Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
File: 9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa (raw, json)
Hash identifier: pV6H1y+Ue7GqTrYIlDqPOmy0KK0YWD/2vGA1NBFZRB4=
Subject key identifier: 60:3A:7B:5E:1E:B9:AA:AD:2B:E8:B8:F9:B7:0C:44:6C:A6:6C:23:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13CCB8C4842062FD4B7C9171BAC34FC83AD23871
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
Signing time: Fri 08 May 2026 03:21:16 +0000
ROA not before: Fri 08 May 2026 03:21:16 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:cc:b8:c4:84:20:62:fd:4b:7c:91:71:ba:c3:4f:c8:3a:d2:38:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:21:16 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=b88d8554cc670bd31a57e777a8dd183e300dca12f3d2787264dd30379d6a8062, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:09:48:b7:f5:26:89:52:58:97:15:34:66:95:
71:18:5e:34:ee:e9:df:5a:af:7c:85:36:14:b1:66:
48:6b:75:41:ae:94:14:ef:7c:99:43:7b:bb:fc:be:
4d:6f:97:b5:b5:31:97:36:de:08:a1:b0:7b:0f:31:
c0:82:45:3e:62:7e:e0:8a:5c:5a:a7:49:f1:b8:0a:
d1:66:2f:58:87:d1:a6:e5:0d:68:90:86:e9:dd:39:
27:86:fc:00:7d:10:00:b0:99:5a:af:9d:d1:56:2a:
c3:55:17:27:0e:37:d3:a5:09:97:45:df:27:d7:e0:
8f:8b:4d:30:5d:d0:e8:6d:b4:0d:c1:17:b1:be:ab:
49:1b:9b:5a:9a:c3:e8:6a:0b:23:b2:b2:5c:c0:a9:
e9:a0:70:76:42:83:3d:e0:c7:4f:20:f5:b9:f5:18:
3d:31:88:32:14:b1:91:0f:a7:b2:59:da:88:f7:36:
6d:af:89:88:e1:f2:04:b9:8d:50:62:c5:79:f6:c3:
95:53:01:9d:f0:18:59:31:35:f1:f3:d9:0a:4c:c3:
e9:6a:24:77:ae:4c:93:40:7c:b5:a5:0a:25:57:57:
3a:bc:b0:81:8d:f2:b8:cc:9d:00:1b:3d:f2:25:c2:
8e:bf:aa:fb:95:65:f5:a7:8c:b2:ca:48:3d:92:12:
32:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:3A:7B:5E:1E:B9:AA:AD:2B:E8:B8:F9:B7:0C:44:6C:A6:6C:23:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/21
Signature Algorithm: sha256WithRSAEncryption
3a:1d:d3:70:58:dc:72:6c:22:6e:66:82:e2:f6:9b:4f:a0:92:
89:af:97:66:c5:e1:81:79:ae:78:0c:73:be:ff:5e:64:38:be:
47:39:f5:ee:54:70:b9:be:f5:bf:d0:83:b3:57:70:ee:b7:36:
70:82:a6:12:41:ec:16:85:52:96:45:e7:63:e4:80:ab:a3:76:
09:cd:34:b8:e1:77:0a:8e:ef:62:d2:bc:63:08:78:16:d1:86:
35:44:d8:fb:83:df:b8:12:15:39:b2:d5:da:00:58:47:19:8b:
07:57:cb:00:be:88:4e:18:b9:7c:97:29:4a:6d:f8:b4:cc:72:
75:df:5b:74:45:ef:6a:a8:df:0e:e2:71:2e:90:f3:75:60:aa:
8c:9e:12:94:6d:b4:5f:e2:51:31:c7:52:79:5c:40:00:72:9a:
55:bf:62:70:d3:b9:42:1b:98:16:a8:0c:46:0a:ab:c7:d5:23:
d2:bd:a9:24:1c:3a:33:dd:cf:1b:27:b3:01:15:fb:4a:6e:2b:
f3:78:03:87:b2:78:06:06:a5:e8:59:16:f2:60:fe:66:17:1c:
b3:15:fd:94:c6:aa:99:fe:50:7b:ef:ba:23:51:f7:d5:96:3a:
50:7a:ee:95:4c:13:5e:a7:41:cf:4c:b5:15:1a:03:9d:14:ff:
12:e3:c4:78
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUE8y4xIQgYv1LfJFxusNPyDrSOHEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIxMTZaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4OGQ4NTU0Y2M2NzBiZDMxYTU3ZTc3N2E4ZGQxODNlMzAwZGNhMTJmM2Qy
Nzg3MjY0ZGQzMDM3OWQ2YTgwNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMJSLf1JolSWJcVNGaVcRheNO7p31qvfIU2FLFmSGt1Qa6UFO98mUN7u/y+
TW+XtbUxlzbeCKGwew8xwIJFPmJ+4IpcWqdJ8bgK0WYvWIfRpuUNaJCG6d05J4b8
AH0QALCZWq+d0VYqw1UXJw4306UJl0XfJ9fgj4tNMF3Q6G20DcEXsb6rSRubWprD
6GoLI7KyXMCp6aBwdkKDPeDHTyD1ufUYPTGIMhSxkQ+nslnaiPc2ba+JiOHyBLmN
UGLFefbDlVMBnfAYWTE18fPZCkzD6Wokd65Mk0B8taUKJVdXOrywgY3yuMydABs9
8iXCjr+q+5Vl9aeMsspIPZISMukCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRgOnte
HrmqrSvouPm3DERspmwjvzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTgzNGExMmEtYTVkOS00Y2FhLWFlMDktYjFlMzMyMzU5NmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAOh3TcFjccmwibmaC4vabT6CSia+XZsXhgXmueAxz
vv9eZDi+Rzn17lRwub71v9CDs1dw7rc2cIKmEkHsFoVSlkXnY+SAq6N2Cc00uOF3
Co7vYtK8Ywh4FtGGNUTY+4PfuBIVObLV2gBYRxmLB1fLAL6IThi5fJcpSm34tMxy
dd9bdEXvaqjfDuJxLpDzdWCqjJ4SlG20X+JRMcdSeVxAAHKaVb9icNO5QhuYFqgM
Rgqrx9Uj0r2pJBw6M93PGyezARX7Sm4r83gDh7J4Bgal6FkW8mD+ZhccsxX9lMaq
mf5Qe++6I1H31ZY6UHrulUwTXqdBz0y1FRoDnRT/EuPEeA==
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:28 2026 by rpki-client