY2ds0kYc+d4Bneqb/TcGmKGjhHW9Bi0L5Lcm9U1pcH
CskyN1+H9TsE/Zt9zaDTVcyBIqxeGmSeUtBvxYh45veVYBH3KWsLbev8kkk7g9EL
v0/umIE7/uPdyzslOHiJ5DYBB+zNLRdYqCVx9EF6qkDWIjvSvlGUWxJTKvKrUTuc
k5j+Xw8mEh4ToUuHnncgbonhF7sYaSlebZ44igpDg0ezuaesPBpqVBqtQ3hK+0Rc
/a29Jj4IUlgisr2Sz0WNU8Iks7RrbGCtXJ8x2Kehw3HY8Q==
-----END CERTIFICATE-----
Generated at Wed May 13 00:01:11 2026 by rpki-client