Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
File: b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa (raw, json)
Hash identifier: j3gcNXXMUmnh2r86Xa2EdbHRA6pQtr9unw9e3pS/PHQ=
Subject key identifier: 7F:6A:6F:54:21:16:29:44:B0:83:59:24:EF:13:46:F9:58:F6:7E:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E1D523994ADDCAB2CA574B6F7160BBAC5BC13A4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
Signing time: Fri 08 May 2026 03:20:11 +0000
ROA not before: Fri 08 May 2026 03:20:11 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:1d:52:39:94:ad:dc:ab:2c:a5:74:b6:f7:16:0b:ba:c5:bc:13:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:11 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=407147e0dfa88eca9b978d14f0bdcf0f99eada35d3dba890c604b966e7c7664d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a1:f4:5d:3c:a6:6b:c0:16:b9:5c:f3:7c:50:
76:f8:3b:c6:2a:d1:e8:90:cf:10:22:4e:a6:da:f3:
ae:82:ed:56:18:24:23:55:d4:7a:b7:fc:56:71:70:
fc:af:91:3a:88:95:1e:90:53:97:d5:7b:2f:a8:1f:
aa:92:26:3c:22:fd:1c:eb:bf:34:11:96:80:b6:a0:
da:53:36:b9:cb:8d:bc:76:83:18:db:ac:4d:9f:8b:
cc:1c:0c:41:73:38:fa:6c:a1:7b:4a:df:15:24:31:
e2:cb:b8:ba:19:44:42:a2:1a:6d:40:5d:e8:10:41:
ab:b2:80:08:a7:e2:81:41:05:f3:9f:9c:02:38:63:
a2:c2:87:64:3d:a6:dc:13:58:b2:7c:07:e5:e3:6c:
f5:60:f7:42:8b:5e:ea:f1:f2:c5:f4:24:7c:c2:e0:
7c:43:df:8c:f2:07:da:d3:48:44:02:86:f1:90:12:
39:61:94:49:a9:89:56:81:30:3e:b2:24:90:ce:e3:
84:cc:6f:df:e4:3e:0b:29:95:4c:8c:8e:f0:7d:fb:
51:da:23:be:bc:e2:bc:b3:4c:72:2b:2c:f0:84:d9:
20:76:f2:76:17:c6:65:ab:ba:94:92:5e:ea:2b:e3:
59:7c:ce:d5:23:1c:2a:4f:b0:e6:55:2e:71:d0:c2:
d9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:6A:6F:54:21:16:29:44:B0:83:59:24:EF:13:46:F9:58:F6:7E:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.156.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:1f:8d:6d:ba:a0:79:3c:5e:dc:01:49:03:ce:dc:28:3e:2f:
a4:19:56:de:24:22:3d:df:2e:e4:35:55:7c:07:d9:ea:88:35:
1d:3c:d9:6a:69:e4:83:ca:7c:84:fe:ce:61:46:b3:20:cc:7b:
c0:64:c0:5e:e1:aa:c0:96:65:ac:c1:8b:73:27:4c:29:8f:f7:
a7:25:36:10:62:84:32:aa:dd:70:16:68:c6:e6:1c:10:6a:43:
1f:ea:ff:d9:cf:69:fc:80:23:75:6e:8a:e6:22:11:56:cb:ab:
f4:00:56:3d:a6:19:09:a4:e8:d1:4d:06:99:b7:35:5c:7c:a9:
7c:d5:37:08:6a:7e:61:1e:60:1d:e9:98:13:29:c9:9b:80:19:
92:1c:b2:ea:c8:d3:de:44:b0:89:9b:d1:76:ea:c4:cb:37:91:
01:79:af:0c:d6:ca:f2:e6:4e:1f:e3:41:45:82:c3:4b:04:3d:
77:3e:3b:8a:2c:f1:62:18:34:7f:e0:db:c1:7c:dd:de:e5:3a:
99:e0:06:28:25:fe:ca:4f:16:e5:37:29:09:a5:5a:5d:bc:75:
68:59:33:98:99:1e:7a:a9:ab:0f:e9:cc:11:ba:ea:4b:7c:aa:
74:48:5c:2d:53:57:9c:7c:b8:dc:23:3e:65:dd:52:d4:48:8e:
4d:61:00:f3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDh1SOZSt3KsspXS29xYLusW8E6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMTFaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwNzE0N2UwZGZhODhlY2E5Yjk3OGQxNGYwYmRjZjBmOTllYWRhMzVkM2Ri
YTg5MGM2MDRiOTY2ZTdjNzY2NGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCh9F08pmvAFrlc83xQdvg7xirR6JDPECJOptrzroLtVhgkI1XUerf8VnFw
/K+ROoiVHpBTl9V7L6gfqpImPCL9HOu/NBGWgLag2lM2ucuNvHaDGNusTZ+LzBwM
QXM4+myhe0rfFSQx4su4uhlEQqIabUBd6BBBq7KACKfigUEF85+cAjhjosKHZD2m
3BNYsnwH5eNs9WD3Qote6vHyxfQkfMLgfEPfjPIH2tNIRAKG8ZASOWGUSamJVoEw
PrIkkM7jhMxv3+Q+CymVTIyO8H37UdojvrzivLNMciss8ITZIHbydhfGZau6lJJe
6ivjWXzO1SMcKk+w5lUucdDC2ckCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR/am9U
IRYpRLCDWSTvE0b5WPZ+VjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjllODUxNzQtMmZmZC00YjkzLTgzNTctMWUyYmE4NTQ0OWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JnDAN
BgkqhkiG9w0BAQsFAAOCAQEApB+NbbqgeTxe3AFJA87cKD4vpBlW3iQiPd8u5DVV
fAfZ6og1HTzZamnkg8p8hP7OYUazIMx7wGTAXuGqwJZlrMGLcydMKY/3pyU2EGKE
MqrdcBZoxuYcEGpDH+r/2c9p/IAjdW6K5iIRVsur9ABWPaYZCaTo0U0Gmbc1XHyp
fNU3CGp+YR5gHemYEynJm4AZkhyy6sjT3kSwiZvRdurEyzeRAXmvDNbK8uZOH+NB
RYLDSwQ9dz47iizxYhg0f+DbwXzd3uU6meAGKCX+yk8W5TcpCaVaXbx1aFkzmJke
eqmrD+nMEbrqS3yqdEhcLVNXnHy43CM+Zd1S1EiOTWEA8w==
-----END CERTIFICATE-----
Generated at Tue May 12 23:35:54 2026 by rpki-client