Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
File: fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa (raw, json)
Hash identifier: nNPPGAb6gEyhtsL+0DScO7Yd7BOESNNSCNdNnWh0Vcc=
Subject key identifier: E2:7C:46:24:A9:59:EF:BD:63:97:8E:AD:18:1E:D6:B1:1F:C7:1C:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38E1D40603271EDABB00F2A993BF13ED4836A5E7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
Signing time: Fri 08 May 2026 03:30:15 +0000
ROA not before: Fri 08 May 2026 03:30:15 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:e1:d4:06:03:27:1e:da:bb:00:f2:a9:93:bf:13:ed:48:36:a5:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:30:15 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=26bb8233ec7fb20b27b3c521711f8aadfdecdcfa2060a28333889c00fb18ed70, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:53:2c:c7:19:ab:ec:0d:08:20:15:0e:c7:7d:
72:25:6a:de:be:f8:5e:06:49:41:bc:28:d6:c2:34:
61:92:77:eb:2d:ea:c4:a5:e3:0f:07:31:24:ef:28:
81:7c:19:17:57:20:a3:04:6d:7d:7e:ce:71:34:b3:
56:3d:e6:0a:19:70:ea:6c:a2:fb:78:4f:7e:db:eb:
92:4e:48:3a:af:65:ad:4f:59:10:2a:b1:b2:d3:01:
50:57:69:4d:3f:33:f9:13:5f:11:c5:33:2f:f9:54:
e8:aa:a3:51:ec:c0:c7:41:f8:ef:9d:f0:c4:cc:4b:
b9:9c:1a:3e:ac:22:c8:a5:b7:c9:94:fb:d1:bc:29:
b8:c9:1f:32:c5:cf:85:d1:c4:40:0a:f8:2d:cd:75:
07:f1:14:73:7c:fc:cb:3d:96:36:02:99:af:fa:4f:
a7:6b:96:ad:a0:e5:b4:51:05:4d:4b:fb:03:00:72:
bb:84:3a:6a:f1:5d:b3:d2:e0:9e:27:85:a3:d3:60:
da:be:ad:56:62:13:f8:5b:e0:f6:39:ea:1c:28:cc:
fe:dc:e6:06:c6:5e:99:f6:17:91:2c:5c:13:71:ce:
d2:61:e0:eb:b3:b8:5c:b7:7d:ec:ab:46:55:b0:6c:
bd:9c:5d:ae:25:79:90:42:6f:b9:5e:2a:5d:01:9b:
04:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:7C:46:24:A9:59:EF:BD:63:97:8E:AD:18:1E:D6:B1:1F:C7:1C:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:a8:3f:33:df:ff:5c:15:ec:47:e6:41:cb:21:b6:86:61:ec:
33:83:1c:11:90:40:45:6f:ca:b0:eb:3b:42:02:86:25:b8:8a:
78:9a:d6:9c:b1:eb:b9:d4:92:bd:47:50:12:33:b1:33:ac:52:
f8:5d:06:25:32:0a:7f:6b:c0:78:13:ba:9e:59:2e:d4:67:b5:
07:60:8f:a5:8a:e9:77:75:07:91:36:e7:3e:85:91:1e:1a:34:
2e:c0:f7:a2:e8:58:50:d8:bc:78:a5:af:6f:7c:0f:05:56:2a:
d8:f5:5b:f3:52:df:70:fe:c7:9a:1f:8a:fe:b7:35:51:41:15:
c0:1e:da:96:ac:d9:54:db:a6:46:ef:52:3a:a9:a1:26:eb:d1:
3c:c8:27:23:3f:1b:06:0e:d5:54:11:fb:0e:64:31:be:14:9d:
07:a0:92:30:ca:fd:62:cb:e0:38:00:78:8c:f1:41:a7:09:46:
c3:7a:61:99:e6:34:d2:10:c7:a7:28:59:6f:88:17:5a:e8:d0:
38:0d:00:ae:a9:4c:b6:52:df:3e:cd:f4:fd:41:45:65:26:30:
08:43:bd:9c:6e:0e:72:17:4c:a2:3c:8a:e3:3f:67:74:9a:30:
59:ce:eb:48:bd:49:c4:19:03:25:f0:5a:02:d6:7b:e6:8e:02:
13:01:16:13
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOOHUBgMnHtq7APKpk78T7Ug2pecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzMwMTVaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2YmI4MjMzZWM3ZmIyMGIyN2IzYzUyMTcxMWY4YWFkZmRlY2RjZmEyMDYw
YTI4MzMzODg5YzAwZmIxOGVkNzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5TLMcZq+wNCCAVDsd9ciVq3r74XgZJQbwo1sI0YZJ36y3qxKXjDwcxJO8o
gXwZF1cgowRtfX7OcTSzVj3mChlw6myi+3hPftvrkk5IOq9lrU9ZECqxstMBUFdp
TT8z+RNfEcUzL/lU6KqjUezAx0H4753wxMxLuZwaPqwiyKW3yZT70bwpuMkfMsXP
hdHEQAr4Lc11B/EUc3z8yz2WNgKZr/pPp2uWraDltFEFTUv7AwByu4Q6avFds9Lg
nieFo9Ng2r6tVmIT+Fvg9jnqHCjM/tzmBsZemfYXkSxcE3HO0mHg67O4XLd97KtG
VbBsvZxdriV5kEJvuV4qXQGbBD8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTifEYk
qVnvvWOXjq0YHtaxH8ccvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNlZTY1Y2EtOWM2Ny00OTI1LWI0NmYtNjBlYzJlZWNiN2EzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEAPag/M9//XBXsR+ZByyG2hmHsM4McEZBARW/KsOs7
QgKGJbiKeJrWnLHrudSSvUdQEjOxM6xS+F0GJTIKf2vAeBO6nlku1Ge1B2CPpYrp
d3UHkTbnPoWRHho0LsD3ouhYUNi8eKWvb3wPBVYq2PVb81LfcP7Hmh+K/rc1UUEV
wB7alqzZVNumRu9SOqmhJuvRPMgnIz8bBg7VVBH7DmQxvhSdB6CSMMr9YsvgOAB4
jPFBpwlGw3phmeY00hDHpyhZb4gXWujQOA0ArqlMtlLfPs30/UFFZSYwCEO9nG4O
chdMojyK4z9ndJowWc7rSL1JxBkDJfBaAtZ75o4CEwEWEw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:36:15 2026 by rpki-client