Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
File: 07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa (raw, json)
Hash identifier: e8yhvLtxNOa9bXy35feBJaQ5kuulM7y75umhiCVyJMw=
Subject key identifier: FB:05:7F:44:34:03:91:86:24:57:AE:89:5F:7A:F1:63:2A:82:0D:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 259C7ECBDD2A609B0C97CF7EF997CEA76FC8C84F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
Signing time: Fri 25 Jul 2025 17:00:16 +0000
ROA not before: Fri 25 Jul 2025 17:00:16 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:9c:7e:cb:dd:2a:60:9b:0c:97:cf:7e:f9:97:ce:a7:6f:c8:c8:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:16 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=75307d86143c6b6e4266134de1c431a0274fd1df9770c605aa241734c7e3ae03, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fc:7d:0c:13:58:93:b8:3c:ff:5b:00:42:59:
5e:40:2a:27:83:ca:36:23:bc:0c:3f:30:51:3e:13:
65:59:25:55:0d:b7:5a:69:44:b4:de:31:88:db:af:
55:11:51:10:87:98:f1:78:ae:80:bf:40:79:57:f0:
88:46:35:70:18:70:98:8e:e2:bc:32:78:25:c9:ca:
06:83:04:f2:7b:01:c1:16:0c:c7:61:50:b9:5f:9e:
22:d0:cb:86:3f:84:94:90:30:a5:ac:19:58:59:49:
f9:90:6a:76:87:66:e4:fa:d5:9e:cd:d6:93:bf:dd:
94:b7:09:c5:22:f4:d1:60:8c:b7:4e:ee:c1:96:85:
29:9c:21:0f:1c:b4:e6:45:98:11:a3:b7:ac:62:cd:
99:04:f1:4e:ad:bb:17:93:2f:b5:53:ee:66:ee:0a:
63:f4:d7:f4:dc:90:fc:58:68:44:b7:39:04:4d:43:
7c:9b:9d:b7:50:83:12:60:0d:9b:54:6d:ca:12:9d:
65:e2:9c:6e:90:f6:83:49:08:39:10:f4:c3:93:11:
d9:bb:0d:d4:4c:9f:05:42:84:ce:8f:0e:32:63:06:
90:94:f5:0b:7d:0b:5d:46:a4:9d:0a:a8:fb:62:8f:
e0:7a:a0:05:5e:e5:8b:af:20:ac:6f:9f:d6:32:48:
44:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:05:7F:44:34:03:91:86:24:57:AE:89:5F:7A:F1:63:2A:82:0D:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.176.0/20
Signature Algorithm: sha256WithRSAEncryption
5b:39:4d:69:07:d9:14:d4:5c:6e:80:b3:eb:0e:a9:63:ea:0e:
80:4f:2b:b7:15:08:aa:cc:64:0b:c3:9f:79:8d:61:ea:5e:34:
04:b6:45:2f:31:b9:a6:67:16:39:2c:0c:6f:9c:03:42:d7:bd:
e0:db:a4:76:85:7c:d7:ce:d8:bd:b6:a8:17:64:5c:d6:02:e0:
f5:0d:dc:6d:46:6b:24:dd:ac:e2:86:55:9f:aa:ec:4a:81:36:
92:fb:0b:39:70:ee:b8:25:78:29:2c:85:d3:aa:e7:f0:c1:e2:
70:2d:28:99:60:c2:35:68:11:1f:02:0e:e9:d4:7f:37:97:ad:
cd:d7:e7:ba:76:12:f2:6b:97:9b:f8:6e:8e:0c:e5:70:3b:3b:
5f:bd:af:b1:08:49:13:b7:4c:79:38:66:6f:cf:5b:ad:16:90:
18:a3:dc:53:35:92:37:a3:56:b2:e5:ac:ce:57:1e:38:ae:6e:
a2:c7:99:16:b1:23:eb:4f:ba:ae:f6:7d:b2:50:70:cf:28:66:
cc:96:35:73:c0:c3:67:7c:31:6b:ec:24:85:94:73:f4:e4:4e:
4c:b9:c1:d8:20:1b:70:f1:99:87:bc:c1:89:8f:2f:89:5e:3e:
98:9b:94:19:a3:70:22:56:f6:db:9a:7c:ea:98:a6:38:9e:69:
47:0f:fb:16
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJZx+y90qYJsMl89++ZfOp2/IyE8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMTZaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1MzA3ZDg2MTQzYzZiNmU0MjY2MTM0ZGUxYzQzMWEwMjc0ZmQxZGY5Nzcw
YzYwNWFhMjQxNzM0YzdlM2FlMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALP8fQwTWJO4PP9bAEJZXkAqJ4PKNiO8DD8wUT4TZVklVQ23WmlEtN4xiNuv
VRFREIeY8XiugL9AeVfwiEY1cBhwmI7ivDJ4JcnKBoME8nsBwRYMx2FQuV+eItDL
hj+ElJAwpawZWFlJ+ZBqdodm5PrVns3Wk7/dlLcJxSL00WCMt07uwZaFKZwhDxy0
5kWYEaO3rGLNmQTxTq27F5MvtVPuZu4KY/TX9NyQ/FhoRLc5BE1DfJudt1CDEmAN
m1RtyhKdZeKcbpD2g0kIORD0w5MR2bsN1EyfBUKEzo8OMmMGkJT1C30LXUaknQqo
+2KP4HqgBV7li68grG+f1jJIRP0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT7BX9E
NAORhiRXrolfevFjKoIN3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDcxNDRmMzgtZWQ0Ni00MGJjLWEzZWQtMzA3ODVjMGNjM2UyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JsDAN
BgkqhkiG9w0BAQsFAAOCAQEAWzlNaQfZFNRcboCz6w6pY+oOgE8rtxUIqsxkC8Of
eY1h6l40BLZFLzG5pmcWOSwMb5wDQte94NukdoV8187YvbaoF2Rc1gLg9Q3cbUZr
JN2s4oZVn6rsSoE2kvsLOXDuuCV4KSyF06rn8MHicC0omWDCNWgRHwIO6dR/N5et
zdfnunYS8muXm/hujgzlcDs7X72vsQhJE7dMeThmb89brRaQGKPcUzWSN6NWsuWs
zlceOK5uoseZFrEj60+6rvZ9slBwzyhmzJY1c8DDZ3wxa+wkhZRz9OROTLnB2CAb
cPGZh7zBiY8viV4+mJuUGaNwIlb225p86pimOJ5pRw/7Fg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:57:54 2025 by rpki-client