Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
File: 6e1e6e69-6595-40ff-9430-d53f22670630.roa (raw, json)
Hash identifier: 7Fd+/DMJRxkOCohEGH8iwOA5Mtgsr1KbbGbWWWhOri8=
Subject key identifier: 6D:E2:13:98:60:11:8D:BF:0E:D1:B4:84:E7:52:AA:57:C4:96:C1:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1EA3003227A9DDCB8126CB5B6B2E472181F8E6E6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
Signing time: Fri 08 May 2026 03:30:09 +0000
ROA not before: Fri 08 May 2026 03:30:09 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.72.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:a3:00:32:27:a9:dd:cb:81:26:cb:5b:6b:2e:47:21:81:f8:e6:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:30:09 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=f9c69975cb3db75a0d322b11b650b91010a64f140edd9a93995322527796e380, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:ed:7f:1c:d4:5e:0c:de:fd:84:b5:c0:df:89:
61:aa:06:7c:ad:ba:0c:3a:ea:41:db:a2:15:c7:e7:
b9:14:eb:50:bc:df:90:df:72:1f:15:04:55:4c:41:
5f:57:eb:96:c5:82:78:de:da:20:4a:44:1f:e5:79:
8e:50:50:f7:57:aa:32:db:3e:a4:ad:ab:e2:47:37:
80:83:e5:0d:7f:ba:7a:11:f6:2f:36:9f:0f:7c:53:
78:d6:bb:37:82:be:91:bc:9f:58:2d:c9:6c:e3:e0:
aa:37:b0:8c:1a:c8:4c:85:65:25:52:5a:df:8e:3f:
ee:a3:38:53:df:d9:46:46:13:1e:8c:42:09:a5:f8:
aa:e2:fd:0c:6c:0d:aa:43:7c:c2:3d:86:94:30:29:
e5:44:56:51:fc:78:03:ee:01:0c:b6:04:d5:d0:3f:
47:57:70:29:86:15:68:52:04:1b:87:09:1d:86:8a:
e3:63:a4:dc:c0:91:32:f1:ec:d8:62:fe:84:8c:84:
76:12:7c:5b:f9:37:00:cd:48:de:89:17:22:27:04:
95:a6:f1:6f:7c:ec:15:44:c7:66:5d:ec:f2:ff:e8:
48:8f:d2:97:d6:a2:93:8f:3e:29:2f:dd:d3:b9:b8:
7d:62:60:12:c2:87:fc:87:20:1f:e3:16:7f:4f:0f:
60:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E2:13:98:60:11:8D:BF:0E:D1:B4:84:E7:52:AA:57:C4:96:C1:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.72.0/21
Signature Algorithm: sha256WithRSAEncryption
20:ae:e6:2b:74:8e:0e:c5:43:cb:57:b3:c0:ba:a1:15:22:b1:
15:f3:9d:71:79:61:62:53:61:71:85:03:ac:d7:54:32:02:43:
2e:37:d4:f3:e1:e5:24:05:4c:49:ef:8a:1e:40:44:0b:b7:ff:
61:c7:46:f9:fb:f3:58:4a:9e:e6:a8:22:02:ad:12:73:00:4b:
07:03:79:13:4c:c8:74:04:18:0a:5b:ad:46:6a:81:75:47:c8:
63:d8:de:f6:59:39:3f:26:0f:87:23:6a:5b:bd:5f:1f:f4:96:
97:2a:3a:8b:ae:b6:4a:dd:28:50:29:af:35:c3:87:bd:88:af:
29:4a:25:53:12:70:02:6b:f5:19:ed:6e:f5:6f:1a:82:29:99:
e9:68:24:ab:59:d4:f5:99:f3:d5:99:2e:d7:a3:fd:4d:b6:91:
df:74:99:67:97:89:bb:b3:fa:90:72:69:e2:8a:50:b2:6a:0f:
db:1a:4c:3d:c6:22:62:be:70:f4:c2:12:4a:10:f6:d2:07:a0:
ba:b2:c9:6a:fa:71:be:ff:9c:46:03:cd:54:34:90:c9:96:3a:
ba:09:b8:6a:66:ed:5d:2d:c9:93:5b:86:ad:05:f0:c2:c7:bf:
ab:2d:23:f9:a0:b5:59:4f:eb:c0:d6:89:40:e1:5c:a8:be:e2:
44:14:8a:d5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHqMAMiep3cuBJstbay5HIYH45uYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzMwMDlaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5YzY5OTc1Y2IzZGI3NWEwZDMyMmIxMWI2NTBiOTEwMTBhNjRmMTQwZWRk
OWE5Mzk5NTMyMjUyNzc5NmUzODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAP3tfxzUXgze/YS1wN+JYaoGfK26DDrqQduiFcfnuRTrULzfkN9yHxUEVUxB
X1frlsWCeN7aIEpEH+V5jlBQ91eqMts+pK2r4kc3gIPlDX+6ehH2LzafD3xTeNa7
N4K+kbyfWC3JbOPgqjewjBrITIVlJVJa344/7qM4U9/ZRkYTHoxCCaX4quL9DGwN
qkN8wj2GlDAp5URWUfx4A+4BDLYE1dA/R1dwKYYVaFIEG4cJHYaK42Ok3MCRMvHs
2GL+hIyEdhJ8W/k3AM1I3okXIicElabxb3zsFUTHZl3s8v/oSI/Sl9aik48+KS/d
07m4fWJgEsKH/IcgH+MWf08PYIECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRt4hOY
YBGNvw7RtITnUqpXxJbBdjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUxZTZlNjktNjU5NS00MGZmLTk0MzAtZDUzZjIyNjcwNjMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JSDAN
BgkqhkiG9w0BAQsFAAOCAQEAIK7mK3SODsVDy1ezwLqhFSKxFfOdcXlhYlNhcYUD
rNdUMgJDLjfU8+HlJAVMSe+KHkBEC7f/YcdG+fvzWEqe5qgiAq0ScwBLBwN5E0zI
dAQYClutRmqBdUfIY9je9lk5PyYPhyNqW71fH/SWlyo6i662St0oUCmvNcOHvYiv
KUolUxJwAmv1Ge1u9W8agimZ6Wgkq1nU9Znz1Zku16P9TbaR33SZZ5eJu7P6kHJp
4opQsmoP2xpMPcYiYr5w9MISShD20gegurLJavpxvv+cRgPNVDSQyZY6ugm4ambt
XS3Jk1uGrQXwwse/qy0j+aC1WU/rwNaJQOFcqL7iRBSK1Q==
-----END CERTIFICATE-----
Generated at Tue May 12 22:57:44 2026 by rpki-client