Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
File: 35fbae76-0646-43e5-826f-114b4990545e.roa (raw, json)
Hash identifier: jPkiBa/M6/9S8UkK+hraRh0QKniAqtZuG5KuHhB0LlI=
Subject key identifier: 6C:12:37:81:39:24:77:CF:22:33:41:8E:16:CA:A7:75:0F:6F:BC:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D782D69EF2521063EC6ACF61D9B3B821A4166B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
Signing time: Fri 10 Oct 2025 17:10:43 +0000
ROA not before: Fri 10 Oct 2025 17:10:43 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.168.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:78:2d:69:ef:25:21:06:3e:c6:ac:f6:1d:9b:3b:82:1a:41:66:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:10:43 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=5e9919982c7642182127943ca58ec2967580b7bf72dd9327bf54f007fb582ca8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e1:00:ee:25:79:3a:ca:b6:76:f3:e7:9b:74:
23:17:31:78:50:75:2e:f5:95:9c:fa:11:a8:0f:ed:
85:6b:80:ef:cc:b3:fd:16:7e:9d:1c:5c:59:87:78:
53:c9:ea:f2:55:56:a1:96:0a:ba:a1:20:2f:81:af:
a5:cb:6f:4d:29:a0:d5:db:89:37:49:b0:08:97:0f:
0e:1f:74:2e:24:66:f9:c0:62:66:c0:e6:a5:94:19:
8d:0d:c0:cb:32:c5:d8:aa:d6:df:ec:1f:1b:8b:2a:
fa:71:b0:99:f7:1c:f6:b9:b8:95:2b:d4:eb:40:c1:
48:6b:0d:b9:3b:c9:e6:43:ec:b5:be:e4:ab:51:87:
01:60:ca:84:0f:d3:e7:cc:56:b5:d3:53:92:2d:2c:
4f:74:46:10:25:e6:35:5f:e7:e1:4d:46:f9:3b:c7:
22:d5:0b:9a:7b:a8:cc:39:df:73:ed:31:f9:b1:14:
10:97:21:14:2d:95:6a:47:62:b8:4f:44:84:cd:a1:
97:25:c3:e3:23:1d:fb:46:9a:8f:c9:b4:23:4a:d8:
d3:f7:0d:81:c3:c3:82:a5:86:fa:30:54:fd:5a:de:
11:b9:08:07:a3:ba:4f:f8:6f:db:9e:5c:3c:d3:1a:
51:8a:87:33:f4:88:88:8f:5e:0f:01:75:62:ff:42:
5f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:12:37:81:39:24:77:CF:22:33:41:8E:16:CA:A7:75:0F:6F:BC:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.168.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:a6:36:7b:88:5f:c8:c3:b5:c7:a3:d9:2b:fc:b4:d5:ff:8d:
be:7e:30:e1:06:b9:4c:52:90:74:7e:f1:41:6c:60:ea:23:29:
07:58:2c:c4:45:d0:af:4b:e6:c8:1f:c1:27:b8:be:c5:44:30:
e8:1d:c8:03:25:2c:4a:db:90:87:e8:46:6e:3a:9a:02:06:91:
e2:ff:ac:3f:b8:fe:03:ad:f0:a9:81:12:c5:7c:64:2e:24:80:
ae:98:6d:e8:86:ad:44:1e:6d:fa:d8:1c:83:e7:fa:19:23:62:
a4:14:ae:9a:82:4c:ac:e6:98:6e:d5:bb:62:f3:ca:55:68:54:
b8:63:6b:b2:c9:22:3b:68:bb:6a:53:b4:c8:af:fa:ec:40:18:
6b:76:3b:1a:5e:b5:e9:b8:1c:b0:5c:ba:4d:21:f7:b3:5e:82:
29:73:37:00:c9:84:e2:96:0f:cc:2e:72:4b:14:8b:6e:aa:c3:
ed:da:5e:96:0f:11:2a:09:1e:89:0d:a4:e1:60:a7:c6:a0:dc:
ad:81:2d:d4:22:2c:a2:b2:58:25:54:66:b8:f6:f9:80:14:4b:
69:9e:7b:f5:61:7d:0b:1e:0a:9c:3c:a0:53:52:05:16:30:d5:
64:e3:b8:1a:cd:c1:ea:f6:83:d7:c0:d3:8e:aa:e6:3e:78:b2:
b3:62:2d:57
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTXgtae8lIQY+xqz2HZs7ghpBZrUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzEwNDNaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlOTkxOTk4MmM3NjQyMTgyMTI3OTQzY2E1OGVjMjk2NzU4MGI3YmY3MmRk
OTMyN2JmNTRmMDA3ZmI1ODJjYTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLhAO4leTrKtnbz55t0IxcxeFB1LvWVnPoRqA/thWuA78yz/RZ+nRxcWYd4
U8nq8lVWoZYKuqEgL4GvpctvTSmg1duJN0mwCJcPDh90LiRm+cBiZsDmpZQZjQ3A
yzLF2KrW3+wfG4sq+nGwmfcc9rm4lSvU60DBSGsNuTvJ5kPstb7kq1GHAWDKhA/T
58xWtdNTki0sT3RGECXmNV/n4U1G+TvHItULmnuozDnfc+0x+bEUEJchFC2Vakdi
uE9EhM2hlyXD4yMd+0aaj8m0I0rY0/cNgcPDgqWG+jBU/VreEbkIB6O6T/hv255c
PNMaUYqHM/SIiI9eDwF1Yv9CX8cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRsEjeB
OSR3zyIzQY4Wyqd1D2+88DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVmYmFlNzYtMDY0Ni00M2U1LTgyNmYtMTE0YjQ5OTA1NDVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4zqDAN
BgkqhkiG9w0BAQsFAAOCAQEATaY2e4hfyMO1x6PZK/y01f+Nvn4w4Qa5TFKQdH7x
QWxg6iMpB1gsxEXQr0vmyB/BJ7i+xUQw6B3IAyUsStuQh+hGbjqaAgaR4v+sP7j+
A63wqYESxXxkLiSArpht6IatRB5t+tgcg+f6GSNipBSumoJMrOaYbtW7YvPKVWhU
uGNrsskiO2i7alO0yK/67EAYa3Y7Gl616bgcsFy6TSH3s16CKXM3AMmE4pYPzC5y
SxSLbqrD7dpelg8RKgkeiQ2k4WCnxqDcrYEt1CIsorJYJVRmuPb5gBRLaZ579WF9
Cx4KnDygU1IFFjDVZOO4Gs3B6vaD18DTjqrmPniys2ItVw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:05 2025 by rpki-client