Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
File: 062e9317-b5ab-4d01-a462-4dc8d164e17c.roa (raw, json)
Hash identifier: wqOPq3mqX9WNlb05+qfqUwTNU/5sCR2VjT6Ml9YrWLA=
Subject key identifier: 39:C3:BD:7F:D7:09:77:6F:C9:4C:54:CB:96:0C:9E:5C:4A:32:3D:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F0161CCD9330CECE4C243F9C5F94234B8A7698E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
Signing time: Fri 25 Jul 2025 16:51:15 +0000
ROA not before: Fri 25 Jul 2025 16:51:15 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:01:61:cc:d9:33:0c:ec:e4:c2:43:f9:c5:f9:42:34:b8:a7:69:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:15 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=deb1dd90906c9b688edb3d9fb0f30668aa07ac7478693066c3d52a34a16eb8c4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:93:ed:8b:c3:2e:68:57:79:fb:cf:43:ea:3b:
4a:38:6e:3c:fd:3e:72:1b:67:08:c2:b3:aa:af:67:
5f:7d:8c:32:d3:d4:65:51:57:d8:ef:85:6b:29:dd:
69:1a:6e:29:fb:59:24:b0:18:b8:fa:05:88:be:c6:
fe:fb:f3:f0:dc:6e:42:61:ef:3b:e1:86:3f:c0:d5:
1d:44:f2:45:99:90:7f:4f:ef:34:ab:a3:78:87:b5:
94:2c:37:1f:cd:0d:f8:36:56:ca:55:42:31:67:d6:
35:3d:6f:7c:42:af:96:f1:55:bb:69:75:92:0b:04:
06:e0:89:71:ab:90:29:62:59:9d:e3:d9:04:db:1c:
a7:7b:a2:b8:58:d7:5f:3b:09:02:5a:d9:5e:7f:f7:
b0:51:74:8f:a4:bc:e6:c6:62:80:29:91:10:c0:65:
52:e0:24:19:d3:61:26:c9:76:70:3f:40:a8:e1:eb:
bd:b6:8e:17:c4:de:4f:6a:f9:41:dd:8b:0e:f5:86:
f5:38:6a:d3:df:9e:a5:f9:ef:22:13:ff:f8:15:36:
cd:1d:4c:bf:31:f1:92:ab:bd:8a:c4:97:88:22:fa:
6e:e2:f9:5c:dd:91:3c:3a:c7:83:d1:5e:f4:07:19:
ab:8b:f3:31:eb:9f:59:35:92:95:5b:e8:31:7d:86:
0e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C3:BD:7F:D7:09:77:6F:C9:4C:54:CB:96:0C:9E:5C:4A:32:3D:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.172.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:fd:2d:34:62:d9:97:52:06:2a:39:dd:37:31:4b:40:c1:a7:
52:39:d8:ed:89:65:bf:56:88:f7:1d:03:db:13:e7:08:48:97:
d8:0b:e2:8f:ce:12:ff:50:9c:20:e4:97:bb:e7:f1:72:67:83:
80:3e:d2:10:c5:33:38:d1:d7:30:f1:2c:3b:3a:94:9a:1b:52:
29:6c:66:4a:ae:a8:77:fa:a3:2b:39:2d:d3:52:b3:22:4c:e8:
a7:7f:85:58:e5:a2:b6:60:9d:d8:bd:12:98:62:e2:52:89:5a:
04:f4:9e:1a:db:cb:31:9d:0c:03:a6:61:fb:d7:29:cf:81:48:
80:b1:ea:5a:76:36:66:b7:c2:4a:1a:1f:9c:90:2c:c2:62:8f:
d1:a8:d8:d0:56:d0:96:2f:73:aa:bd:69:7f:8b:f3:6d:2b:36:
29:4d:f1:9b:4e:97:7c:4b:2c:76:45:24:8e:a7:7a:61:9a:a8:
78:05:a6:0f:06:5d:a6:62:59:00:2d:4d:32:e4:94:0c:95:be:
37:8f:d5:0e:b0:58:aa:12:9f:db:37:0f:b8:06:99:e6:60:a2:
f2:04:d2:0c:a7:5e:e0:9e:4e:fc:6f:c6:1b:02:04:c2:7b:fe:
1d:c2:bc:5a:d9:13:7a:8c:4b:dc:41:af:7f:ee:44:85:7a:1d:
db:95:d9:0c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHwFhzNkzDOzkwkP5xflCNLinaY4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMTVaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlYjFkZDkwOTA2YzliNjg4ZWRiM2Q5ZmIwZjMwNjY4YWEwN2FjNzQ3ODY5
MzA2NmMzZDUyYTM0YTE2ZWI4YzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOyT7YvDLmhXefvPQ+o7SjhuPP0+chtnCMKzqq9nX32MMtPUZVFX2O+Faynd
aRpuKftZJLAYuPoFiL7G/vvz8NxuQmHvO+GGP8DVHUTyRZmQf0/vNKujeIe1lCw3
H80N+DZWylVCMWfWNT1vfEKvlvFVu2l1kgsEBuCJcauQKWJZnePZBNscp3uiuFjX
XzsJAlrZXn/3sFF0j6S85sZigCmREMBlUuAkGdNhJsl2cD9AqOHrvbaOF8TeT2r5
Qd2LDvWG9Thq09+epfnvIhP/+BU2zR1MvzHxkqu9isSXiCL6buL5XN2RPDrHg9Fe
9AcZq4vzMeufWTWSlVvoMX2GDrsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ5w71/
1wl3b8lMVMuWDJ5cSjI9YDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDYyZTkzMTctYjVhYi00ZDAxLWE0NjItNGRjOGQxNjRlMTdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JrDAN
BgkqhkiG9w0BAQsFAAOCAQEAPP0tNGLZl1IGKjndNzFLQMGnUjnY7Yllv1aI9x0D
2xPnCEiX2Avij84S/1CcIOSXu+fxcmeDgD7SEMUzONHXMPEsOzqUmhtSKWxmSq6o
d/qjKzkt01KzIkzop3+FWOWitmCd2L0SmGLiUolaBPSeGtvLMZ0MA6Zh+9cpz4FI
gLHqWnY2ZrfCShofnJAswmKP0ajY0FbQli9zqr1pf4vzbSs2KU3xm06XfEssdkUk
jqd6YZqoeAWmDwZdpmJZAC1NMuSUDJW+N4/VDrBYqhKf2zcPuAaZ5mCi8gTSDKde
4J5O/G/GGwIEwnv+HcK8WtkTeoxL3EGvf+5EhXod25XZDA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:31 2025 by rpki-client