Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
File: a472a17f-cded-45fb-a444-3393023f0b36.roa (raw, json)
Hash identifier: qUPx2pIzG8+RF+IwrTfHo26opb2zNWLeYZ13alJnT3w=
Subject key identifier: 14:45:41:31:B6:AA:7E:BC:03:4C:7F:58:3D:CC:19:03:3F:0C:68:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 049CCD19694DE9BE54CC9405B345F8B0E09A2D7D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
Signing time: Fri 08 May 2026 03:30:10 +0000
ROA not before: Fri 08 May 2026 03:30:10 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:9c:cd:19:69:4d:e9:be:54:cc:94:05:b3:45:f8:b0:e0:9a:2d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:30:10 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=fa7c08b8fcfbd2c193f77eec885c790681c4aac1be18fe62b5e97b4f80694e53, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:18:28:d8:28:d6:43:5c:b3:9f:0e:d5:62:bb:
bc:2e:fd:37:09:df:c3:50:bf:f9:36:53:7c:16:ea:
c1:a0:50:f3:26:76:90:a9:24:a4:78:6e:87:05:9a:
be:3d:15:43:ea:bc:f2:b6:05:ba:a8:b8:df:ab:55:
ce:c5:bb:aa:12:70:b8:7d:8a:f8:a5:ca:73:0d:b8:
d7:13:a4:18:0b:ea:d6:1f:d8:0c:da:b6:92:6e:de:
d1:09:59:91:f9:31:97:15:95:cc:63:28:f1:04:a7:
0d:1a:e1:cc:c6:2b:b5:1e:56:39:66:e3:47:fa:15:
0b:df:61:f5:b8:61:2a:6b:73:e2:5e:e9:47:00:29:
be:19:b9:ad:aa:91:1f:56:2c:f8:f6:41:a3:2a:a5:
25:88:b9:cd:5a:de:cc:05:fe:b2:6f:31:b4:8e:82:
04:39:a7:7a:d2:13:50:27:b5:ec:2a:0b:96:19:97:
72:81:c0:40:00:1a:b2:b0:dc:e6:bf:4d:ca:46:de:
ba:70:d8:7b:14:19:ad:fb:a4:fc:c6:c0:10:d3:a6:
55:eb:86:17:c0:bb:3a:21:dd:d4:fa:6d:2c:bb:b6:
e0:1b:b9:88:10:86:57:95:85:69:51:30:af:e6:fc:
83:a0:b9:8a:24:94:c5:a2:50:df:2a:fd:c3:46:de:
07:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:45:41:31:B6:AA:7E:BC:03:4C:7F:58:3D:CC:19:03:3F:0C:68:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:5f:9f:37:52:25:e7:22:2c:f8:89:7a:da:25:68:c4:a0:2a:
4f:c8:98:ce:4c:f2:05:85:55:34:6e:49:05:b2:c0:73:83:2c:
a9:bd:78:71:1d:86:e2:3a:03:9d:a4:fc:50:ee:70:3a:17:6f:
e3:da:81:8e:c3:8b:e0:50:a9:2a:c8:f1:3a:06:95:25:7b:4b:
cf:a1:4d:e6:20:ce:31:06:77:e2:7c:d1:d2:96:1b:30:89:16:
ab:9b:6a:e1:7a:98:fd:75:5d:ad:1f:b0:97:6c:49:84:5e:84:
be:71:48:62:32:3c:0f:9b:a4:f3:bd:93:68:5f:88:2f:09:b8:
19:8c:90:f0:8d:d8:7b:8e:b8:1b:4e:b2:90:a9:7c:a8:2c:6a:
5b:7d:4d:a1:51:7c:e1:64:7b:a9:30:1b:b9:13:9c:86:d3:c0:
75:9e:a2:8c:dd:b9:56:be:a0:87:87:5a:ec:59:30:65:52:b5:
d5:ed:d4:9c:0e:74:37:8d:35:cf:e4:08:89:2b:28:39:58:1b:
f2:15:4a:26:8d:3e:b6:87:82:81:00:87:75:d5:d3:28:22:64:
63:19:99:a9:6a:aa:3a:ee:3e:49:90:30:4e:cf:d5:8c:3e:7f:
c4:43:c1:42:4d:9f:5e:26:71:26:57:21:52:1f:67:83:2b:62:
48:7d:50:d1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBJzNGWlN6b5UzJQFs0X4sOCaLX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzMwMTBaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhN2MwOGI4ZmNmYmQyYzE5M2Y3N2VlYzg4NWM3OTA2ODFjNGFhYzFiZTE4
ZmU2MmI1ZTk3YjRmODA2OTRlNTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8YKNgo1kNcs58O1WK7vC79Nwnfw1C/+TZTfBbqwaBQ8yZ2kKkkpHhuhwWa
vj0VQ+q88rYFuqi436tVzsW7qhJwuH2K+KXKcw241xOkGAvq1h/YDNq2km7e0QlZ
kfkxlxWVzGMo8QSnDRrhzMYrtR5WOWbjR/oVC99h9bhhKmtz4l7pRwApvhm5raqR
H1Ys+PZBoyqlJYi5zVrezAX+sm8xtI6CBDmnetITUCe17CoLlhmXcoHAQAAasrDc
5r9NykbeunDYexQZrfuk/MbAENOmVeuGF8C7OiHd1PptLLu24Bu5iBCGV5WFaVEw
r+b8g6C5iiSUxaJQ3yr9w0beB+8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQURUEx
tqp+vANMf1g9zBkDPwxoVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQ3MmExN2YtY2RlZC00NWZiLWE0NDQtMzM5MzAyM2YwYjM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEAL1+fN1Il5yIs+Il62iVoxKAqT8iYzkzyBYVVNG5J
BbLAc4Msqb14cR2G4joDnaT8UO5wOhdv49qBjsOL4FCpKsjxOgaVJXtLz6FN5iDO
MQZ34nzR0pYbMIkWq5tq4XqY/XVdrR+wl2xJhF6EvnFIYjI8D5uk872TaF+ILwm4
GYyQ8I3Ye464G06ykKl8qCxqW31NoVF84WR7qTAbuROchtPAdZ6ijN25Vr6gh4da
7FkwZVK11e3UnA50N401z+QIiSsoOVgb8hVKJo0+toeCgQCHddXTKCJkYxmZqWqq
Ou4+SZAwTs/VjD5/xEPBQk2fXiZxJlchUh9ngytiSH1Q0Q==
-----END CERTIFICATE-----
Generated at Tue May 12 23:45:32 2026 by rpki-client