Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
File: 35fbae76-0646-43e5-826f-114b4990545e.roa (raw, json)
Hash identifier: Q9rdXjcRk22sDRV7Xm9GUFWKUCPYNPzsy2WgKZ+cHvU=
Subject key identifier: A2:5B:8F:2D:67:CC:47:C9:6F:F1:DD:AA:59:1D:A9:44:89:5B:B6:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09DB98D9754274ACCF0CCF099B8F85E44662EBFA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
Signing time: Fri 25 Jul 2025 17:00:29 +0000
ROA not before: Fri 25 Jul 2025 17:00:29 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.168.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:db:98:d9:75:42:74:ac:cf:0c:cf:09:9b:8f:85:e4:46:62:eb:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:29 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=e8e03192857cdc5bb0702aa6a0b945b5a1568a3474d43eba27706fd4b204e1aa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b4:12:dd:5a:7e:1f:a3:af:d3:df:ac:94:14:
5a:73:04:a5:70:13:21:99:b2:13:89:d5:f5:3b:af:
43:94:23:60:52:d4:eb:04:51:e5:35:70:94:a4:0c:
47:fb:cf:0c:2c:b6:db:70:7b:c6:3e:90:85:f1:fe:
a5:cb:e4:77:25:12:48:e2:5d:6f:8a:4c:b7:b1:0c:
b3:3a:40:f6:1f:cc:76:0b:f0:af:e9:c1:0c:59:a3:
75:5e:7f:a6:dd:bd:32:cf:1c:f0:36:25:eb:df:95:
14:af:b2:e8:19:4c:a7:cc:44:78:ce:31:52:a8:28:
c1:3a:a5:95:b1:39:47:e8:da:53:af:ab:f1:f8:85:
66:e2:48:55:c3:b2:2c:fa:fe:12:7d:be:e1:ef:d7:
90:61:ad:2f:3c:93:fc:06:94:46:29:95:db:c0:f8:
9c:8c:70:b5:7e:ca:2f:b7:3a:a0:be:85:40:95:f4:
1a:2b:85:a0:46:00:57:7e:a3:de:3c:4e:aa:9e:5a:
b9:27:6c:72:e6:71:f8:3b:1e:fd:17:30:00:7e:3b:
86:a6:2e:69:c4:23:ec:2c:c5:37:0b:3f:11:9b:ac:
2b:fb:a2:77:7e:2f:69:6d:ae:ce:ba:35:1c:85:5c:
ec:37:a1:40:fb:f2:c9:73:f4:d8:29:ac:a2:0c:91:
88:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:5B:8F:2D:67:CC:47:C9:6F:F1:DD:AA:59:1D:A9:44:89:5B:B6:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.168.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:be:58:58:db:85:10:cf:41:3e:2d:c3:d4:0f:fc:c3:51:91:
a0:56:79:80:3c:07:25:97:7e:b0:a3:b1:1b:1d:a2:af:6c:98:
2e:db:43:dc:4b:a8:07:96:64:8b:58:15:99:9e:2f:dd:c1:73:
da:74:2f:af:65:01:d2:3e:9e:fb:b9:20:01:a4:11:47:39:bd:
dd:1d:28:a1:36:6d:8d:a9:a7:c7:80:1c:04:98:97:7e:55:e1:
9e:48:31:27:43:9b:02:72:4c:92:c6:ab:b4:16:22:22:73:19:
bc:e3:b5:ca:9e:ce:dc:11:07:f3:49:1a:cf:13:fb:ef:79:79:
6d:e3:e4:c6:43:17:72:af:88:02:68:b7:c9:05:4a:a4:e6:ef:
68:37:05:28:b0:26:6f:5e:d2:4e:2b:81:08:51:2c:01:60:85:
98:e5:a0:21:2f:51:bc:cf:07:94:67:25:2e:8b:54:81:e7:ed:
8a:b2:21:c2:53:8f:7c:6c:2c:d2:c5:6a:c7:cd:00:02:89:ab:
f3:e8:02:87:0e:be:49:0e:12:da:2c:34:2c:5b:64:d3:14:3a:
6b:d6:a7:7e:c5:53:67:ab:ba:4f:9e:cb:f9:47:bd:83:eb:24:
b0:1a:5e:46:27:52:7c:68:14:0f:e7:79:a8:80:04:c5:08:09:
d9:6f:73:63
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCduY2XVCdKzPDM8Jm4+F5EZi6/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMjlaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4ZTAzMTkyODU3Y2RjNWJiMDcwMmFhNmEwYjk0NWI1YTE1NjhhMzQ3NGQ0
M2ViYTI3NzA2ZmQ0YjIwNGUxYWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKy0Et1afh+jr9PfrJQUWnMEpXATIZmyE4nV9TuvQ5QjYFLU6wRR5TVwlKQM
R/vPDCy223B7xj6QhfH+pcvkdyUSSOJdb4pMt7EMszpA9h/Mdgvwr+nBDFmjdV5/
pt29Ms8c8DYl69+VFK+y6BlMp8xEeM4xUqgowTqllbE5R+jaU6+r8fiFZuJIVcOy
LPr+En2+4e/XkGGtLzyT/AaURimV28D4nIxwtX7KL7c6oL6FQJX0GiuFoEYAV36j
3jxOqp5auSdscuZx+Dse/RcwAH47hqYuacQj7CzFNws/EZusK/uid34vaW2uzro1
HIVc7DehQPvyyXP02CmsogyRiCkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSiW48t
Z8xHyW/x3apZHalEiVu2PzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVmYmFlNzYtMDY0Ni00M2U1LTgyNmYtMTE0YjQ5OTA1NDVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4zqDAN
BgkqhkiG9w0BAQsFAAOCAQEAjb5YWNuFEM9BPi3D1A/8w1GRoFZ5gDwHJZd+sKOx
Gx2ir2yYLttD3EuoB5Zki1gVmZ4v3cFz2nQvr2UB0j6e+7kgAaQRRzm93R0ooTZt
jamnx4AcBJiXflXhnkgxJ0ObAnJMksartBYiInMZvOO1yp7O3BEH80kazxP773l5
bePkxkMXcq+IAmi3yQVKpObvaDcFKLAmb17STiuBCFEsAWCFmOWgIS9RvM8HlGcl
LotUgeftirIhwlOPfGws0sVqx80AAomr8+gChw6+SQ4S2iw0LFtk0xQ6a9anfsVT
Z6u6T57L+Ue9g+sksBpeRidSfGgUD+d5qIAExQgJ2W9zYw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:37 2025 by rpki-client