Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
File: 216f72e9-3c9a-414e-a688-ee99e3f2e840.roa (raw, json)
Hash identifier: O7iMkISoF5vg3L/JC/vIMA7uVZlwBZ7h9ajjMDritOQ=
Subject key identifier: 2E:31:30:5A:CE:AD:7F:18:85:A0:55:A1:C2:99:3E:04:3E:19:FD:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7DF5B50C1BF490CF6AFE4260884FE63CD6ED4760
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
Signing time: Fri 25 Jul 2025 16:51:09 +0000
ROA not before: Fri 25 Jul 2025 16:51:09 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.220.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:f5:b5:0c:1b:f4:90:cf:6a:fe:42:60:88:4f:e6:3c:d6:ed:47:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:09 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=8f26ce202289dc098d8a963d59f6b4278f312cb386dd55b37a0d907cf21f59c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d5:97:48:8d:a3:26:4a:64:1d:d9:ee:17:d2:
1a:6d:5e:f8:15:00:e5:b2:39:3b:08:3a:a9:4f:c8:
68:94:4f:bb:ed:66:ab:2a:fe:c5:f7:f7:94:b7:2b:
84:af:96:e2:af:9b:a9:58:78:d8:f5:ed:c2:8a:2c:
6a:ef:a1:ba:2a:86:a5:1b:96:04:37:74:1e:8c:51:
9d:5f:57:42:db:29:f4:c9:1f:43:8b:39:c4:37:fe:
a7:8c:ba:94:2b:b4:f0:7b:d5:8d:37:5b:78:4f:28:
93:2e:95:e5:66:80:6c:5c:7b:03:32:7c:75:b7:84:
64:5a:ca:07:6f:36:69:39:34:ad:75:47:9f:ae:58:
3c:41:26:c2:3a:4a:3d:a8:d5:b4:40:10:67:72:87:
47:65:ed:c1:bb:f1:57:c2:a2:d0:89:06:c9:f8:e2:
b9:37:40:24:9f:07:8e:53:7d:46:e6:56:e3:6a:bd:
be:f2:0e:69:8e:9d:cb:34:9b:2d:91:a1:7e:ca:d5:
98:58:7c:d3:50:77:f4:65:a6:d4:e4:76:5c:2a:58:
79:ce:d1:1f:0a:5e:56:52:c5:86:a0:5a:a6:0f:60:
79:04:5d:43:cd:0f:a8:5c:fd:a6:6e:40:ee:53:9a:
cd:ed:9b:d5:02:ec:75:75:19:a2:84:48:aa:cf:55:
ed:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:31:30:5A:CE:AD:7F:18:85:A0:55:A1:C2:99:3E:04:3E:19:FD:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.220.0/23
Signature Algorithm: sha256WithRSAEncryption
80:87:d2:0b:67:fa:47:4f:7d:73:ea:16:16:d5:cb:b3:95:47:
88:5f:aa:f8:ce:2d:c0:a5:e5:ec:53:ee:fd:d6:a2:10:d3:4f:
04:26:73:e2:f4:1a:d0:01:d1:9d:0c:8b:ff:87:ef:c3:3f:a5:
b9:04:1c:7e:61:cc:58:b5:ff:22:32:b4:4d:07:a5:45:45:7e:
5b:87:d6:e3:a5:92:40:cb:de:53:b9:0c:7e:24:c9:96:3b:64:
98:53:2b:42:78:a1:b3:db:f3:91:f8:9b:6f:f4:57:72:fe:06:
72:9c:a7:7c:d6:ee:33:e9:22:7b:f2:57:ef:54:60:5b:ff:a3:
16:98:f6:88:53:df:d8:26:f1:02:d0:7d:b5:87:ba:a2:dd:01:
fd:d5:a2:1b:f3:c4:47:0d:4a:6a:32:00:c5:e6:e3:38:c8:ab:
30:89:dc:69:c0:cc:f4:98:66:3a:b9:f2:3b:d6:5a:a3:30:47:
21:80:78:ac:ea:02:e5:f2:81:e8:bf:91:2a:1a:df:3c:45:60:
3f:5b:c4:86:85:9a:34:91:ae:f3:34:a9:d1:40:40:c4:ea:ed:
d1:8a:9b:28:90:55:25:1f:90:38:7b:8c:65:12:37:b6:90:4d:
c8:a0:04:c6:9c:6e:40:e1:0b:5b:3d:49:a0:49:9d:60:c5:d2:
80:8c:4c:d7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUffW1DBv0kM9q/kJgiE/mPNbtR2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMDlaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmMjZjZTIwMjI4OWRjMDk4ZDhhOTYzZDU5ZjZiNDI3OGYzMTJjYjM4NmRk
NTViMzdhMGQ5MDdjZjIxZjU5YzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPVl0iNoyZKZB3Z7hfSGm1e+BUA5bI5Owg6qU/IaJRPu+1mqyr+xff3lLcr
hK+W4q+bqVh42PXtwoosau+huiqGpRuWBDd0HoxRnV9XQtsp9MkfQ4s5xDf+p4y6
lCu08HvVjTdbeE8oky6V5WaAbFx7AzJ8dbeEZFrKB282aTk0rXVHn65YPEEmwjpK
PajVtEAQZ3KHR2XtwbvxV8Ki0IkGyfjiuTdAJJ8HjlN9RuZW42q9vvIOaY6dyzSb
LZGhfsrVmFh801B39GWm1OR2XCpYec7RHwpeVlLFhqBapg9geQRdQ80PqFz9pm5A
7lOaze2b1QLsdXUZooRIqs9V7bECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQuMTBa
zq1/GIWgVaHCmT4EPhn9xjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjE2ZjcyZTktM2M5YS00MTRlLWE2ODgtZWU5OWUzZjJlODQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS6J3DAN
BgkqhkiG9w0BAQsFAAOCAQEAgIfSC2f6R099c+oWFtXLs5VHiF+q+M4twKXl7FPu
/daiENNPBCZz4vQa0AHRnQyL/4fvwz+luQQcfmHMWLX/IjK0TQelRUV+W4fW46WS
QMveU7kMfiTJljtkmFMrQnihs9vzkfibb/RXcv4GcpynfNbuM+kie/JX71RgW/+j
Fpj2iFPf2CbxAtB9tYe6ot0B/dWiG/PERw1KajIAxebjOMirMIncacDM9JhmOrny
O9ZaozBHIYB4rOoC5fKB6L+RKhrfPEVgP1vEhoWaNJGu8zSp0UBAxOrt0YqbKJBV
JR+QOHuMZRI3tpBNyKAExpxuQOELWz1JoEmdYMXSgIxM1w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:15 2025 by rpki-client