Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
File: e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa (raw, json)
Hash identifier: LnVLKrnwEKl0ezxrkMsM5PAuUo3z2ZAbD04A7XstJ8s=
Subject key identifier: 8B:E2:D2:82:92:30:B9:9E:DB:87:6C:EB:F2:A1:D0:8A:EB:7A:DE:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51BBD273CE4115CD5B2CEED890FA6F5E80CF4D3A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
Signing time: Fri 08 May 2026 03:21:13 +0000
ROA not before: Fri 08 May 2026 03:21:13 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:bb:d2:73:ce:41:15:cd:5b:2c:ee:d8:90:fa:6f:5e:80:cf:4d:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:21:13 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=0edba174cb8869f84c2f95d94402afbd42b80c64c100788381186d50369a9515, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:be:d8:a1:39:68:27:bb:68:5b:dd:93:ff:d9:
98:07:6a:4b:58:76:43:06:a0:2e:fb:f8:e2:af:08:
ca:f7:79:cc:da:4e:92:99:b0:72:98:ef:2f:a8:e4:
75:03:03:01:15:3e:f9:bf:5b:0d:af:66:c0:fb:1d:
3c:b2:93:53:74:bd:30:05:f6:15:ce:82:97:45:70:
72:92:06:f2:44:37:2f:0d:97:1e:13:19:81:39:91:
10:1c:55:1d:04:8e:1b:de:f3:00:c7:6f:1a:4c:ea:
26:9c:5f:45:a8:e0:a1:af:dd:4a:8b:f2:04:2a:cb:
88:cc:f9:f4:e8:bc:31:41:28:82:d3:9b:57:e0:40:
26:fc:ae:e8:88:89:9b:ce:cc:e0:b1:32:1a:7c:e8:
92:35:73:f5:d6:c7:84:de:f6:e9:51:35:fd:86:ee:
40:e4:b6:7c:12:0d:2e:b7:5a:0f:19:e2:cb:09:a2:
fa:03:51:8c:ff:45:a5:ad:71:2e:b9:de:8a:bc:c8:
af:99:17:0c:bd:ce:77:cc:47:89:07:6f:a0:1a:83:
73:a3:da:1a:96:f0:38:a8:3b:a8:86:5a:eb:6e:56:
da:ee:80:17:5c:d1:64:dd:f6:66:40:a0:91:80:aa:
7e:79:f1:d7:25:db:cd:a7:22:ec:6d:87:53:6b:09:
ed:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:E2:D2:82:92:30:B9:9E:DB:87:6C:EB:F2:A1:D0:8A:EB:7A:DE:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.160.0/21
Signature Algorithm: sha256WithRSAEncryption
72:48:bd:ac:bb:23:c0:cd:a7:67:6b:0e:fe:a6:42:1a:82:cc:
f1:0f:92:58:b2:46:95:5e:39:f6:84:94:a3:71:b0:f2:71:c1:
28:75:80:ea:f8:36:6a:75:73:8b:45:0b:e7:95:f5:62:28:9e:
ad:be:fe:e8:93:5f:db:1a:6f:95:8c:f3:8f:01:14:91:2e:3d:
d1:df:34:c3:4d:25:2c:ed:33:d7:45:5c:28:2a:bc:02:51:9f:
98:d8:63:93:29:f3:4d:07:af:ad:fc:30:dd:67:d0:af:97:f0:
db:05:2b:a6:07:d3:14:7a:41:6c:b1:a4:e6:ac:6c:8d:0d:7d:
53:4c:ec:af:99:1b:ff:f9:0d:d8:a3:d1:5c:6e:eb:8d:0a:d4:
53:a0:8a:80:99:6b:be:95:73:4b:d7:f4:2d:7b:18:68:f6:dc:
23:91:73:ee:e1:a1:20:24:64:ab:2f:24:7f:0e:c2:ef:36:7d:
a7:04:74:79:df:c6:9c:20:fc:28:20:fd:df:da:06:9f:92:56:
92:ef:50:67:9e:1b:9c:02:f9:97:64:48:57:19:93:78:07:ee:
34:e4:05:55:11:95:6a:ab:61:14:86:a2:a1:93:b7:91:55:3e:
e4:18:bd:fa:53:02:db:b1:d8:c3:e7:88:03:7d:5c:c8:80:ba:
f4:26:fa:72
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUbvSc85BFc1bLO7YkPpvXoDPTTowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIxMTNaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlZGJhMTc0Y2I4ODY5Zjg0YzJmOTVkOTQ0MDJhZmJkNDJiODBjNjRjMTAw
Nzg4MzgxMTg2ZDUwMzY5YTk1MTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANS+2KE5aCe7aFvdk//ZmAdqS1h2QwagLvv44q8Iyvd5zNpOkpmwcpjvL6jk
dQMDARU++b9bDa9mwPsdPLKTU3S9MAX2Fc6Cl0VwcpIG8kQ3Lw2XHhMZgTmREBxV
HQSOG97zAMdvGkzqJpxfRajgoa/dSovyBCrLiMz59Oi8MUEogtObV+BAJvyu6IiJ
m87M4LEyGnzokjVz9dbHhN726VE1/YbuQOS2fBINLrdaDxniywmi+gNRjP9Fpa1x
LrneirzIr5kXDL3Od8xHiQdvoBqDc6PaGpbwOKg7qIZa625W2u6AF1zRZN32ZkCg
kYCqfnnx1yXbzaci7G2HU2sJ7VkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSL4tKC
kjC5ntuHbOvyodCK63reWTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTkxYjYyYTktMjg4NS00NTA0LTg0YTQtYmEyY2MyZjJhYzgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JoDAN
BgkqhkiG9w0BAQsFAAOCAQEAcki9rLsjwM2nZ2sO/qZCGoLM8Q+SWLJGlV459oSU
o3Gw8nHBKHWA6vg2anVzi0UL55X1Yiierb7+6JNf2xpvlYzzjwEUkS490d80w00l
LO0z10VcKCq8AlGfmNhjkynzTQevrfww3WfQr5fw2wUrpgfTFHpBbLGk5qxsjQ19
U0zsr5kb//kN2KPRXG7rjQrUU6CKgJlrvpVzS9f0LXsYaPbcI5Fz7uGhICRkqy8k
fw7C7zZ9pwR0ed/GnCD8KCD939oGn5JWku9QZ54bnAL5l2RIVxmTeAfuNOQFVRGV
aqthFIaioZO3kVU+5Bi9+lMC27HYw+eIA31cyIC69Cb6cg==
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:44 2026 by rpki-client