Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2eab4c42-5a06-4b45-b0cf-92f23ba278f9.roa
File: 2eab4c42-5a06-4b45-b0cf-92f23ba278f9.roa (raw, json)
Hash identifier: 9EA+7KGf7EErNNGuBi1RTfgVVfZFm3yFiCZ22EifLP8=
Subject key identifier: 46:FB:30:31:69:DA:46:C6:59:39:5A:C6:5A:C1:5F:88:4E:09:1D:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4EE7DC1D7C4AF247F1101BE23D9EDA93D23E6667
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2eab4c42-5a06-4b45-b0cf-92f23ba278f9.roa
Signing time: Fri 08 May 2026 03:21:16 +0000
ROA not before: Fri 08 May 2026 03:21:16 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.224.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:e7:dc:1d:7c:4a:f2:47:f1:10:1b:e2:3d:9e:da:93:d2:3e:66:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:21:16 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=569a7d6f20c7c2b85132424643646151becde18ca2aa9679df1ab04d71d6587c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c5:dd:a3:1c:58:7a:c5:9c:6f:9f:21:23:57:
88:45:c9:c2:d7:9f:ee:33:d2:20:a5:8a:41:33:2d:
5c:82:91:24:1a:b2:2a:dc:ca:6e:bb:d8:9f:47:a9:
83:4b:be:0b:5b:30:30:3d:2a:7a:c7:f6:9f:c4:c9:
ec:33:5a:e9:2d:c5:bc:e7:e8:2a:bd:97:f7:31:9a:
8f:94:5a:9e:d6:30:fa:89:35:55:55:bf:ef:ef:3e:
2e:10:b2:19:69:24:92:c6:2b:5a:21:89:f0:81:e9:
47:cf:d1:45:67:d4:13:5c:cf:15:59:b4:3d:fe:c5:
21:e8:ad:fe:e4:af:4d:e7:aa:2d:3b:33:e1:7d:f5:
8c:c0:a0:ce:ce:63:17:eb:db:d3:fa:08:9e:92:62:
d3:f6:a9:cb:d8:b6:33:cd:68:08:ab:57:8e:0c:1f:
a2:20:00:77:ec:10:98:a8:24:67:a3:8b:49:ef:b5:
e9:66:68:22:fa:e4:b9:88:b8:7d:51:58:76:08:93:
aa:79:bd:64:11:5f:6b:ad:72:79:0e:e1:af:2f:77:
3a:09:01:4c:66:47:5d:0e:15:41:cf:b2:f7:99:b9:
21:b3:c3:0a:35:a2:db:af:77:37:57:61:98:c5:d7:
c9:b6:db:12:59:ae:df:b3:a9:e9:74:9d:9e:a2:95:
ce:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:FB:30:31:69:DA:46:C6:59:39:5A:C6:5A:C1:5F:88:4E:09:1D:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2eab4c42-5a06-4b45-b0cf-92f23ba278f9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.224.0/20
Signature Algorithm: sha256WithRSAEncryption
16:4d:af:3b:65:b2:f8:35:6c:bd:5b:08:e2:db:79:b3:3a:e3:
f4:06:3d:72:bc:39:8d:48:ec:44:d3:5c:5e:93:fe:ad:5f:39:
c8:af:5d:c0:9a:60:a8:b5:40:0c:28:d6:75:a3:ca:f4:b6:b5:
8b:ab:5a:26:96:20:29:23:ea:be:56:7b:61:42:64:d7:a8:67:
bb:cd:a9:72:da:33:51:ce:31:32:ba:c2:f7:22:96:c5:9f:03:
2e:2e:a9:b5:a5:26:86:37:d6:96:08:9d:16:84:43:a9:1b:80:
ce:f4:f9:df:d1:dd:9c:70:52:28:f2:e8:db:59:ec:01:b5:00:
72:e5:d5:06:6f:3b:c2:ba:33:37:73:f7:91:ff:09:46:cf:b6:
53:e9:2a:34:19:3e:32:a6:37:f1:e0:11:f5:ef:4b:16:86:b4:
e2:8f:80:11:bf:3b:78:d7:e9:cf:c6:f8:56:dc:75:26:a6:74:
1e:4a:e4:e2:e6:18:0a:5f:a8:0f:1c:15:e7:fd:5b:7a:ed:e3:
8d:5f:62:16:27:a1:95:4b:e2:f6:40:2b:64:1b:77:34:64:06:
ff:2c:90:03:8b:07:d2:dd:a8:0b:45:63:08:74:a4:b5:e8:c9:
ad:3a:35:d4:74:be:3e:77:c8:9c:42:7a:01:c7:1a:d0:8c:f1:
2e:26:f9:54
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTufcHXxK8kfxEBviPZ7ak9I+ZmcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIxMTZaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2OWE3ZDZmMjBjN2MyYjg1MTMyNDI0NjQzNjQ2MTUxYmVjZGUxOGNhMmFh
OTY3OWRmMWFiMDRkNzFkNjU4N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJjF3aMcWHrFnG+fISNXiEXJwtef7jPSIKWKQTMtXIKRJBqyKtzKbrvYn0ep
g0u+C1swMD0qesf2n8TJ7DNa6S3FvOfoKr2X9zGaj5RantYw+ok1VVW/7+8+LhCy
GWkkksYrWiGJ8IHpR8/RRWfUE1zPFVm0Pf7FIeit/uSvTeeqLTsz4X31jMCgzs5j
F+vb0/oInpJi0/apy9i2M81oCKtXjgwfoiAAd+wQmKgkZ6OLSe+16WZoIvrkuYi4
fVFYdgiTqnm9ZBFfa61yeQ7hry93OgkBTGZHXQ4VQc+y95m5IbPDCjWi2693N1dh
mMXXybbbElmu37Op6XSdnqKVzvkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRG+zAx
adpGxlk5WsZawV+ITgkdEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmVhYjRjNDItNWEwNi00YjQ1LWIwY2YtOTJmMjNiYTI3OGY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4z4DAN
BgkqhkiG9w0BAQsFAAOCAQEAFk2vO2Wy+DVsvVsI4tt5szrj9AY9crw5jUjsRNNc
XpP+rV85yK9dwJpgqLVADCjWdaPK9La1i6taJpYgKSPqvlZ7YUJk16hnu82pctoz
Uc4xMrrC9yKWxZ8DLi6ptaUmhjfWlgidFoRDqRuAzvT539HdnHBSKPLo21nsAbUA
cuXVBm87wrozN3P3kf8JRs+2U+kqNBk+MqY38eAR9e9LFoa04o+AEb87eNfpz8b4
Vtx1JqZ0Hkrk4uYYCl+oDxwV5/1beu3jjV9iFiehlUvi9kArZBt3NGQG/yyQA4sH
0t2oC0VjCHSktejJrTo11HS+PnfInEJ6Acca0IzxLib5VA==
-----END CERTIFICATE-----
Generated at Tue May 12 23:38:52 2026 by rpki-client