Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
File: 9c3be55c-de0f-4901-938e-229a296fa31f.roa (raw, json)
Hash identifier: VFYWOklQ9HWLCpOxWMMs36ZgNSx7cAJxLo8BUndMDjs=
Subject key identifier: BB:3D:45:D1:46:62:7F:59:47:6A:0A:00:43:BB:3F:3E:B9:8D:52:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37EB46746BE3253B59E05DA57AEBC70EF9B987CD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
Signing time: Fri 08 May 2026 03:20:38 +0000
ROA not before: Fri 08 May 2026 03:20:38 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.168.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:eb:46:74:6b:e3:25:3b:59:e0:5d:a5:7a:eb:c7:0e:f9:b9:87:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:38 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=be6a162a6f119e9ff0e55f558b28ea670f2098790554060b9bc0d51ab59a1b2c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1e:4a:3f:9c:51:8e:54:64:10:64:cc:1b:35:
e1:7b:81:ad:cc:65:9e:49:94:88:77:79:92:32:3a:
88:f1:32:bc:0a:e5:92:11:55:86:5c:e1:d9:c9:0d:
a9:7e:c5:87:f3:ae:7d:cc:72:66:ec:ba:4d:3b:e4:
b0:35:d6:a0:60:4b:64:21:a8:7c:07:97:84:c7:a8:
5f:c9:4b:1c:09:d7:c2:2c:69:42:b4:af:24:41:83:
91:b5:d8:c6:09:db:3f:4e:68:17:e9:fc:55:c8:16:
30:9d:71:d1:e7:95:5c:e6:f9:d9:75:94:d6:08:85:
2e:1f:50:d8:41:2a:c4:01:d0:12:e7:c9:6a:c9:f5:
ea:01:dc:8e:90:62:ee:7a:23:30:44:30:ff:21:2c:
04:da:04:dd:7a:b6:71:a9:6e:ab:2e:49:01:64:70:
3a:2a:13:86:83:c1:1d:92:15:c1:d5:cf:51:5d:91:
30:4f:64:36:75:28:b3:de:f1:cf:92:0f:4a:eb:51:
29:24:87:74:fb:bb:c4:c1:0a:a2:e4:b0:2b:2a:dd:
0b:36:71:38:53:1d:ff:10:cc:18:0e:66:e6:d4:06:
48:dc:b7:b4:01:06:54:6e:0d:98:17:18:49:ad:dd:
0e:8a:b9:32:f3:3f:15:52:04:5f:6e:6b:b0:5f:c8:
6d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:3D:45:D1:46:62:7F:59:47:6A:0A:00:43:BB:3F:3E:B9:8D:52:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.168.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:d3:6d:b1:25:a9:9a:4b:35:3b:00:24:8b:2e:29:b3:9e:bb:
18:52:8e:ba:e7:30:cb:95:8d:86:96:7c:c3:48:fc:46:c8:0e:
a9:97:3d:af:ca:b0:9c:01:72:b6:35:4e:5e:e4:ae:f3:89:5b:
fc:f2:b9:39:31:e0:f9:df:f5:7b:42:dc:3a:55:1a:e9:2e:65:
ea:02:60:42:89:26:4a:6f:01:ea:8e:80:af:a3:46:3e:1c:dc:
0c:59:a5:de:71:eb:e1:f8:76:76:a1:ed:ae:ca:ec:77:a9:40:
5f:1b:8b:cc:18:82:3b:fb:da:ed:86:79:7b:e9:09:73:3e:7e:
75:3a:15:a0:ea:bf:d1:c6:dc:8c:7e:d6:2e:41:bc:77:44:58:
d1:2f:27:dc:4a:8f:53:f3:45:4f:10:38:6d:14:bd:7e:fd:84:
00:b8:8e:f0:fb:24:0e:d6:18:21:65:49:da:69:30:90:86:75:
e1:c0:c6:76:2e:a4:b9:d7:19:eb:2d:7c:f3:a0:32:2a:a1:45:
cf:91:5d:da:50:a2:ef:30:60:84:19:af:e3:65:ab:71:56:43:
45:7c:0e:90:47:c3:6d:0b:98:ee:c8:8f:85:cc:d9:d6:a5:af:
e2:a2:e1:75:cb:3c:a2:8e:5f:d0:47:68:60:2d:70:78:33:42:
47:a2:97:16
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUN+tGdGvjJTtZ4F2leuvHDvm5h80wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMzhaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlNmExNjJhNmYxMTllOWZmMGU1NWY1NThiMjhlYTY3MGYyMDk4NzkwNTU0
MDYwYjliYzBkNTFhYjU5YTFiMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4eSj+cUY5UZBBkzBs14XuBrcxlnkmUiHd5kjI6iPEyvArlkhFVhlzh2ckN
qX7Fh/OufcxyZuy6TTvksDXWoGBLZCGofAeXhMeoX8lLHAnXwixpQrSvJEGDkbXY
xgnbP05oF+n8VcgWMJ1x0eeVXOb52XWU1giFLh9Q2EEqxAHQEufJasn16gHcjpBi
7nojMEQw/yEsBNoE3Xq2caluqy5JAWRwOioThoPBHZIVwdXPUV2RME9kNnUos97x
z5IPSutRKSSHdPu7xMEKouSwKyrdCzZxOFMd/xDMGA5m5tQGSNy3tAEGVG4NmBcY
Sa3dDoq5MvM/FVIEX25rsF/Ibd8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS7PUXR
RmJ/WUdqCgBDuz8+uY1SpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWMzYmU1NWMtZGUwZi00OTAxLTkzOGUtMjI5YTI5NmZhMzFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS6JqDAN
BgkqhkiG9w0BAQsFAAOCAQEADtNtsSWpmks1OwAkiy4ps567GFKOuucwy5WNhpZ8
w0j8RsgOqZc9r8qwnAFytjVOXuSu84lb/PK5OTHg+d/1e0LcOlUa6S5l6gJgQokm
Sm8B6o6Ar6NGPhzcDFml3nHr4fh2dqHtrsrsd6lAXxuLzBiCO/va7YZ5e+kJcz5+
dToVoOq/0cbcjH7WLkG8d0RY0S8n3EqPU/NFTxA4bRS9fv2EALiO8PskDtYYIWVJ
2mkwkIZ14cDGdi6kudcZ6y1886AyKqFFz5Fd2lCi7zBghBmv42WrcVZDRXwOkEfD
bQuY7siPhczZ1qWv4qLhdcs8oo5f0EdoYC1weDNCR6KXFg==
-----END CERTIFICATE-----
Generated at Wed May 13 00:37:53 2026 by rpki-client