Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
File: 35fbae76-0646-43e5-826f-114b4990545e.roa (raw, json)
Hash identifier: xwTXaauGPQfzG7EvcxEBSqwYS2UXtRSCrHUHWstfBiM=
Subject key identifier: FD:D5:97:C7:1A:20:64:FC:DA:0B:8E:E7:80:C0:29:AB:02:C0:1B:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 360C30BF9304EFE9EE6B66B5850BBC27B60928BB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
Signing time: Tue 04 Nov 2025 02:50:47 +0000
ROA not before: Tue 04 Nov 2025 02:50:47 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.168.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:0c:30:bf:93:04:ef:e9:ee:6b:66:b5:85:0b:bc:27:b6:09:28:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:50:47 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=1d855f1dbf9a5b8fd1e55be85563de58ec88d57c38ba406bbce5736cc3db34a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c5:8f:b7:19:6f:0b:eb:93:5f:34:49:6b:b1:
51:f7:80:b4:64:7c:a9:26:b1:13:c6:27:cc:77:a0:
bf:97:45:37:2c:92:a5:31:f2:8f:de:2d:f5:10:8d:
8f:67:02:f3:b4:e1:2f:be:0e:79:b3:56:06:99:5a:
ed:8e:d4:69:6e:1e:ff:cd:39:4c:27:11:3c:c1:24:
ec:89:e3:19:1f:0b:c8:a1:16:74:c1:83:26:c9:ab:
f3:3d:29:80:26:0e:b3:7c:0a:99:49:d7:e3:5d:86:
cb:be:fe:40:d6:cc:1b:1d:cd:89:de:88:67:69:83:
dc:03:51:ae:c0:29:d6:bc:96:bc:a3:64:f6:03:06:
7f:b6:6a:9e:c6:dd:bb:b6:5b:8c:e7:25:d6:fe:f1:
c4:44:41:47:84:aa:a6:25:3e:a7:04:8f:b2:f1:9c:
e5:82:0f:d0:45:8c:d8:cf:18:fe:cd:9f:ae:2a:65:
45:39:06:5d:3c:a3:98:9b:ca:a9:e2:9c:40:7d:c0:
03:53:b2:d7:ef:af:55:67:d7:08:79:62:9d:5d:3c:
a7:86:fa:3f:c2:55:e5:0a:fb:80:bc:be:8b:72:a9:
b7:1d:a2:1d:8c:52:48:40:49:77:68:cd:86:88:73:
4f:1b:d5:18:11:f0:9e:2d:de:72:04:ee:c0:92:b2:
a7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:D5:97:C7:1A:20:64:FC:DA:0B:8E:E7:80:C0:29:AB:02:C0:1B:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.168.0/21
Signature Algorithm: sha256WithRSAEncryption
17:4e:24:67:32:27:ae:b1:52:4a:d4:dc:02:f8:59:c6:79:9b:
a1:2a:d2:0d:0b:87:4a:4a:ac:32:5b:3e:8f:d8:00:4c:71:95:
92:65:10:0b:3f:67:e3:ce:54:71:73:6c:f2:fb:4b:51:f6:ea:
79:68:92:62:ab:ed:f1:1c:1f:28:f4:ee:b1:9c:e0:48:f8:2f:
eb:b4:bd:31:94:3d:73:18:00:6c:c7:cd:1b:76:e8:40:96:d6:
43:f6:0f:6b:32:aa:7b:e4:dd:af:3f:36:dc:84:89:1e:fe:ee:
d5:0c:cb:72:ec:bf:5a:52:14:f2:b5:f6:4c:70:ab:10:9b:5e:
87:8b:05:2f:75:24:ba:f2:34:2a:71:3f:a1:ba:b6:6b:2b:83:
b5:7d:ae:bb:77:6a:86:7d:bd:19:d0:1b:58:1f:0f:d2:c9:0a:
81:3d:0d:ed:10:76:e9:b7:75:90:b5:28:43:2f:9d:18:fc:d7:
e1:48:cd:b0:77:26:ee:5e:31:af:8d:66:45:a6:d0:22:ae:44:
b7:0a:25:eb:85:9f:5c:21:8c:f0:73:fb:d1:be:70:d2:c2:c4:
ed:57:37:f2:e6:5b:e6:60:0d:a6:b4:c1:59:66:c0:a9:9d:3f:
2a:87:a3:a0:c1:40:c6:95:e4:88:6a:5d:f1:62:13:57:d5:31:
09:de:b6:73
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNgwwv5ME7+nua2a1hQu8J7YJKLswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUwNDdaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkODU1ZjFkYmY5YTViOGZkMWU1NWJlODU1NjNkZTU4ZWM4OGQ1N2MzOGJh
NDA2YmJjZTU3MzZjYzNkYjM0YTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTFj7cZbwvrk180SWuxUfeAtGR8qSaxE8YnzHegv5dFNyySpTHyj94t9RCN
j2cC87ThL74OebNWBpla7Y7UaW4e/805TCcRPMEk7InjGR8LyKEWdMGDJsmr8z0p
gCYOs3wKmUnX412Gy77+QNbMGx3Nid6IZ2mD3ANRrsAp1ryWvKNk9gMGf7Zqnsbd
u7ZbjOcl1v7xxERBR4SqpiU+pwSPsvGc5YIP0EWM2M8Y/s2friplRTkGXTyjmJvK
qeKcQH3AA1Oy1++vVWfXCHlinV08p4b6P8JV5Qr7gLy+i3Kptx2iHYxSSEBJd2jN
hohzTxvVGBHwni3ecgTuwJKyp5ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT91ZfH
GiBk/NoLjueAwCmrAsAb8DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVmYmFlNzYtMDY0Ni00M2U1LTgyNmYtMTE0YjQ5OTA1NDVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4zqDAN
BgkqhkiG9w0BAQsFAAOCAQEAF04kZzInrrFSStTcAvhZxnmboSrSDQuHSkqsMls+
j9gATHGVkmUQCz9n485UcXNs8vtLUfbqeWiSYqvt8RwfKPTusZzgSPgv67S9MZQ9
cxgAbMfNG3boQJbWQ/YPazKqe+Tdrz823ISJHv7u1QzLcuy/WlIU8rX2THCrEJte
h4sFL3UkuvI0KnE/obq2ayuDtX2uu3dqhn29GdAbWB8P0skKgT0N7RB26bd1kLUo
Qy+dGPzX4UjNsHcm7l4xr41mRabQIq5Etwol64WfXCGM8HP70b5w0sLE7Vc38uZb
5mANprTBWWbAqZ0/KoejoMFAxpXkiGpd8WITV9UxCd62cw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:43:42 2025 by rpki-client