Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
File: 07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa (raw, json)
Hash identifier: fWPY8P1k7/7X2OddyXq/zDCNwZ9VRk9USj6k+k0Kw9s=
Subject key identifier: BE:9C:CF:F2:E9:EE:18:6F:33:A3:AE:44:E7:8C:22:A2:18:0B:40:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 177B930523D312D3A65D5043718537FD3ECB6642
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
Signing time: Tue 04 Nov 2025 02:50:07 +0000
ROA not before: Tue 04 Nov 2025 02:50:07 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:7b:93:05:23:d3:12:d3:a6:5d:50:43:71:85:37:fd:3e:cb:66:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:50:07 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=81abbfd30fa4f545bc6fc58e02e21c908bfe4de269566e46d0e44c269c1c7dd2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:72:24:60:f9:98:fd:61:69:06:2f:35:1d:2b:
fd:c4:4e:05:97:00:fa:e8:bb:75:44:6e:57:91:39:
e5:eb:07:87:6a:80:b5:97:e1:47:be:8a:4a:9e:16:
64:82:62:74:7f:bd:c6:b9:0a:1c:24:3b:10:a4:a3:
e5:23:40:0f:c8:58:b0:88:3b:ca:97:2a:65:59:70:
4a:f5:fe:9d:f4:be:e2:36:38:cb:55:94:91:cb:db:
f9:f9:1e:3d:c3:24:f6:3c:e4:f4:a6:bf:65:c7:3d:
d3:4f:a8:e0:1f:cd:cc:0b:5c:0f:45:82:b6:83:b7:
2a:26:d3:d9:53:18:6e:95:0d:f4:a0:fd:50:18:52:
c7:4b:a9:37:41:2a:10:3d:80:ec:5d:06:78:9a:47:
91:9e:85:85:7a:3c:ff:77:04:64:b6:66:94:4b:ee:
38:ea:5d:de:4b:26:44:23:0d:7e:f6:b7:a3:e3:e6:
cc:2d:cf:50:0d:ba:fe:fc:cf:50:78:4e:6c:67:d3:
23:60:48:21:74:c7:c1:69:cb:28:b8:b3:95:4d:54:
ac:75:5e:6f:9e:a0:6b:05:96:ae:fc:f6:86:1b:d0:
69:cd:3a:0d:75:50:13:6a:33:5a:4b:46:33:d5:33:
6c:d1:aa:14:9e:07:6b:c9:3a:06:1d:00:3c:26:2d:
d7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:9C:CF:F2:E9:EE:18:6F:33:A3:AE:44:E7:8C:22:A2:18:0B:40:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.176.0/20
Signature Algorithm: sha256WithRSAEncryption
25:e6:66:f7:c8:31:f3:4b:58:45:a6:64:dc:3d:b5:74:d8:84:
b2:f5:51:60:6c:6f:a3:ac:4d:ea:25:8f:21:c1:aa:46:de:e1:
db:a4:b1:0b:e0:85:48:c0:80:b2:46:ef:fd:b0:50:53:51:c8:
ca:cc:a3:fc:c9:3a:9b:32:75:49:63:74:d5:05:3c:d2:ed:d9:
68:e2:0c:9b:69:c5:51:8f:e1:c0:31:1d:d1:dd:76:f1:92:3c:
61:8f:9d:eb:27:6e:88:44:35:7f:50:50:81:9f:ce:d3:90:4b:
e8:f8:9e:37:63:9f:b5:50:83:e7:76:cc:e9:3a:31:83:d5:88:
42:b8:6f:02:ff:00:ab:1e:a1:58:b8:04:25:ea:89:45:bb:e5:
3a:ad:27:e2:ed:01:94:63:d5:cc:b1:be:d7:35:8a:b4:3b:29:
91:d5:23:42:2d:56:6a:21:26:cc:49:2a:b0:72:f9:42:61:77:
b7:67:fe:1d:17:88:b1:64:f9:4c:5a:05:62:ff:f4:61:49:b8:
d2:23:c5:51:2a:7e:99:bc:6a:90:17:48:a8:5b:cb:d2:43:04:
27:18:24:a2:db:17:41:24:71:e3:10:63:b9:c9:6f:1d:86:ea:
06:e4:7a:2c:2c:a8:07:48:96:57:b9:95:5d:bd:c7:1c:83:b6:
0b:bf:b4:3c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUF3uTBSPTEtOmXVBDcYU3/T7LZkIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUwMDdaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxYWJiZmQzMGZhNGY1NDViYzZmYzU4ZTAyZTIxYzkwOGJmZTRkZTI2OTU2
NmU0NmQwZTQ0YzI2OWMxYzdkZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNyJGD5mP1haQYvNR0r/cROBZcA+ui7dURuV5E55esHh2qAtZfhR76KSp4W
ZIJidH+9xrkKHCQ7EKSj5SNAD8hYsIg7ypcqZVlwSvX+nfS+4jY4y1WUkcvb+fke
PcMk9jzk9Ka/Zcc900+o4B/NzAtcD0WCtoO3KibT2VMYbpUN9KD9UBhSx0upN0Eq
ED2A7F0GeJpHkZ6FhXo8/3cEZLZmlEvuOOpd3ksmRCMNfva3o+PmzC3PUA26/vzP
UHhObGfTI2BIIXTHwWnLKLizlU1UrHVeb56gawWWrvz2hhvQac06DXVQE2ozWktG
M9UzbNGqFJ4Ha8k6Bh0APCYt1w8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS+nM/y
6e4YbzOjrkTnjCKiGAtA7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDcxNDRmMzgtZWQ0Ni00MGJjLWEzZWQtMzA3ODVjMGNjM2UyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JsDAN
BgkqhkiG9w0BAQsFAAOCAQEAJeZm98gx80tYRaZk3D21dNiEsvVRYGxvo6xN6iWP
IcGqRt7h26SxC+CFSMCAskbv/bBQU1HIysyj/Mk6mzJ1SWN01QU80u3ZaOIMm2nF
UY/hwDEd0d128ZI8YY+d6yduiEQ1f1BQgZ/O05BL6PieN2OftVCD53bM6Toxg9WI
QrhvAv8Aqx6hWLgEJeqJRbvlOq0n4u0BlGPVzLG+1zWKtDspkdUjQi1WaiEmzEkq
sHL5QmF3t2f+HReIsWT5TFoFYv/0YUm40iPFUSp+mbxqkBdIqFvL0kMEJxgkotsX
QSRx4xBjuclvHYbqBuR6LCyoB0iWV7mVXb3HHIO2C7+0PA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:52:03 2025 by rpki-client