Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
File: b1697edb-eb6c-486d-a5cc-c22724b14f96.roa (raw, json)
Hash identifier: gHkNetMJlNH+0bW2CaEMBRzscEl+X3nC07h2iLXwh84=
Subject key identifier: 95:21:7F:E9:24:31:DA:88:5B:DC:78:70:62:74:6F:31:34:B5:B7:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15AA0C116EF7EC3A33E021F5C5FCF01DD300C121
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
Signing time: Fri 08 May 2026 03:20:36 +0000
ROA not before: Fri 08 May 2026 03:20:36 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:aa:0c:11:6e:f7:ec:3a:33:e0:21:f5:c5:fc:f0:1d:d3:00:c1:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:36 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=890987e3bb964e497967b929ffdb18ee291a340a64b47acaef0e377bba65b803, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:53:e5:23:89:f1:76:e3:c6:96:09:80:cf:1c:
30:8c:61:7b:7f:94:9c:e5:e1:f2:07:33:bd:02:18:
75:05:52:2c:65:cc:b5:6e:a3:81:76:cc:6f:58:97:
5d:ef:f2:ef:44:21:0f:32:cd:b3:cd:a3:0f:b8:49:
00:66:57:d3:23:7f:e1:e8:82:ae:e3:85:77:d0:3b:
a0:88:dc:22:68:5a:80:74:22:d0:de:30:62:68:41:
bf:f5:af:50:f5:2b:c1:92:9a:fb:55:48:4b:76:37:
d2:58:cb:30:64:dc:4e:28:69:5a:28:a8:01:9a:1c:
24:07:1e:20:7d:e0:f2:cb:9c:c3:bb:e7:d8:bc:10:
26:dd:69:1f:ca:5a:ca:1d:5c:a9:6e:0f:25:bf:2f:
ac:ff:63:46:4c:25:be:a5:f6:72:41:59:bf:2c:d3:
95:a7:ab:35:03:fa:9f:a2:92:f4:b2:ac:5b:12:3d:
85:51:c5:a9:fa:b2:04:97:8a:87:59:1b:77:cf:0c:
72:e1:fe:45:d0:09:c1:79:70:b3:26:14:96:04:00:
26:0c:7e:64:ff:1b:64:b5:48:98:26:93:f6:60:30:
1c:2e:34:3f:e0:f6:09:c1:0c:fb:87:70:92:9d:f4:
14:92:3b:0c:36:c9:c7:a0:93:ed:30:78:42:e9:e3:
d9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:21:7F:E9:24:31:DA:88:5B:DC:78:70:62:74:6F:31:34:B5:B7:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.170.0/24
Signature Algorithm: sha256WithRSAEncryption
77:72:da:fd:2c:8e:65:c8:18:cd:11:9f:c4:59:f8:56:25:81:
2f:8a:88:54:61:ba:bc:fb:9c:e1:4a:99:35:72:48:7a:55:f4:
ea:72:34:0e:1c:8f:4d:07:34:c6:e1:2c:4c:4b:8f:2e:1c:6e:
d7:8a:1b:c1:13:0a:5b:14:3d:4c:1d:1f:b4:9c:bf:dd:43:2a:
ed:71:41:04:a1:92:17:05:ee:08:11:8a:6e:60:ca:ac:5f:63:
0a:ac:0c:f3:15:73:b0:6b:22:35:1a:75:e0:8c:88:18:f0:8c:
6b:a0:39:47:1e:47:7e:a7:c7:d0:9c:f7:9d:d8:40:5a:19:b0:
9d:eb:00:0d:cc:ae:27:57:2f:5c:03:8b:1c:1c:88:8d:16:8e:
33:ea:0e:55:d7:eb:37:2c:52:9a:b6:0b:df:f2:f4:2f:16:9d:
be:e4:68:13:74:26:14:55:e4:49:b7:f0:16:22:67:12:a7:34:
b5:53:e5:f3:ed:dc:d1:9c:3f:c7:3d:0b:5c:e9:52:d7:f7:c1:
ec:d8:48:18:a7:31:c5:57:19:a6:22:1e:03:3b:a1:cb:f8:f2:
f7:fb:2e:2d:b5:ed:c5:33:ac:72:52:b1:f8:3d:68:bf:80:2b:
de:b2:1b:ca:c5:47:a7:26:9b:3b:06:ec:b3:f7:62:ad:a4:d2:
cb:9d:59:87
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFaoMEW737Doz4CH1xfzwHdMAwSEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMzZaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5MDk4N2UzYmI5NjRlNDk3OTY3YjkyOWZmZGIxOGVlMjkxYTM0MGE2NGI0
N2FjYWVmMGUzNzdiYmE2NWI4MDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZT5SOJ8XbjxpYJgM8cMIxhe3+UnOXh8gczvQIYdQVSLGXMtW6jgXbMb1iX
Xe/y70QhDzLNs82jD7hJAGZX0yN/4eiCruOFd9A7oIjcImhagHQi0N4wYmhBv/Wv
UPUrwZKa+1VIS3Y30ljLMGTcTihpWiioAZocJAceIH3g8sucw7vn2LwQJt1pH8pa
yh1cqW4PJb8vrP9jRkwlvqX2ckFZvyzTlaerNQP6n6KS9LKsWxI9hVHFqfqyBJeK
h1kbd88McuH+RdAJwXlwsyYUlgQAJgx+ZP8bZLVImCaT9mAwHC40P+D2CcEM+4dw
kp30FJI7DDbJx6CT7TB4Qunj2acCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSVIX/p
JDHaiFvceHBidG8xNLW3ijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE2OTdlZGItZWI2Yy00ODZkLWE1Y2MtYzIyNzI0YjE0Zjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC6JqjAN
BgkqhkiG9w0BAQsFAAOCAQEAd3La/SyOZcgYzRGfxFn4ViWBL4qIVGG6vPuc4UqZ
NXJIelX06nI0DhyPTQc0xuEsTEuPLhxu14obwRMKWxQ9TB0ftJy/3UMq7XFBBKGS
FwXuCBGKbmDKrF9jCqwM8xVzsGsiNRp14IyIGPCMa6A5Rx5HfqfH0Jz3ndhAWhmw
nesADcyuJ1cvXAOLHByIjRaOM+oOVdfrNyxSmrYL3/L0LxadvuRoE3QmFFXkSbfw
FiJnEqc0tVPl8+3c0Zw/xz0LXOlS1/fB7NhIGKcxxVcZpiIeAzuhy/jy9/suLbXt
xTOsclKx+D1ov4Ar3rIbysVHpyabOwbss/diraTSy51Zhw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:15:12 2026 by rpki-client