Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
File: 35fbae76-0646-43e5-826f-114b4990545e.roa (raw, json)
Hash identifier: bLWeLkNfD4snnCnS8Bou30AIBRcpKajp8+B/9XH3tKs=
Subject key identifier: E3:D9:B5:B8:B3:50:1C:C9:16:56:5A:18:D5:B3:DE:1B:DF:DE:4D:DF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 487F2C87B6A2DFFF275703E67B7C803E2B23517A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
Signing time: Tue 17 Feb 2026 03:00:33 +0000
ROA not before: Tue 17 Feb 2026 03:00:33 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.168.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:7f:2c:87:b6:a2:df:ff:27:57:03:e6:7b:7c:80:3e:2b:23:51:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 17 03:00:33 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=1269cca8db4502c8ecdbca0216ab90c0dc178f11fa39de351631cd9e34d023ca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:af:a3:e2:2d:5b:61:15:ae:d1:b3:24:74:c2:
34:87:10:79:79:89:2a:26:dc:33:39:1e:61:46:c1:
a1:69:47:ca:a8:52:e7:d2:e9:88:ee:19:0d:f5:3c:
fb:3d:8a:6d:d3:ef:6b:21:ea:42:a2:67:5f:f8:26:
70:68:2f:09:cb:e6:0f:f5:b2:d0:33:cb:3a:6d:6e:
30:dc:89:8f:5a:73:36:27:a5:64:cd:ea:89:ee:64:
04:da:f1:9b:38:7a:0f:3b:10:eb:3a:f8:27:22:46:
4f:f9:c3:82:3e:8f:9b:6a:5d:8e:bb:6c:fd:85:4e:
77:b8:60:d8:c9:2f:4e:7f:b8:9e:c5:8a:0f:91:b6:
f0:e4:3b:7f:7b:89:e2:f1:d8:49:99:45:58:ce:97:
39:78:b5:e4:0b:ac:ab:d1:24:df:90:c8:da:e5:64:
27:fe:ab:e3:1a:e6:f6:12:1e:a1:28:2d:c7:a9:7c:
c2:cc:3f:ac:91:37:38:8d:91:3f:9d:71:94:ee:da:
ae:d6:c9:a4:e2:50:57:95:9f:53:ab:6f:34:be:c2:
aa:31:82:48:7a:82:61:24:b3:a6:76:4c:a4:ac:07:
63:93:3b:1f:fa:bc:2d:6f:b8:dc:15:6a:29:c3:f5:
99:12:d0:40:04:ba:f2:e5:6e:25:a9:d5:15:a6:20:
0e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:D9:B5:B8:B3:50:1C:C9:16:56:5A:18:D5:B3:DE:1B:DF:DE:4D:DF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.168.0/21
Signature Algorithm: sha256WithRSAEncryption
20:7a:99:a6:87:68:56:7b:fc:0e:cd:19:71:f2:a3:55:39:59:
21:20:95:f7:86:52:fd:0b:14:a8:10:cc:2d:c0:da:a3:03:ac:
22:6b:75:a7:5a:0e:12:0e:96:3e:aa:cd:1d:d9:7e:10:9a:5e:
70:6e:cd:02:ea:3c:77:93:54:59:f8:96:51:4a:83:6d:67:cf:
99:0a:f3:43:0e:23:d4:b1:d1:82:d6:e7:a9:c6:3f:40:10:f4:
c9:fd:dc:f8:db:4b:96:cb:f5:1f:3c:1c:c2:b8:89:2c:8d:08:
ac:58:10:34:4b:d5:e9:db:cc:5b:a3:3a:e0:ac:1f:24:c0:9b:
66:4d:f9:7c:f8:67:27:42:85:b8:44:73:31:dd:c0:af:6f:05:
3e:f9:6b:e9:62:3a:3a:dc:5b:f0:f1:5e:fe:6c:88:8d:4c:0a:
b6:59:55:bc:3d:45:bd:c4:52:6d:14:d3:81:89:ca:33:41:b2:
99:e2:d3:16:2d:95:a5:24:58:87:88:67:5f:8d:53:bf:ea:a4:
74:f1:9f:db:3d:73:c5:79:2f:db:42:5c:c9:2e:1d:a3:66:06:
43:fe:50:84:4e:b9:ef:4c:a3:d6:4d:92:99:1a:61:94:a5:e4:
c8:9b:67:69:2a:1d:87:7b:24:22:8d:b8:9a:2b:14:93:12:8d:
33:60:58:ce
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSH8sh7ai3/8nVwPme3yAPisjUXowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMTcwMzAwMzNaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyNjljY2E4ZGI0NTAyYzhlY2RiY2EwMjE2YWI5MGMwZGMxNzhmMTFmYTM5
ZGUzNTE2MzFjZDllMzRkMDIzY2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGvo+ItW2EVrtGzJHTCNIcQeXmJKibcMzkeYUbBoWlHyqhS59LpiO4ZDfU8
+z2KbdPvayHqQqJnX/gmcGgvCcvmD/Wy0DPLOm1uMNyJj1pzNielZM3qie5kBNrx
mzh6DzsQ6zr4JyJGT/nDgj6Pm2pdjrts/YVOd7hg2MkvTn+4nsWKD5G28OQ7f3uJ
4vHYSZlFWM6XOXi15Ausq9Ek35DI2uVkJ/6r4xrm9hIeoSgtx6l8wsw/rJE3OI2R
P51xlO7artbJpOJQV5WfU6tvNL7CqjGCSHqCYSSzpnZMpKwHY5M7H/q8LW+43BVq
KcP1mRLQQAS68uVuJanVFaYgDj8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTj2bW4
s1AcyRZWWhjVs94b395N3zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVmYmFlNzYtMDY0Ni00M2U1LTgyNmYtMTE0YjQ5OTA1NDVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4zqDAN
BgkqhkiG9w0BAQsFAAOCAQEAIHqZpodoVnv8Ds0ZcfKjVTlZISCV94ZS/QsUqBDM
LcDaowOsImt1p1oOEg6WPqrNHdl+EJpecG7NAuo8d5NUWfiWUUqDbWfPmQrzQw4j
1LHRgtbnqcY/QBD0yf3c+NtLlsv1HzwcwriJLI0IrFgQNEvV6dvMW6M64KwfJMCb
Zk35fPhnJ0KFuERzMd3Ar28FPvlr6WI6Otxb8PFe/myIjUwKtllVvD1FvcRSbRTT
gYnKM0GymeLTFi2VpSRYh4hnX41Tv+qkdPGf2z1zxXkv20JcyS4do2YGQ/5QhE65
70yj1k2SmRphlKXkyJtnaSodh3skIo24misUkxKNM2BYzg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:03 2026 by rpki-client