Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
File: ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa (raw, json)
Hash identifier: wLN8Zsg2PDlHTrLfUFufXZeOwv0Ah5PBgL7q6L2jtyQ=
Subject key identifier: 1C:7A:B8:67:56:EC:81:BA:89:46:F6:00:3F:3D:34:B7:C9:89:3D:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3E54DE0DDF3751952BF33D1C75D4FDE5E50BC14C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
Signing time: Fri 08 May 2026 03:30:11 +0000
ROA not before: Fri 08 May 2026 03:30:11 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:54:de:0d:df:37:51:95:2b:f3:3d:1c:75:d4:fd:e5:e5:0b:c1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:30:11 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=cf199871d2e6a91cb4356021e359e84483987b4aab05a066b43323b516c79ff8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:45:4f:dd:13:17:3e:1f:5d:36:49:56:2c:cc:
86:41:f5:59:72:b5:6b:ae:f7:f5:4d:60:e1:91:fe:
75:7a:d5:90:fa:e9:14:92:d3:19:4f:df:8f:54:79:
82:11:2f:0c:47:e6:dc:75:c4:b9:49:b5:27:2c:5b:
1a:a0:5a:fe:fa:f5:70:d5:2b:14:85:0b:b9:93:16:
1a:4a:07:b4:ad:ef:11:db:80:fa:9c:a0:9d:59:5c:
da:22:21:68:84:00:6a:76:6a:fb:b5:15:1f:52:97:
5a:59:8d:70:73:d4:a0:82:fe:81:c3:30:6f:c8:d9:
b6:04:f3:7e:15:bc:8b:c2:22:b0:64:32:23:15:dd:
6b:c2:f5:fe:53:69:b5:3a:f1:51:70:33:d3:37:b0:
44:32:85:34:7f:41:c6:b5:c4:03:5b:bb:fb:6c:22:
f8:a2:7c:d3:4e:75:cf:0f:72:95:99:ab:dc:5d:5b:
de:de:d8:27:f7:81:6e:21:55:ce:e1:84:29:8e:7b:
46:a4:a6:02:c3:55:0b:28:45:8b:66:9b:82:cf:57:
4c:46:c3:6a:6a:f2:75:9d:94:c3:8f:70:f8:54:25:
c4:2a:fa:c4:16:3d:82:40:86:98:4b:66:d6:4e:56:
32:fa:c7:ee:c3:e4:e8:35:be:83:29:92:df:6d:59:
1a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:7A:B8:67:56:EC:81:BA:89:46:F6:00:3F:3D:34:B7:C9:89:3D:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:b4:af:05:72:f7:17:0c:01:d8:ea:44:26:1b:37:fc:c2:32:
c4:92:27:5c:51:14:6d:70:57:2c:bd:cf:de:50:6c:d7:8e:4e:
fe:c6:b6:95:12:b4:db:57:c9:fb:6f:e1:cb:04:a8:af:5d:c9:
fb:01:06:45:cd:fa:47:23:f6:08:9f:5c:e0:a5:57:1c:e2:86:
0a:31:f2:05:f2:4b:f2:56:ce:16:85:ad:73:ac:74:aa:6e:72:
12:a4:b4:04:5e:7a:29:a9:37:7a:58:8f:2a:8c:d6:1b:c3:ae:
96:75:9d:1a:00:f3:a3:c3:0e:d3:31:45:28:3f:2b:a8:62:82:
b5:9d:d8:70:1e:80:17:43:28:21:d6:f8:86:4a:ef:ea:a2:66:
18:46:fc:2a:6f:e8:e4:6d:72:12:26:18:ae:82:08:ef:a5:4a:
90:b0:e5:73:40:78:23:98:64:c0:9e:3a:8a:48:6c:da:9c:cb:
ac:72:05:4c:3c:2a:42:0b:00:f8:45:fd:5d:cb:6d:13:51:20:
fa:a0:dc:92:cc:a5:c2:ca:9b:03:80:2c:58:26:a9:10:44:70:
f5:28:95:d4:53:e4:de:bf:42:f4:43:8c:5b:52:b6:a6:7e:f9:
b2:26:83:4d:15:78:96:c0:95:e1:b9:96:59:2e:47:38:c5:b1:
02:90:40:ec
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPlTeDd83UZUr8z0cddT95eULwUwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzMwMTFaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmMTk5ODcxZDJlNmE5MWNiNDM1NjAyMWUzNTllODQ0ODM5ODdiNGFhYjA1
YTA2NmI0MzMyM2I1MTZjNzlmZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOhFT90TFz4fXTZJVizMhkH1WXK1a6739U1g4ZH+dXrVkPrpFJLTGU/fj1R5
ghEvDEfm3HXEuUm1JyxbGqBa/vr1cNUrFIULuZMWGkoHtK3vEduA+pygnVlc2iIh
aIQAanZq+7UVH1KXWlmNcHPUoIL+gcMwb8jZtgTzfhW8i8IisGQyIxXda8L1/lNp
tTrxUXAz0zewRDKFNH9BxrXEA1u7+2wi+KJ80051zw9ylZmr3F1b3t7YJ/eBbiFV
zuGEKY57RqSmAsNVCyhFi2abgs9XTEbDamrydZ2Uw49w+FQlxCr6xBY9gkCGmEtm
1k5WMvrH7sPk6DW+gymS321ZGt8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQcerhn
VuyBuolG9gA/PTS3yYk91zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQxZmExYTQtNDRkNi00YTRlLTgyYzQtZjMyZDMxNTgzMGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEAbrSvBXL3FwwB2OpEJhs3/MIyxJInXFEUbXBXLL3P
3lBs145O/sa2lRK021fJ+2/hywSor13J+wEGRc36RyP2CJ9c4KVXHOKGCjHyBfJL
8lbOFoWtc6x0qm5yEqS0BF56Kak3eliPKozWG8OulnWdGgDzo8MO0zFFKD8rqGKC
tZ3YcB6AF0MoIdb4hkrv6qJmGEb8Km/o5G1yEiYYroII76VKkLDlc0B4I5hkwJ46
ikhs2pzLrHIFTDwqQgsA+EX9XcttE1Eg+qDcksylwsqbA4AsWCapEERw9SiV1FPk
3r9C9EOMW1K2pn75siaDTRV4lsCV4bmWWS5HOMWxApBA7A==
-----END CERTIFICATE-----
Generated at Tue May 12 23:31:51 2026 by rpki-client