Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
File: 279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa (raw, json)
Hash identifier: UXiFGJVTA3VtWb2s5EdrG3ixuyaVJuYqQikd8WlP9co=
Subject key identifier: EA:A2:73:D6:CC:CA:40:74:76:75:31:10:8D:FB:64:0D:5D:4E:92:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 648F373937FC4C2260DDC25C0B0706AF314BA824
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
Signing time: Fri 25 Jul 2025 16:51:16 +0000
ROA not before: Fri 25 Jul 2025 16:51:16 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.144.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:8f:37:39:37:fc:4c:22:60:dd:c2:5c:0b:07:06:af:31:4b:a8:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:16 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=5f6fc5d201f1c82e892f93df75b0d3dad53bee9a31e76d5aa3f2e112b34db229, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:93:13:7d:1e:da:7a:04:41:96:61:25:91:31:
29:56:50:19:62:ee:3f:a9:c3:25:6b:12:25:3e:cb:
42:f6:f4:cc:0a:8e:31:4d:8d:01:b9:ce:87:26:db:
13:b1:42:ea:68:5f:a8:e3:c7:4e:09:e4:b3:4f:6a:
02:17:0f:55:a6:f5:44:36:30:42:f8:84:88:24:cb:
b7:ba:30:73:55:69:59:0a:40:77:b7:61:e3:54:36:
56:47:dc:ee:47:5a:5a:69:05:24:c4:65:35:31:02:
3c:7c:95:af:f8:37:6c:47:ff:d2:33:71:25:cc:20:
b1:a8:bc:0e:3c:06:59:e6:9b:59:eb:bd:da:06:0c:
9f:8a:1e:5a:70:cb:ed:20:4c:c9:4e:2b:57:5d:5a:
f2:3a:12:25:1b:4f:25:34:4a:66:7a:91:3c:fc:57:
6e:21:3e:f5:e0:d3:45:01:1b:72:3e:51:8f:0d:74:
ed:7d:0f:11:11:e6:37:bd:c8:5b:b5:27:fc:26:60:
a3:54:12:81:e1:5a:b4:4a:45:76:b3:56:50:e6:ec:
d0:3b:bf:d0:cb:1a:bd:f5:54:2e:b2:92:ba:5f:64:
cb:4e:43:de:68:aa:7c:90:1a:aa:e5:b9:85:83:d5:
73:c2:29:e8:96:04:07:e0:6b:e3:24:27:3c:0e:55:
43:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:A2:73:D6:CC:CA:40:74:76:75:31:10:8D:FB:64:0D:5D:4E:92:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.144.0/21
Signature Algorithm: sha256WithRSAEncryption
86:dd:44:44:4a:90:f9:c3:e2:ae:dd:58:ff:b0:44:ef:86:96:
8c:92:dd:c5:e6:99:d3:37:9e:c3:5d:95:6f:39:42:70:b3:a7:
5f:9a:9d:cb:16:d2:7c:84:3b:df:8b:9c:5c:b8:f2:48:a2:87:
a5:11:af:20:49:6a:ac:c8:a2:db:dd:a8:ec:e1:cc:9c:68:e9:
40:76:22:ef:43:62:ad:ca:41:0e:bc:de:de:29:95:c0:11:01:
63:63:f6:37:4a:0a:b9:ae:a4:1d:7b:e3:ac:17:39:d8:4c:03:
ff:b1:f5:02:df:34:bd:da:15:a1:d9:fd:d0:19:27:3d:56:b0:
b0:4e:f4:ac:0c:ba:5f:c1:10:a8:7c:25:a5:4e:48:f5:d7:d4:
96:fa:d3:e9:f9:00:cd:6c:ff:df:17:d2:e8:86:74:8d:ef:1f:
08:e5:ab:69:d5:15:f8:5e:f6:5c:18:be:6e:4d:dc:b8:5f:4d:
c3:ec:16:bc:81:92:cd:54:83:85:de:bf:d3:f2:02:b2:35:0f:
9b:94:af:0b:4b:72:f2:82:cd:4e:39:d2:95:ea:d3:8c:79:27:
c1:20:b8:f8:25:58:91:18:66:5f:70:36:5d:22:e7:f4:8f:bc:
17:09:b7:7b:7b:a1:f7:3d:db:61:b1:a8:c5:4e:aa:9b:b1:8b:
6b:bb:98:86
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZI83OTf8TCJg3cJcCwcGrzFLqCQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMTZaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmNmZjNWQyMDFmMWM4MmU4OTJmOTNkZjc1YjBkM2RhZDUzYmVlOWEzMWU3
NmQ1YWEzZjJlMTEyYjM0ZGIyMjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGTE30e2noEQZZhJZExKVZQGWLuP6nDJWsSJT7LQvb0zAqOMU2NAbnOhybb
E7FC6mhfqOPHTgnks09qAhcPVab1RDYwQviEiCTLt7owc1VpWQpAd7dh41Q2Vkfc
7kdaWmkFJMRlNTECPHyVr/g3bEf/0jNxJcwgsai8DjwGWeabWeu92gYMn4oeWnDL
7SBMyU4rV11a8joSJRtPJTRKZnqRPPxXbiE+9eDTRQEbcj5Rjw107X0PERHmN73I
W7Un/CZgo1QSgeFatEpFdrNWUObs0Du/0MsavfVULrKSul9ky05D3miqfJAaquW5
hYPVc8Ip6JYEB+Br4yQnPA5VQ0ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTqonPW
zMpAdHZ1MRCN+2QNXU6SPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc5ZGE5ZDYtMTBjMi00ZmQ1LTlkNzUtMGE5NjNjMjljOGQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JkDAN
BgkqhkiG9w0BAQsFAAOCAQEAht1EREqQ+cPirt1Y/7BE74aWjJLdxeaZ0zeew12V
bzlCcLOnX5qdyxbSfIQ734ucXLjySKKHpRGvIElqrMii292o7OHMnGjpQHYi70Ni
rcpBDrze3imVwBEBY2P2N0oKua6kHXvjrBc52EwD/7H1At80vdoVodn90BknPVaw
sE70rAy6X8EQqHwlpU5I9dfUlvrT6fkAzWz/3xfS6IZ0je8fCOWradUV+F72XBi+
bk3cuF9Nw+wWvIGSzVSDhd6/0/ICsjUPm5SvC0ty8oLNTjnSlerTjHknwSC4+CVY
kRhmX3A2XSLn9I+8Fwm3e3uh9z3bYbGoxU6qm7GLa7uYhg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:32 2025 by rpki-client