Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d3290b1-5123-4651-a2b9-bde2c7d0d334.roa
File: 7d3290b1-5123-4651-a2b9-bde2c7d0d334.roa (raw, json)
Hash identifier: OzzSTpbswFAgxwR9vy+rV0OqsaztaJ8k4iy1+PHgIsY=
Subject key identifier: A1:5B:EB:7D:96:9D:00:00:47:42:55:14:01:33:F4:76:3C:AE:DB:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4CE18A0E92ACE7D0634E7D1C7FBC409722CA60B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d3290b1-5123-4651-a2b9-bde2c7d0d334.roa
Signing time: Fri 08 May 2026 03:21:14 +0000
ROA not before: Fri 08 May 2026 03:21:14 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:e1:8a:0e:92:ac:e7:d0:63:4e:7d:1c:7f:bc:40:97:22:ca:60:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:21:14 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=e8c2618bd9194ce5b94511bcbdea5e74f6eeac6fa8001e65f958d1abb85aa2ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:90:2f:72:14:4e:61:15:af:1e:4f:97:7a:f1:
ac:f4:e2:e1:b2:fa:f8:1f:18:c3:6c:44:6e:c2:07:
f2:3c:c3:85:06:3f:a3:0c:76:7e:3c:94:bc:67:4a:
ff:df:ca:b8:fc:fd:42:fe:5d:91:93:39:b7:3e:a2:
f2:15:2b:ad:d7:f7:4d:2c:8e:57:63:12:d5:52:c8:
f3:f2:00:ae:96:09:38:09:67:5a:62:00:49:ac:ad:
d6:43:03:39:12:e9:f6:f3:8a:18:23:c5:55:f4:24:
d0:1f:c8:88:3b:f5:51:96:e8:49:04:86:34:95:a3:
0a:b5:7d:c2:54:a5:be:bf:b4:18:e9:70:96:bf:03:
23:fb:9f:a0:d7:ca:88:79:00:f2:1d:bf:be:c1:12:
11:d5:8c:f9:f2:de:b6:9c:3b:ec:28:b3:5b:e2:72:
ea:d5:4d:d4:2b:ec:fc:a1:01:f3:9c:63:a6:fd:5d:
2f:3b:0d:a8:2f:37:85:40:35:35:c6:3d:20:5a:46:
2a:a3:33:4b:98:a8:3f:d4:7c:27:60:5c:ab:8c:4e:
c4:4e:38:e6:4b:c3:8b:be:26:f9:6f:95:f3:44:64:
8c:38:5e:c6:76:53:08:0b:bf:c2:da:a4:6f:7c:8f:
2b:87:b5:15:39:db:18:8d:5d:45:5b:37:c2:cc:de:
61:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:5B:EB:7D:96:9D:00:00:47:42:55:14:01:33:F4:76:3C:AE:DB:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d3290b1-5123-4651-a2b9-bde2c7d0d334.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.128.0/18
Signature Algorithm: sha256WithRSAEncryption
10:65:83:d6:c4:fc:60:f1:ff:80:c0:21:bf:92:ca:08:2e:9e:
da:a4:68:c5:3a:59:40:da:a6:21:61:9a:95:90:61:cb:d3:67:
76:ba:1e:c5:f6:72:b3:9b:e3:ae:36:70:57:f5:51:c4:82:c6:
c0:28:4f:9f:3c:1a:53:46:13:29:bd:9b:59:b7:9d:63:96:86:
64:a7:67:bf:55:b8:2b:16:87:0f:38:a6:86:23:f0:63:43:e4:
3d:58:df:da:ca:6b:ab:de:f6:5b:20:90:b6:98:71:39:46:84:
76:0c:55:9e:99:38:d7:6e:fb:1b:94:68:57:c3:ab:1f:e1:20:
07:16:7d:73:a2:f1:23:fd:ae:35:29:3a:59:3d:19:de:99:0b:
6e:0d:8f:3e:03:fc:b4:75:17:7c:85:a9:0f:e9:03:76:f1:75:
70:2e:8e:e8:d8:c1:df:28:f8:7b:b0:bf:74:b7:b0:87:91:6c:
d4:7f:fe:fb:20:15:62:08:e3:79:71:0d:61:b7:d8:49:83:4c:
ed:3c:40:27:4f:f4:1f:ff:59:98:bd:88:03:65:2a:33:75:3d:
93:91:4d:c2:00:cb:e7:71:43:76:f1:13:76:f8:c1:da:58:26:
59:a7:1b:bf:51:35:a9:b0:7d:3a:87:a9:48:55:4f:fa:aa:ff:
5e:0c:6f:b5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTOGKDpKs59BjTn0cf7xAlyLKYLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIxMTRaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4YzI2MThiZDkxOTRjZTViOTQ1MTFiY2JkZWE1ZTc0ZjZlZWFjNmZhODAw
MWU2NWY5NThkMWFiYjg1YWEyZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOQL3IUTmEVrx5Pl3rxrPTi4bL6+B8Yw2xEbsIH8jzDhQY/owx2fjyUvGdK
/9/KuPz9Qv5dkZM5tz6i8hUrrdf3TSyOV2MS1VLI8/IArpYJOAlnWmIASayt1kMD
ORLp9vOKGCPFVfQk0B/IiDv1UZboSQSGNJWjCrV9wlSlvr+0GOlwlr8DI/ufoNfK
iHkA8h2/vsESEdWM+fLetpw77CizW+Jy6tVN1Cvs/KEB85xjpv1dLzsNqC83hUA1
NcY9IFpGKqMzS5ioP9R8J2Bcq4xOxE445kvDi74m+W+V80RkjDhexnZTCAu/wtqk
b3yPK4e1FTnbGI1dRVs3wszeYXcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBShW+t9
lp0AAEdCVRQBM/R2PK7b2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2QzMjkwYjEtNTEyMy00NjUxLWEyYjktYmRlMmM3ZDBkMzM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi4zgDAN
BgkqhkiG9w0BAQsFAAOCAQEAEGWD1sT8YPH/gMAhv5LKCC6e2qRoxTpZQNqmIWGa
lZBhy9NndroexfZys5vjrjZwV/VRxILGwChPnzwaU0YTKb2bWbedY5aGZKdnv1W4
KxaHDzimhiPwY0PkPVjf2sprq972WyCQtphxOUaEdgxVnpk41277G5RoV8OrH+Eg
BxZ9c6LxI/2uNSk6WT0Z3pkLbg2PPgP8tHUXfIWpD+kDdvF1cC6O6NjB3yj4e7C/
dLewh5Fs1H/++yAVYgjjeXENYbfYSYNM7TxAJ0/0H/9ZmL2IA2UqM3U9k5FNwgDL
53FDdvETdvjB2lgmWacbv1E1qbB9OoepSFVP+qr/XgxvtQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:32 2026 by rpki-client