Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
File: b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa (raw, json)
Hash identifier: 4pKkcVeinWr7KCxQfO2BvBJ2uVlLoED4iHfWyEJQF5w=
Subject key identifier: 6F:69:23:7E:26:EB:4A:8B:1D:DF:44:1C:12:1D:F8:A1:A7:9F:CA:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F7B1C01F8B18E66C980F8D00B11321AF62ED0A9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
Signing time: Fri 08 May 2026 03:20:37 +0000
ROA not before: Fri 08 May 2026 03:20:37 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:7b:1c:01:f8:b1:8e:66:c9:80:f8:d0:0b:11:32:1a:f6:2e:d0:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:37 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=367243f7759a3d2f4b8ca9a06b0985ec6a0dc182e41ad84b7b2098cf3a5826d6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6d:c4:da:3a:f0:17:55:ea:83:59:dc:a9:b0:
2a:9f:41:13:5f:35:f4:1c:71:5a:23:9d:a2:11:37:
5d:bd:ca:c3:f9:02:91:65:a3:90:bf:cb:83:2b:00:
30:d9:cd:25:95:a9:11:8b:89:ae:6a:e0:2e:00:6c:
32:21:63:6b:d0:59:1d:b7:33:17:c2:6a:d8:45:3f:
ec:2c:af:a7:6f:6d:37:3c:fa:75:7f:9a:68:8e:c3:
c7:27:c0:fd:fb:73:9b:c8:b7:0d:04:a7:49:eb:20:
0d:5a:6f:d1:e6:66:11:72:e6:bc:80:32:99:69:44:
d7:d7:ac:73:43:48:cb:09:b9:b5:f3:ca:65:01:be:
6e:5c:b7:bc:3c:b5:ae:fc:d4:b0:82:7d:08:14:07:
9e:3f:79:cd:e7:3b:65:35:54:45:3b:4f:c6:c4:c3:
a7:8e:08:17:bc:05:cf:bf:cd:7e:28:1b:0b:47:77:
5a:6e:84:ca:29:77:6b:4e:8b:4c:5c:b3:24:f5:e6:
43:a3:c4:8e:d5:31:4f:22:96:5c:da:50:e8:6f:18:
0c:45:4c:31:f6:68:81:80:5a:f4:4c:88:4d:0a:58:
05:c3:7a:21:9f:4d:93:94:b1:1b:be:71:a1:aa:cb:
31:ca:0b:4b:9b:87:69:d3:4e:63:46:60:4f:e0:86:
44:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:69:23:7E:26:EB:4A:8B:1D:DF:44:1C:12:1D:F8:A1:A7:9F:CA:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.240.0/20
Signature Algorithm: sha256WithRSAEncryption
2d:dd:c9:3d:2b:04:41:e7:81:31:78:d0:e0:f7:7c:90:28:3a:
a5:48:36:0c:7f:94:fd:4e:e6:fe:94:5e:3d:01:35:65:79:ca:
34:8c:1c:0c:86:ee:e3:5a:5c:a7:cf:29:af:49:e6:98:67:9b:
72:bb:db:85:1b:40:83:f5:99:e6:dc:be:c7:c9:21:13:13:00:
11:81:fd:1c:28:cd:4a:2a:bb:ca:b5:74:5d:6d:81:88:0f:95:
f3:b1:52:5b:35:82:bb:95:10:cb:16:4a:36:24:c3:82:76:e5:
1f:1e:bf:98:75:5b:da:5a:81:16:51:5e:82:88:a2:1b:5b:8d:
7b:72:31:08:e6:41:72:27:e0:60:77:00:1e:78:a6:f9:b4:c2:
aa:a0:bc:97:dc:f1:7c:a8:03:4a:1a:83:b8:82:f0:97:85:31:
3c:58:26:84:0a:f3:ba:85:3c:b6:ec:4f:12:89:b8:51:b3:4f:
7f:14:f5:41:69:3b:c5:e6:e0:a6:e5:ea:4d:f0:25:f2:86:df:
c5:3e:e5:0a:b2:5c:8d:09:ff:ea:6f:e9:b9:10:9c:50:0c:db:
1a:42:7f:f0:78:9a:50:6d:b5:13:e0:93:88:55:b9:7d:7e:1b:
04:94:80:85:9b:7c:d8:99:74:14:2f:b8:b4:a2:8f:82:c7:4d:
09:04:0d:0f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUX3scAfixjmbJgPjQCxEyGvYu0KkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMzdaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2NzI0M2Y3NzU5YTNkMmY0YjhjYTlhMDZiMDk4NWVjNmEwZGMxODJlNDFh
ZDg0YjdiMjA5OGNmM2E1ODI2ZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALttxNo68BdV6oNZ3KmwKp9BE1819BxxWiOdohE3Xb3Kw/kCkWWjkL/LgysA
MNnNJZWpEYuJrmrgLgBsMiFja9BZHbczF8Jq2EU/7Cyvp29tNzz6dX+aaI7DxyfA
/ftzm8i3DQSnSesgDVpv0eZmEXLmvIAymWlE19esc0NIywm5tfPKZQG+bly3vDy1
rvzUsIJ9CBQHnj95zec7ZTVURTtPxsTDp44IF7wFz7/NfigbC0d3Wm6Eyil3a06L
TFyzJPXmQ6PEjtUxTyKWXNpQ6G8YDEVMMfZogYBa9EyITQpYBcN6IZ9Nk5SxG75x
oarLMcoLS5uHadNOY0ZgT+CGRAMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRvaSN+
JutKix3fRBwSHfihp5/KQjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQ0MzYzYjktYmE0OC00OTEzLWI4YTQtOWNkMGRjMzJiYTAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4z8DAN
BgkqhkiG9w0BAQsFAAOCAQEALd3JPSsEQeeBMXjQ4Pd8kCg6pUg2DH+U/U7m/pRe
PQE1ZXnKNIwcDIbu41pcp88pr0nmmGebcrvbhRtAg/WZ5ty+x8khExMAEYH9HCjN
Siq7yrV0XW2BiA+V87FSWzWCu5UQyxZKNiTDgnblHx6/mHVb2lqBFlFegoiiG1uN
e3IxCOZBcifgYHcAHnim+bTCqqC8l9zxfKgDShqDuILwl4UxPFgmhArzuoU8tuxP
Eom4UbNPfxT1QWk7xebgpuXqTfAl8obfxT7lCrJcjQn/6m/puRCcUAzbGkJ/8Hia
UG21E+CTiFW5fX4bBJSAhZt82Jl0FC+4tKKPgsdNCQQNDw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:55 2026 by rpki-client