Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
File: 35fbae76-0646-43e5-826f-114b4990545e.roa (raw, json)
Hash identifier: /V8mJtljIY6RUC3N7FQNxK8jyE73GhHMA6rG4yYFXzU=
Subject key identifier: B1:18:36:FE:85:FA:5B:5A:D0:D3:33:CA:F8:08:B7:11:1E:E9:65:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37E88F45EA0A65CB779A7F58503710902D8C07D2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
Signing time: Tue 19 Aug 2025 17:00:16 +0000
ROA not before: Tue 19 Aug 2025 17:00:16 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.168.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:e8:8f:45:ea:0a:65:cb:77:9a:7f:58:50:37:10:90:2d:8c:07:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:00:16 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=5ccb4dbae5580e2c237fbccc16838c1aa8fc0a6d0ec5d4876e6bcd582b90192e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:46:60:35:c9:31:67:b6:74:67:bf:c3:4d:d0:
1e:43:a8:e2:a4:e6:7d:d2:2f:87:a1:f8:76:4d:cb:
5b:8c:08:21:4f:16:da:ce:81:6b:ef:99:ec:1d:8c:
f6:c0:1a:1a:d4:71:b8:92:bb:92:49:62:fc:9e:bc:
df:55:ac:a6:0e:23:41:b4:da:6e:69:1c:e7:1a:bd:
51:0d:24:bd:1c:26:13:47:d7:2c:4b:22:33:a7:f4:
36:77:83:f8:78:23:fa:89:d4:a8:fe:93:42:28:9e:
9e:c8:fb:0d:9d:b7:6d:a5:6b:cf:ff:0c:6b:8c:d7:
26:5b:c4:64:ff:00:8c:af:15:23:6d:e1:e1:96:29:
a4:29:26:5d:8f:08:ef:5c:4b:3e:0a:50:1d:0e:4c:
61:c9:2e:ff:39:b9:44:47:af:dd:f0:20:51:c1:04:
26:95:0a:13:e8:1c:cc:2a:ac:8f:27:7b:ac:df:dd:
22:cf:7e:ce:d0:2b:b9:78:5d:ff:31:b6:9e:7b:3e:
8c:fe:3a:fa:e6:6e:5b:87:d4:86:63:11:37:26:c2:
23:9f:86:c1:9a:81:cb:d9:44:16:48:90:ca:c6:be:
cd:69:20:fc:0f:7c:9a:b2:f8:ca:db:e0:b4:b5:b8:
c0:af:b3:dd:cb:82:54:8a:dd:b2:61:c7:13:bb:81:
ed:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:18:36:FE:85:FA:5B:5A:D0:D3:33:CA:F8:08:B7:11:1E:E9:65:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.168.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:76:3b:76:27:69:b0:ad:6b:6d:5a:2a:7d:bb:d7:fc:30:79:
ac:a6:97:6d:0d:b4:b9:39:67:ac:8f:96:aa:96:ba:cd:9d:3a:
5f:a8:bf:ba:87:e6:6b:62:0b:29:0b:73:2a:00:b7:e0:b2:f9:
2c:d9:e1:ba:b9:16:97:50:92:ba:61:a2:2c:56:2a:f6:81:a7:
ff:15:7d:70:7a:11:24:c7:8b:d9:c3:cb:22:c7:96:7a:0d:a0:
3b:b8:cc:93:4b:77:4e:0c:31:30:13:79:83:45:be:88:79:0c:
d3:dd:cf:0a:d5:31:3f:ba:e9:db:2b:50:f7:3e:ea:db:98:24:
d8:ab:03:cc:8f:25:a8:28:73:a7:87:4e:ba:b8:5e:28:99:08:
95:67:1a:82:ea:76:eb:83:f9:0a:b1:b4:d9:a3:b1:40:56:2b:
da:bd:70:bb:7d:8e:f4:6e:08:03:de:b2:b9:e5:70:40:7a:e9:
4a:be:14:4b:f7:e0:44:bf:20:60:eb:02:2f:06:7a:77:a7:ba:
c3:17:3a:12:ae:26:24:5b:73:73:e1:3c:43:b6:c3:c1:76:f8:
f1:b6:b3:a3:e5:00:5c:44:cf:30:49:d3:fc:8d:e1:4c:7f:15:
b1:07:6f:89:ce:2b:23:21:7f:bd:02:d8:68:57:66:65:9e:b8:
33:a3:05:e6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUN+iPReoKZct3mn9YUDcQkC2MB9IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAwMTZaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjY2I0ZGJhZTU1ODBlMmMyMzdmYmNjYzE2ODM4YzFhYThmYzBhNmQwZWM1
ZDQ4NzZlNmJjZDU4MmI5MDE5MmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZGYDXJMWe2dGe/w03QHkOo4qTmfdIvh6H4dk3LW4wIIU8W2s6Ba++Z7B2M
9sAaGtRxuJK7kkli/J6831Wspg4jQbTabmkc5xq9UQ0kvRwmE0fXLEsiM6f0NneD
+Hgj+onUqP6TQiiensj7DZ23baVrz/8Ma4zXJlvEZP8AjK8VI23h4ZYppCkmXY8I
71xLPgpQHQ5MYcku/zm5REev3fAgUcEEJpUKE+gczCqsjyd7rN/dIs9+ztAruXhd
/zG2nns+jP46+uZuW4fUhmMRNybCI5+GwZqBy9lEFkiQysa+zWkg/A98mrL4ytvg
tLW4wK+z3cuCVIrdsmHHE7uB7fMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSxGDb+
hfpbWtDTM8r4CLcRHullyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVmYmFlNzYtMDY0Ni00M2U1LTgyNmYtMTE0YjQ5OTA1NDVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4zqDAN
BgkqhkiG9w0BAQsFAAOCAQEAjXY7didpsK1rbVoqfbvX/DB5rKaXbQ20uTlnrI+W
qpa6zZ06X6i/uofma2ILKQtzKgC34LL5LNnhurkWl1CSumGiLFYq9oGn/xV9cHoR
JMeL2cPLIseWeg2gO7jMk0t3TgwxMBN5g0W+iHkM093PCtUxP7rp2ytQ9z7q25gk
2KsDzI8lqChzp4dOurheKJkIlWcagup264P5CrG02aOxQFYr2r1wu32O9G4IA96y
ueVwQHrpSr4US/fgRL8gYOsCLwZ6d6e6wxc6Eq4mJFtzc+E8Q7bDwXb48bazo+UA
XETPMEnT/I3hTH8VsQdvic4rIyF/vQLYaFdmZZ64M6MF5g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:17 2025 by rpki-client