Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
File: 01bbf67c-f7ae-457c-80b3-728a951b236a.roa (raw, json)
Hash identifier: dy3GQb17HhHtzRZl9awwfcXuPFWbkk3WuixinAlwZJ0=
Subject key identifier: 56:43:0F:C3:4C:91:F3:21:98:E8:61:68:13:E1:23:BA:31:CA:21:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BB239739D7ADFDE7E89F674078E87665A724346
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
Signing time: Fri 25 Jul 2025 17:00:18 +0000
ROA not before: Fri 25 Jul 2025 17:00:18 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:b2:39:73:9d:7a:df:de:7e:89:f6:74:07:8e:87:66:5a:72:43:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:18 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=7e68c2972d4090bfc9742ee86bd6cfe8ef1d2e734d7480a31e94ecbb49b1523b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7c:95:b7:28:b3:01:4b:ca:c9:6b:6a:9e:64:
d2:ce:4f:42:1f:90:5a:c1:69:20:ab:ca:29:2d:d2:
48:fc:c0:d1:e2:1a:53:79:02:e4:7a:b9:cb:14:5b:
ee:7c:6c:4c:37:ee:b6:72:4b:5e:3c:44:a0:2a:cf:
65:f3:36:2d:fc:46:86:1f:f9:01:c4:98:b6:ff:57:
1d:7c:fb:6c:c1:a8:4d:b6:52:7b:32:57:f7:92:ee:
e1:df:d9:29:a2:83:62:47:86:b5:2e:8e:33:b7:8b:
81:bb:0b:a1:e1:7b:d4:45:74:ad:1c:ac:99:4d:19:
ec:69:90:24:c8:72:cc:35:4c:ac:fd:fe:50:d6:b4:
0a:db:25:7b:c4:fc:f6:53:83:5a:66:6f:16:dc:11:
da:49:65:40:a7:92:35:b8:00:8f:be:fa:ad:0d:ce:
f0:38:cd:32:d5:c4:ff:88:ed:64:54:a0:cf:fb:50:
15:0e:58:e3:b8:bd:93:22:a5:b0:08:09:81:a3:f5:
f4:d1:59:02:bb:e6:50:6d:d3:b0:e1:55:34:20:6f:
44:41:a5:bd:b9:05:bb:59:65:d1:cd:f4:95:0c:8b:
bc:ca:83:97:bb:e9:88:ca:0b:28:1d:de:36:45:24:
01:47:a1:32:a0:70:44:8c:b6:64:13:e7:73:0b:17:
a6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:43:0F:C3:4C:91:F3:21:98:E8:61:68:13:E1:23:BA:31:CA:21:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/18
Signature Algorithm: sha256WithRSAEncryption
4a:19:91:93:5a:d3:db:c3:b6:51:02:9b:f4:11:4a:f9:76:1c:
1c:ce:33:cd:c6:0e:4c:7f:2c:aa:7f:90:36:d0:20:1b:2c:f0:
6d:d2:8d:a8:34:2c:a5:06:32:ed:dd:f6:d3:a5:00:dd:84:06:
d3:88:58:f6:a6:45:74:73:ec:11:80:05:0e:ed:8c:ca:73:99:
d0:06:a3:c5:5b:d4:04:b6:fb:a1:15:65:37:11:e3:ca:94:c2:
ec:ab:83:c1:54:56:c1:00:54:2f:d6:63:e2:50:b9:c0:c2:46:
9e:0b:40:9c:09:6f:3b:9a:0f:01:d2:f5:24:e0:2a:f9:d9:a2:
ee:7d:9c:e0:87:a2:c6:2b:e5:3a:6b:60:ca:ce:bb:38:69:5f:
2a:23:ce:06:b3:ca:64:34:d0:27:68:aa:aa:d9:d4:27:e7:b1:
2e:39:41:e1:72:69:e3:e2:1a:e3:82:58:17:65:3c:5e:de:36:
0b:1c:64:65:15:23:2e:af:d0:f2:38:60:da:95:15:4f:f4:fd:
f8:0c:79:a4:71:a2:a9:b4:a1:d2:44:92:72:af:44:6f:7d:53:
42:34:f4:9e:0a:a9:1a:6f:c8:a3:96:a3:ea:6f:7e:d9:2d:27:
f0:8f:39:42:58:cc:2b:38:d4:9a:ea:23:33:f8:df:48:f4:7c:
95:79:6a:99
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUa7I5c516395+ifZ0B46HZlpyQ0YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMThaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlNjhjMjk3MmQ0MDkwYmZjOTc0MmVlODZiZDZjZmU4ZWYxZDJlNzM0ZDc0
ODBhMzFlOTRlY2JiNDliMTUyM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANd8lbcoswFLyslrap5k0s5PQh+QWsFpIKvKKS3SSPzA0eIaU3kC5Hq5yxRb
7nxsTDfutnJLXjxEoCrPZfM2LfxGhh/5AcSYtv9XHXz7bMGoTbZSezJX95Lu4d/Z
KaKDYkeGtS6OM7eLgbsLoeF71EV0rRysmU0Z7GmQJMhyzDVMrP3+UNa0Ctsle8T8
9lODWmZvFtwR2kllQKeSNbgAj776rQ3O8DjNMtXE/4jtZFSgz/tQFQ5Y47i9kyKl
sAgJgaP19NFZArvmUG3TsOFVNCBvREGlvbkFu1ll0c30lQyLvMqDl7vpiMoLKB3e
NkUkAUehMqBwRIy2ZBPncwsXpkcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRWQw/D
TJHzIZjoYWgT4SO6McohIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDFiYmY2N2MtZjdhZS00NTdjLTgwYjMtNzI4YTk1MWIyMzZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEAShmRk1rT28O2UQKb9BFK+XYcHM4zzcYOTH8sqn+Q
NtAgGyzwbdKNqDQspQYy7d3206UA3YQG04hY9qZFdHPsEYAFDu2MynOZ0AajxVvU
BLb7oRVlNxHjypTC7KuDwVRWwQBUL9Zj4lC5wMJGngtAnAlvO5oPAdL1JOAq+dmi
7n2c4IeixivlOmtgys67OGlfKiPOBrPKZDTQJ2iqqtnUJ+exLjlB4XJp4+Ia44JY
F2U8Xt42CxxkZRUjLq/Q8jhg2pUVT/T9+Ax5pHGiqbSh0kSScq9Eb31TQjT0ngqp
Gm/Io5aj6m9+2S0n8I85QljMKzjUmuojM/jfSPR8lXlqmQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:56 2025 by rpki-client