Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
File: cda4310a-ca55-4999-9a56-f3175f246324.roa (raw, json)
Hash identifier: iH+1m57BWl45isOUhQ76kCA8UjNym82VgqbyUg5OpkQ=
Subject key identifier: B7:FA:B2:2F:D0:0B:34:0A:AF:8C:1A:8F:52:2A:C0:F8:A9:F4:6C:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5542705115A8B0C00DCFEBE009BC0A3646AC5391
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
Signing time: Fri 08 May 2026 03:21:12 +0000
ROA not before: Fri 08 May 2026 03:21:12 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:42:70:51:15:a8:b0:c0:0d:cf:eb:e0:09:bc:0a:36:46:ac:53:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:21:12 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=81e3536c4b115d40a6db40ace6448cbf36deeae94aa035e0c8d6c5add2bafe26, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9c:72:2f:80:87:a6:fb:0c:ce:d2:31:ac:92:
46:8f:b0:80:59:34:b9:b3:ae:da:41:1a:89:0d:2b:
94:60:2e:db:c2:63:c9:1a:17:f8:fa:93:f7:30:72:
d9:07:67:d7:05:4d:25:7f:6e:c5:57:1c:0a:df:ee:
61:0a:eb:72:82:0c:4d:20:e0:3a:0c:22:3e:85:2f:
cd:d1:f4:ac:d3:0f:9b:8f:d9:54:b0:73:e1:45:73:
90:2b:2e:84:f3:c4:dc:a0:48:b8:c8:00:64:21:19:
aa:55:44:71:b2:b5:4c:4e:8f:14:fa:4a:6f:da:c7:
d7:5c:c0:fc:16:3e:58:22:74:95:74:f2:9f:c1:aa:
2a:05:1d:34:b9:0f:d1:d4:c4:87:69:c0:7c:2e:41:
60:5e:80:99:90:57:af:d8:fc:a2:fe:8c:40:8e:ee:
f1:2c:bb:d3:3e:61:95:df:28:7d:9f:c1:9e:1f:7d:
a4:69:21:56:e0:5d:ab:db:69:b0:bc:70:6f:49:17:
6f:8b:8f:22:fb:82:8e:2e:10:b1:73:cf:d0:a8:87:
50:27:fe:41:d5:85:5b:3b:77:c7:96:71:01:29:b8:
b8:75:61:e7:11:10:dc:b7:4c:e7:51:e4:97:34:c3:
88:da:06:05:62:2d:7c:f7:47:4a:cd:57:46:6e:0e:
10:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:FA:B2:2F:D0:0B:34:0A:AF:8C:1A:8F:52:2A:C0:F8:A9:F4:6C:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.152.0/22
Signature Algorithm: sha256WithRSAEncryption
15:50:f1:56:d0:65:8f:2f:3f:3a:bc:a3:7f:93:4c:57:45:fa:
3a:52:82:91:5e:9e:83:5f:c2:aa:5c:12:d7:ab:97:21:c9:fa:
b2:89:62:18:ce:04:e3:47:60:fe:2e:50:aa:e7:f5:17:ca:f9:
be:73:f7:52:7b:b5:c1:0e:a3:6f:8b:5c:4e:64:56:c8:e8:7e:
a7:7a:55:90:ae:0a:2e:76:26:de:f7:a0:f9:0a:bd:e9:94:20:
82:28:41:6f:05:70:6c:43:bb:d6:e6:72:56:d2:0d:0c:b8:d5:
22:5d:3d:0a:65:de:fd:7a:ad:68:b8:62:0d:30:11:dd:9e:ff:
af:ea:6e:91:77:6e:7f:60:cb:25:a9:eb:1d:1d:44:26:cc:9e:
af:c7:89:31:e7:76:02:c4:0b:b8:f8:a5:b4:e3:14:dd:97:39:
6d:80:c9:c7:1b:d4:14:2d:ba:e8:a3:8d:a9:3d:a1:65:eb:2f:
62:b5:4f:0f:e6:b9:a6:cd:ce:09:7f:c3:6c:aa:fc:b6:6e:5f:
48:72:f7:fa:02:de:8a:bb:c4:ef:db:77:35:6a:1d:99:2e:aa:
98:c9:2f:6a:40:8b:d9:d9:75:45:0d:d2:f1:89:68:91:2c:2b:
6e:37:a2:e2:5e:eb:02:e0:38:df:3f:dd:d6:e7:c9:c0:84:fa:
0a:27:f1:ec
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVUJwURWosMANz+vgCbwKNkasU5EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIxMTJaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxZTM1MzZjNGIxMTVkNDBhNmRiNDBhY2U2NDQ4Y2JmMzZkZWVhZTk0YWEw
MzVlMGM4ZDZjNWFkZDJiYWZlMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIKcci+Ah6b7DM7SMaySRo+wgFk0ubOu2kEaiQ0rlGAu28JjyRoX+PqT9zBy
2Qdn1wVNJX9uxVccCt/uYQrrcoIMTSDgOgwiPoUvzdH0rNMPm4/ZVLBz4UVzkCsu
hPPE3KBIuMgAZCEZqlVEcbK1TE6PFPpKb9rH11zA/BY+WCJ0lXTyn8GqKgUdNLkP
0dTEh2nAfC5BYF6AmZBXr9j8ov6MQI7u8Sy70z5hld8ofZ/Bnh99pGkhVuBdq9tp
sLxwb0kXb4uPIvuCji4QsXPP0KiHUCf+QdWFWzt3x5ZxASm4uHVh5xEQ3LdM51Hk
lzTDiNoGBWItfPdHSs1XRm4OED8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS3+rIv
0As0Cq+MGo9SKsD4qfRsiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhNDMxMGEtY2E1NS00OTk5LTlhNTYtZjMxNzVmMjQ2MzI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JmDAN
BgkqhkiG9w0BAQsFAAOCAQEAFVDxVtBljy8/Oryjf5NMV0X6OlKCkV6eg1/CqlwS
16uXIcn6soliGM4E40dg/i5Qquf1F8r5vnP3Unu1wQ6jb4tcTmRWyOh+p3pVkK4K
LnYm3veg+Qq96ZQggihBbwVwbEO71uZyVtINDLjVIl09CmXe/XqtaLhiDTAR3Z7/
r+pukXduf2DLJanrHR1EJsyer8eJMed2AsQLuPiltOMU3Zc5bYDJxxvUFC266KON
qT2hZesvYrVPD+a5ps3OCX/DbKr8tm5fSHL3+gLeirvE79t3NWodmS6qmMkvakCL
2dl1RQ3S8YlokSwrbjei4l7rAuA43z/d1ufJwIT6Cifx7A==
-----END CERTIFICATE-----
Generated at Tue May 12 23:05:46 2026 by rpki-client