Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
File: 19bd833c-9eac-4b19-b264-a191d9c1b939.roa (raw, json)
Hash identifier: 524YhWz0vQFCxDBeFygFVoSyCVB1qqDJp8IBkRwrYZk=
Subject key identifier: 00:C2:7F:5A:00:E4:37:9F:90:EC:0F:C6:F2:C1:F2:45:B6:31:BC:EB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B4A11168BED4C716F0C19B0FFBA266DDF43332A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
Signing time: Fri 08 May 2026 03:30:08 +0000
ROA not before: Fri 08 May 2026 03:30:08 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.216.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:4a:11:16:8b:ed:4c:71:6f:0c:19:b0:ff:ba:26:6d:df:43:33:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:30:08 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=99a4ae95d799fc68a43ac41ae35fd1346fc14e27db53a308986600e29cef7800, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4d:d8:8a:8e:67:75:ee:ad:03:08:bb:a0:83:
14:6d:b0:ee:09:4d:dd:a3:af:6e:d4:86:9f:1e:f0:
e1:50:9c:c3:92:81:a0:a2:a3:8b:f7:92:f6:17:8a:
40:f0:e1:8f:e7:8a:f5:d6:fd:cd:c5:61:84:d1:63:
20:38:fb:9a:2b:d2:1d:47:85:3c:e7:c8:0c:f8:cd:
2c:de:f0:10:dc:84:e0:fc:f1:01:af:03:b7:39:83:
4b:db:e1:a9:bc:e3:58:80:f9:e9:02:4a:f1:85:5b:
07:10:66:7f:82:a2:e3:97:47:b1:49:e9:53:28:6e:
7e:ac:ff:f5:93:da:6c:3a:f2:96:72:34:4e:90:32:
15:45:cc:3a:1d:8a:a7:04:57:c2:2a:30:13:1d:ab:
83:4a:97:8a:88:14:af:fc:b3:1b:e7:16:c4:cc:07:
f4:8b:00:fd:d5:50:8d:da:cd:4b:11:0b:4e:dd:d5:
13:a7:cf:9f:04:dc:b5:0f:62:48:71:ba:50:1f:20:
27:6b:4b:f5:59:23:06:3c:42:06:21:07:aa:b2:bb:
56:ca:97:35:b1:38:18:89:fa:25:4b:24:5e:6f:b2:
44:88:35:9b:d8:e4:d6:3f:77:66:3e:ab:b9:8d:ae:
46:3d:35:1c:6e:f7:19:df:a2:12:d3:f3:03:e0:65:
b3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C2:7F:5A:00:E4:37:9F:90:EC:0F:C6:F2:C1:F2:45:B6:31:BC:EB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.216.0/21
Signature Algorithm: sha256WithRSAEncryption
5b:f5:c0:64:92:31:a5:9b:84:e5:91:b1:99:03:0d:7b:24:9f:
d9:9c:4d:4c:39:a1:17:47:0c:44:27:35:a8:d7:0d:bc:35:11:
39:9b:1e:0e:82:ce:75:44:26:0b:50:44:b4:de:f1:15:fa:27:
95:71:a8:40:31:b5:af:d3:34:74:fd:b5:13:63:ca:45:dc:fa:
bd:2c:e7:f4:37:c6:91:89:37:1d:27:1b:5d:a3:80:73:6b:6a:
c4:61:96:fb:8d:95:f6:32:08:ea:2a:03:21:4c:bd:a5:b5:ea:
36:c6:ed:4e:37:c6:37:f5:81:ab:56:fa:ce:35:92:d2:75:83:
0a:ad:f3:71:b6:77:d7:93:c9:8c:c0:85:c2:d1:8c:ed:2c:6f:
f3:79:59:34:cd:5f:13:d1:06:ab:ba:5f:04:e7:c6:3e:5b:17:
8f:84:6d:60:97:4f:77:6b:b5:e9:ec:bb:82:1f:10:15:39:10:
80:64:7f:ae:c9:2d:e9:32:42:21:3c:cf:7e:5c:af:4d:41:0e:
06:da:dd:df:8d:05:8e:7a:eb:e4:e8:2c:e7:51:1b:27:73:f6:
16:8b:62:0e:1d:ae:ec:97:33:ae:b3:b8:4b:e7:e8:51:08:8e:
5a:2a:bc:63:9c:18:9b:55:92:28:fa:26:c2:ba:ca:65:39:6d:
20:07:ea:5d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUe0oRFovtTHFvDBmw/7ombd9DMyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzMwMDhaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5YTRhZTk1ZDc5OWZjNjhhNDNhYzQxYWUzNWZkMTM0NmZjMTRlMjdkYjUz
YTMwODk4NjYwMGUyOWNlZjc4MDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdN2IqOZ3XurQMIu6CDFG2w7glN3aOvbtSGnx7w4VCcw5KBoKKji/eS9heK
QPDhj+eK9db9zcVhhNFjIDj7mivSHUeFPOfIDPjNLN7wENyE4PzxAa8DtzmDS9vh
qbzjWID56QJK8YVbBxBmf4Ki45dHsUnpUyhufqz/9ZPabDrylnI0TpAyFUXMOh2K
pwRXwiowEx2rg0qXiogUr/yzG+cWxMwH9IsA/dVQjdrNSxELTt3VE6fPnwTctQ9i
SHG6UB8gJ2tL9VkjBjxCBiEHqrK7VsqXNbE4GIn6JUskXm+yRIg1m9jk1j93Zj6r
uY2uRj01HG73Gd+iEtPzA+Bls0ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQAwn9a
AOQ3n5DsD8bywfJFtjG86zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTliZDgzM2MtOWVhYy00YjE5LWIyNjQtYTE5MWQ5YzFiOTM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4z2DAN
BgkqhkiG9w0BAQsFAAOCAQEAW/XAZJIxpZuE5ZGxmQMNeySf2ZxNTDmhF0cMRCc1
qNcNvDUROZseDoLOdUQmC1BEtN7xFfonlXGoQDG1r9M0dP21E2PKRdz6vSzn9DfG
kYk3HScbXaOAc2tqxGGW+42V9jII6ioDIUy9pbXqNsbtTjfGN/WBq1b6zjWS0nWD
Cq3zcbZ315PJjMCFwtGM7Sxv83lZNM1fE9EGq7pfBOfGPlsXj4RtYJdPd2u16ey7
gh8QFTkQgGR/rskt6TJCITzPflyvTUEOBtrd340Fjnrr5Ogs51EbJ3P2FotiDh2u
7JczrrO4S+foUQiOWiq8Y5wYm1WSKPomwrrKZTltIAfqXQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:27:11 2026 by rpki-client