Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
File: 35fbae76-0646-43e5-826f-114b4990545e.roa (raw, json)
Hash identifier: MHEgK1MTVhjAwoFDYzmy5JhH0P4l4ei/WRnBHhaQp44=
Subject key identifier: 61:8E:0C:76:97:FA:DE:E8:4F:26:B7:F8:A9:BC:E4:1B:DC:77:24:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7AE3F475F043BBA05518FA0A5C6C223457535F0A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
Signing time: Fri 08 May 2026 03:20:54 +0000
ROA not before: Fri 08 May 2026 03:20:54 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.168.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:e3:f4:75:f0:43:bb:a0:55:18:fa:0a:5c:6c:22:34:57:53:5f:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:54 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=105af5afa57044f52d122094299a3d560e6666aae72af3830c773708555177a9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5f:1a:6a:4e:84:72:62:5a:c9:22:e9:e7:08:
95:57:de:07:97:78:be:e6:d3:fa:b9:83:6c:c5:19:
96:e6:14:39:e5:45:a2:d6:a9:b7:ef:3c:a9:84:cb:
50:2e:5a:25:99:11:1e:fd:31:89:9b:7e:f4:ee:6b:
fe:10:30:18:63:6e:bf:60:ef:a3:cb:fb:82:f1:98:
22:4d:70:cd:9c:51:41:36:52:2b:1e:72:92:c5:e6:
63:01:89:71:ff:a4:45:09:e7:12:70:2f:5d:72:9d:
14:2b:ba:dc:c6:4a:cc:ae:23:d0:29:d4:48:60:4d:
2a:39:e4:d3:e2:f0:de:ff:3c:01:37:a2:2e:36:30:
0c:fe:4d:bb:0c:52:6f:62:30:ce:c0:44:f2:85:7b:
39:e4:67:17:89:e0:28:42:e2:66:50:73:49:9f:12:
88:a1:ef:a1:77:50:02:9b:34:51:cf:c5:29:dc:83:
0e:9f:a0:75:ba:b5:d1:d4:83:0b:0b:6c:c1:84:77:
5b:6a:2a:1b:78:27:8c:ef:64:eb:d9:59:8b:b9:8d:
81:15:52:8e:40:ae:77:18:fc:bb:a2:7e:77:10:8a:
8e:fa:25:ba:a9:81:dd:5f:92:5d:aa:0d:6c:e8:43:
06:66:dc:d4:06:ad:37:a5:31:60:0a:00:ed:d1:49:
f3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:8E:0C:76:97:FA:DE:E8:4F:26:B7:F8:A9:BC:E4:1B:DC:77:24:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.168.0/21
Signature Algorithm: sha256WithRSAEncryption
96:f6:02:69:c9:77:4f:ca:dc:6b:86:88:47:cc:f6:95:2f:80:
5f:78:5d:6c:79:1c:e4:d2:27:eb:4a:8f:1f:59:a6:12:3f:e6:
29:41:28:44:97:a0:25:9f:5d:35:92:5e:54:69:b4:a8:1b:3d:
fe:f2:43:54:83:2a:0e:bb:3d:74:cb:68:c9:72:cf:c0:63:18:
74:f8:c0:d4:cf:11:21:a9:d6:ed:07:96:0b:14:07:b2:23:b1:
ca:3c:f2:2a:75:2e:9a:38:21:48:b2:68:46:16:c7:6e:63:1e:
5c:c8:34:40:17:da:14:e8:63:22:1f:a3:a6:74:d1:da:a2:81:
17:d6:5f:a4:fd:a8:a6:c8:11:9f:01:5b:5f:7a:1b:4b:d7:32:
6d:39:d0:88:f0:e8:f2:ad:61:e1:0c:6f:27:c6:05:67:3a:6e:
6b:f6:12:60:c2:af:06:70:b6:0b:29:cd:8a:d7:fb:10:41:e2:
4e:97:00:61:d3:70:ad:70:81:d3:6b:85:f6:d7:40:a4:53:e6:
6e:6e:3e:1a:1b:aa:dd:1f:6b:a0:47:56:d3:db:da:90:26:a2:
27:86:a0:4a:ce:55:ad:59:18:11:c6:c0:60:50:88:9c:5d:b6:
1d:44:72:b6:10:1a:6c:b8:69:9e:42:f9:3b:b7:aa:09:8e:8c:
7c:5e:79:87
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeuP0dfBDu6BVGPoKXGwiNFdTXwowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwNTRaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwNWFmNWFmYTU3MDQ0ZjUyZDEyMjA5NDI5OWEzZDU2MGU2NjY2YWFlNzJh
ZjM4MzBjNzczNzA4NTU1MTc3YTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhfGmpOhHJiWski6ecIlVfeB5d4vubT+rmDbMUZluYUOeVFotapt+88qYTL
UC5aJZkRHv0xiZt+9O5r/hAwGGNuv2Dvo8v7gvGYIk1wzZxRQTZSKx5yksXmYwGJ
cf+kRQnnEnAvXXKdFCu63MZKzK4j0CnUSGBNKjnk0+Lw3v88ATeiLjYwDP5NuwxS
b2IwzsBE8oV7OeRnF4ngKELiZlBzSZ8SiKHvoXdQAps0Uc/FKdyDDp+gdbq10dSD
CwtswYR3W2oqG3gnjO9k69lZi7mNgRVSjkCudxj8u6J+dxCKjvoluqmB3V+SXaoN
bOhDBmbc1AatN6UxYAoA7dFJ850CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRhjgx2
l/re6E8mt/ipvOQb3HckFDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVmYmFlNzYtMDY0Ni00M2U1LTgyNmYtMTE0YjQ5OTA1NDVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4zqDAN
BgkqhkiG9w0BAQsFAAOCAQEAlvYCacl3T8rca4aIR8z2lS+AX3hdbHkc5NIn60qP
H1mmEj/mKUEoRJegJZ9dNZJeVGm0qBs9/vJDVIMqDrs9dMtoyXLPwGMYdPjA1M8R
IanW7QeWCxQHsiOxyjzyKnUumjghSLJoRhbHbmMeXMg0QBfaFOhjIh+jpnTR2qKB
F9ZfpP2opsgRnwFbX3obS9cybTnQiPDo8q1h4QxvJ8YFZzpua/YSYMKvBnC2CynN
itf7EEHiTpcAYdNwrXCB02uF9tdApFPmbm4+Ghuq3R9roEdW09vakCaiJ4agSs5V
rVkYEcbAYFCInF22HURythAabLhpnkL5O7eqCY6MfF55hw==
-----END CERTIFICATE-----
Generated at Wed May 13 00:09:00 2026 by rpki-client