Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa
File: 11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa (raw, json)
Hash identifier: vxKGZB8hTrZA1K8BrWz9K7rDTGqNrlIY+yAKPXB1da4=
Subject key identifier: CF:9A:E0:45:92:CD:63:BE:4D:D2:A4:0E:A5:90:29:7E:92:F9:A2:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04F39CAAD8293CE0660191C84C577F6FDD8F3D17
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa
Signing time: Fri 25 Jul 2025 16:51:21 +0000
ROA not before: Fri 25 Jul 2025 16:51:21 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.64.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:f3:9c:aa:d8:29:3c:e0:66:01:91:c8:4c:57:7f:6f:dd:8f:3d:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:21 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=dda0ba12f3ed0d1e4cc83048fb548cf691d1310efd850afdc383b757035f556a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4f:d7:b1:de:51:ef:d5:04:37:28:1c:36:35:
00:d1:d9:f7:82:9d:a0:87:91:26:c8:72:d2:37:57:
b6:31:24:ca:09:67:2d:03:c3:28:e8:c8:f3:e5:49:
30:67:54:37:10:b4:78:55:d9:41:1b:0b:96:47:3e:
0a:0b:a2:1a:75:fc:7f:43:2d:49:4a:df:b2:97:9e:
64:fd:47:7d:1c:d4:aa:bc:c3:33:1f:ee:c0:9f:4a:
f2:78:98:49:18:0d:8d:56:01:77:e1:b6:97:8e:e9:
fc:21:ab:3d:cf:7c:6b:96:fb:97:79:7c:fe:9a:a2:
3f:d8:18:44:e9:72:47:d8:57:d2:48:4d:84:4b:57:
a0:70:c6:fc:20:df:1d:80:1b:30:e1:9a:13:48:c3:
0c:b7:75:4e:69:75:61:9d:f4:b7:89:c2:04:46:03:
b5:fd:bc:7d:19:d4:9a:3a:94:51:4a:6c:ca:c6:5e:
2f:49:ad:56:ef:42:8f:90:0b:f5:3e:34:93:05:85:
a6:e7:94:b4:12:18:7b:d5:cd:04:0c:56:e1:b6:90:
28:67:b6:55:2e:ea:cc:93:0e:51:11:1b:0a:7c:89:
aa:30:01:28:23:42:40:5c:c0:72:60:40:02:49:8e:
58:11:98:69:17:78:87:b9:26:bc:a8:f5:a9:d7:46:
16:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:9A:E0:45:92:CD:63:BE:4D:D2:A4:0E:A5:90:29:7E:92:F9:A2:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.64.0/21
Signature Algorithm: sha256WithRSAEncryption
66:a3:79:d3:96:80:6b:3a:2c:63:a1:54:6c:a6:e0:73:48:e8:
e6:ba:eb:fb:fc:28:47:1d:38:c8:3c:6d:d6:58:37:72:28:39:
f7:b1:a4:17:7e:b9:f5:c8:ac:36:00:5d:bd:c4:e5:82:42:64:
c3:a2:e3:dc:47:72:d8:10:de:e0:38:95:67:74:3c:5e:0d:c3:
19:ae:b9:b2:34:32:26:4e:2c:b9:9d:7f:f1:63:ec:21:c4:63:
40:cf:5b:61:8a:65:66:19:b9:d1:95:c8:41:77:ae:e8:ef:2c:
a8:18:b4:08:41:d7:c1:1a:97:eb:65:ca:47:ca:b8:60:65:2e:
35:7d:08:fd:58:35:dc:5e:3c:0c:66:34:3d:39:b1:79:16:3a:
38:97:9e:05:57:7d:5a:b5:a8:c4:b6:45:f4:2b:1c:40:f2:e8:
0e:dc:0d:cc:60:18:19:e3:f1:bb:d7:97:25:d3:5d:43:89:0d:
47:36:db:ae:8d:ca:11:f1:34:c7:40:ba:62:00:de:c9:71:b1:
ec:ef:d0:40:52:17:e6:44:12:2c:b5:23:71:b8:3c:2c:04:42:
32:c5:7d:b4:cd:20:2b:41:26:a9:34:47:85:5a:9d:92:72:5b:
ca:c6:ed:b6:ec:88:f0:a6:10:3d:b8:9d:04:67:2f:ac:32:a2:
8f:26:31:b7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBPOcqtgpPOBmAZHITFd/b92PPRcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMjFaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkYTBiYTEyZjNlZDBkMWU0Y2M4MzA0OGZiNTQ4Y2Y2OTFkMTMxMGVmZDg1
MGFmZGMzODNiNzU3MDM1ZjU1NmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdP17HeUe/VBDcoHDY1ANHZ94KdoIeRJshy0jdXtjEkyglnLQPDKOjI8+VJ
MGdUNxC0eFXZQRsLlkc+CguiGnX8f0MtSUrfspeeZP1HfRzUqrzDMx/uwJ9K8niY
SRgNjVYBd+G2l47p/CGrPc98a5b7l3l8/pqiP9gYROlyR9hX0khNhEtXoHDG/CDf
HYAbMOGaE0jDDLd1Tml1YZ30t4nCBEYDtf28fRnUmjqUUUpsysZeL0mtVu9Cj5AL
9T40kwWFpueUtBIYe9XNBAxW4baQKGe2VS7qzJMOUREbCnyJqjABKCNCQFzAcmBA
AkmOWBGYaRd4h7kmvKj1qddGFpkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTPmuBF
ks1jvk3SpA6lkCl+kvmiaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFjOTI0ZTUtYjVhNC00ZTM5LWJkOWItM2FhMDQ2MzQyMTJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JQDAN
BgkqhkiG9w0BAQsFAAOCAQEAZqN505aAazosY6FUbKbgc0jo5rrr+/woRx04yDxt
1lg3cig597GkF3659cisNgBdvcTlgkJkw6Lj3Edy2BDe4DiVZ3Q8Xg3DGa65sjQy
Jk4suZ1/8WPsIcRjQM9bYYplZhm50ZXIQXeu6O8sqBi0CEHXwRqX62XKR8q4YGUu
NX0I/Vg13F48DGY0PTmxeRY6OJeeBVd9WrWoxLZF9CscQPLoDtwNzGAYGePxu9eX
JdNdQ4kNRzbbro3KEfE0x0C6YgDeyXGx7O/QQFIX5kQSLLUjcbg8LARCMsV9tM0g
K0EmqTRHhVqdknJbysbttuyI8KYQPbidBGcvrDKijyYxtw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:34 2025 by rpki-client