Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
File: bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa (raw, json)
Hash identifier: ciW1vyqsglUPlkmg2IVCutw6SX01z1GwMJxGwCjq2Yk=
Subject key identifier: 20:38:66:47:F3:16:69:2E:8C:EE:89:BF:E2:3F:03:F9:9D:59:FA:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3705298E7833159239FC28A82ADBEAA7A2DC0285
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
Signing time: Fri 08 May 2026 03:20:06 +0000
ROA not before: Fri 08 May 2026 03:20:06 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:05:29:8e:78:33:15:92:39:fc:28:a8:2a:db:ea:a7:a2:dc:02:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:06 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=818bc4986a59a650c8b8545a8b554b8adb68b2a9832f7e2c8e560bea358783b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:25:ff:88:9d:8b:97:d2:cb:bc:37:ce:7f:2c:
53:31:db:b4:92:dc:3a:73:a1:a0:ab:3a:82:5e:52:
d7:95:b0:9a:3b:4d:a5:23:81:b2:5c:02:bb:f9:ac:
35:92:cb:84:6a:98:3e:44:f1:4b:78:42:4d:27:32:
d4:74:d1:10:76:f6:95:b7:4d:71:3c:93:34:32:4e:
ef:e7:bd:1b:e5:6d:92:39:c0:52:77:f5:ec:52:0d:
00:8e:a7:85:50:7a:47:5c:22:32:d6:8a:61:dc:b0:
14:01:3b:0b:61:8a:d9:52:83:3c:7e:4f:02:a2:0b:
86:75:2b:71:86:f7:d8:8b:2c:24:94:c4:eb:3a:39:
7b:89:6a:5d:9c:3a:d9:24:91:50:a5:ed:03:77:6f:
41:fe:9a:fb:f5:d1:13:b1:dc:c5:9b:2c:e4:fa:59:
e4:e2:c8:11:1c:6c:41:b0:dc:dd:90:4e:41:ec:4f:
d6:cc:df:05:97:30:20:26:ed:5a:9e:22:15:8a:7e:
97:6d:c3:9f:52:8a:15:55:1b:7e:4f:d1:14:72:9b:
cc:46:5d:ac:bb:5e:35:07:a8:0a:f1:e4:61:6d:01:
dd:4a:1b:92:6e:76:9c:5c:52:e8:95:09:8e:c8:74:
05:7e:26:b9:76:a5:93:18:76:3d:d7:80:68:62:34:
4f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:38:66:47:F3:16:69:2E:8C:EE:89:BF:E2:3F:03:F9:9D:59:FA:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:3b:81:1d:91:4e:4d:a3:09:3c:55:e3:11:fd:a0:53:8d:7e:
70:d3:89:42:00:95:3d:17:46:0a:f9:ab:b3:30:93:93:09:2f:
1c:f9:92:33:89:ae:69:39:c7:51:8a:b3:b6:e4:08:e2:0a:99:
8b:58:b4:07:0b:1e:73:2e:4e:9c:5d:0f:e0:1f:3d:91:08:32:
4f:3c:2e:9c:a7:62:51:85:c8:e0:d6:c7:a2:e6:79:35:ad:a0:
04:f7:5b:c2:fd:81:21:46:13:ed:fb:6a:11:fa:f0:a3:28:a1:
e0:40:12:09:8b:eb:62:03:96:28:90:b8:1c:94:c4:33:05:8f:
ee:3f:35:0c:21:c6:fe:bc:23:94:73:d0:95:11:3d:6c:e4:c8:
1e:c7:2d:bc:e0:63:9f:f4:4e:dd:34:f9:4e:d9:98:ed:b7:51:
3d:5c:1e:f6:8b:f4:78:4c:86:80:d0:3f:a8:28:2a:ad:36:ac:
8b:5a:79:c1:de:8d:c1:f5:6f:fe:e3:74:34:b8:ba:70:6d:f2:
41:05:d7:d4:d0:8e:e9:1c:10:2e:40:75:c0:1d:39:45:2c:29:
2d:ec:ce:25:8d:fa:58:6b:9a:28:ac:1c:7f:97:8e:dd:ee:9b:
f1:b0:2e:6a:a9:d9:df:1d:f1:69:8b:d9:38:7d:28:fd:2e:c8:
8d:77:78:09
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNwUpjngzFZI5/CioKtvqp6LcAoUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMDZaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxOGJjNDk4NmE1OWE2NTBjOGI4NTQ1YThiNTU0YjhhZGI2OGIyYTk4MzJm
N2UyYzhlNTYwYmVhMzU4NzgzYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcl/4idi5fSy7w3zn8sUzHbtJLcOnOhoKs6gl5S15WwmjtNpSOBslwCu/ms
NZLLhGqYPkTxS3hCTScy1HTREHb2lbdNcTyTNDJO7+e9G+VtkjnAUnf17FINAI6n
hVB6R1wiMtaKYdywFAE7C2GK2VKDPH5PAqILhnUrcYb32IssJJTE6zo5e4lqXZw6
2SSRUKXtA3dvQf6a+/XRE7HcxZss5PpZ5OLIERxsQbDc3ZBOQexP1szfBZcwICbt
Wp4iFYp+l23Dn1KKFVUbfk/RFHKbzEZdrLteNQeoCvHkYW0B3Uobkm52nFxS6JUJ
jsh0BX4muXalkxh2PdeAaGI0T/kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQgOGZH
8xZpLozuib/iPwP5nVn6IDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRkZDVkNTItZjA5Ny00YWEwLTlhNzEtYWE3YjY3NTJkY2FhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAC6JMA0G
CSqGSIb3DQEBCwUAA4IBAQACO4EdkU5Nowk8VeMR/aBTjX5w04lCAJU9F0YK+auz
MJOTCS8c+ZIzia5pOcdRirO25AjiCpmLWLQHCx5zLk6cXQ/gHz2RCDJPPC6cp2JR
hcjg1sei5nk1raAE91vC/YEhRhPt+2oR+vCjKKHgQBIJi+tiA5YokLgclMQzBY/u
PzUMIcb+vCOUc9CVET1s5Mgexy284GOf9E7dNPlO2Zjtt1E9XB72i/R4TIaA0D+o
KCqtNqyLWnnB3o3B9W/+43Q0uLpwbfJBBdfU0I7pHBAuQHXAHTlFLCkt7M4ljfpY
a5oorBx/l47d7pvxsC5qqdnfHfFpi9k4fSj9LsiNd3gJ
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:05 2026 by rpki-client