Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
File: 9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa (raw, json)
Hash identifier: +i40L5Pm7b8K61ZiV+u2sAQb5EN2W++QPcDAwiR8uIQ=
Subject key identifier: FC:E9:69:01:06:4D:DA:11:79:21:2D:24:4A:C9:D3:E5:4F:EF:AC:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7851437F14A878C2FE41841BA373EFDBFDCFB280
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
Signing time: Fri 08 May 2026 03:20:55 +0000
ROA not before: Fri 08 May 2026 03:20:55 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.216.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:51:43:7f:14:a8:78:c2:fe:41:84:1b:a3:73:ef:db:fd:cf:b2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:55 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=12b51cf9be384285cc7d9fb1d5ccf96e60f253857a4a4d57d38d454f717a7ef6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6a:bc:c8:27:40:81:24:ce:86:da:7e:ad:7e:
23:f8:c7:c3:25:9b:7a:3b:9e:7e:17:40:5c:67:c9:
3b:52:90:40:de:74:cf:42:9e:af:3f:c8:49:94:88:
30:c5:0b:88:17:fb:a2:f3:cc:3d:a4:ba:70:d5:da:
ad:26:05:cc:bc:bd:71:0b:71:8f:0b:7a:45:f1:a0:
47:d7:5d:36:51:dd:53:03:f0:60:2e:0d:f5:dc:b7:
a1:31:8d:60:14:47:1d:f2:21:35:32:b9:d5:c2:b7:
09:aa:5f:ea:41:45:ac:cf:b1:d9:89:28:84:33:f8:
d7:1b:2c:8b:8f:7a:c0:d5:52:cd:b9:82:37:e7:50:
4b:c1:77:61:af:f0:74:bd:7f:20:41:64:9a:66:89:
cf:b8:27:59:71:fc:18:4e:e9:31:4a:f6:1c:55:cc:
f1:2b:1b:31:19:1d:a8:9e:c9:25:28:e3:51:8a:75:
a6:10:a6:66:85:c4:d8:29:f3:96:cc:be:0a:53:96:
3b:84:03:9a:38:d0:4d:41:52:71:43:d2:99:0b:17:
08:6e:d3:d6:4e:1e:a7:c2:d6:d9:f5:10:7d:6a:79:
63:aa:3a:9c:c7:fb:55:56:1f:ee:42:bf:6e:25:b4:
3f:5f:3f:c3:90:3c:3e:63:17:5c:4a:79:90:82:e7:
5e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E9:69:01:06:4D:DA:11:79:21:2D:24:4A:C9:D3:E5:4F:EF:AC:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.216.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:f4:00:76:f5:26:1c:59:6a:ac:67:a9:7e:72:85:46:44:61:
35:7c:cf:e2:52:d4:ea:6c:94:fb:e5:7f:26:7f:d8:ec:79:ce:
25:82:a1:28:90:31:a4:aa:20:23:54:b9:86:28:20:b2:85:c3:
d0:8e:6a:b7:e9:7f:e5:67:e1:d8:7e:f1:97:f4:47:c8:7e:4d:
d5:95:90:e1:2d:77:62:d7:7c:ae:9c:5e:4e:56:a4:5e:01:f9:
8a:9b:78:b5:97:ca:5c:c9:79:c7:7b:a8:6e:ce:4c:48:c5:78:
b2:f0:7c:02:e6:a8:e3:cd:49:19:f6:e6:f8:22:5c:27:04:cd:
6b:8e:f7:f4:82:3e:2d:e0:cf:16:76:43:20:48:39:61:d4:8a:
67:34:99:39:51:19:39:72:b4:cd:54:0c:50:9b:5f:0a:7d:5f:
83:07:31:bd:36:eb:74:e1:e5:c4:f3:02:5e:67:3e:95:a4:4a:
62:18:01:ad:9b:e9:8b:31:21:ef:b8:f6:39:cd:7a:26:a8:e1:
82:8f:dc:f0:d6:e0:fc:6b:97:6a:bb:82:e1:2d:98:d1:28:bf:
fe:32:11:df:48:85:6b:47:22:a9:66:12:7f:d4:26:43:57:5d:
98:86:3c:9a:47:9e:e1:9b:82:8e:bf:d6:4d:3b:2d:b0:07:68:
bf:65:aa:6a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeFFDfxSoeML+QYQbo3Pv2/3PsoAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwNTVaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyYjUxY2Y5YmUzODQyODVjYzdkOWZiMWQ1Y2NmOTZlNjBmMjUzODU3YTRh
NGQ1N2QzOGQ0NTRmNzE3YTdlZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJqvMgnQIEkzobafq1+I/jHwyWbejuefhdAXGfJO1KQQN50z0Kerz/ISZSI
MMULiBf7ovPMPaS6cNXarSYFzLy9cQtxjwt6RfGgR9ddNlHdUwPwYC4N9dy3oTGN
YBRHHfIhNTK51cK3Capf6kFFrM+x2YkohDP41xssi496wNVSzbmCN+dQS8F3Ya/w
dL1/IEFkmmaJz7gnWXH8GE7pMUr2HFXM8SsbMRkdqJ7JJSjjUYp1phCmZoXE2Cnz
lsy+ClOWO4QDmjjQTUFScUPSmQsXCG7T1k4ep8LW2fUQfWp5Y6o6nMf7VVYf7kK/
biW0P18/w5A8PmMXXEp5kILnXr0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT86WkB
Bk3aEXkhLSRKydPlT++srjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWI2ZWEyYzMtYzI1Yi00OTJjLTk1NDctN2M1ZGRiNzVkMTVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6J2DAN
BgkqhkiG9w0BAQsFAAOCAQEAnPQAdvUmHFlqrGepfnKFRkRhNXzP4lLU6myU++V/
Jn/Y7HnOJYKhKJAxpKogI1S5higgsoXD0I5qt+l/5Wfh2H7xl/RHyH5N1ZWQ4S13
Ytd8rpxeTlakXgH5ipt4tZfKXMl5x3uobs5MSMV4svB8Auao481JGfbm+CJcJwTN
a4739II+LeDPFnZDIEg5YdSKZzSZOVEZOXK0zVQMUJtfCn1fgwcxvTbrdOHlxPMC
Xmc+laRKYhgBrZvpizEh77j2Oc16Jqjhgo/c8Nbg/GuXaruC4S2Y0Si//jIR30iF
a0ciqWYSf9QmQ1ddmIY8mkee4ZuCjr/WTTstsAdov2Wqag==
-----END CERTIFICATE-----
Generated at Tue May 12 23:32:40 2026 by rpki-client