Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
File: 27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa (raw, json)
Hash identifier: hn9UT1wRjtLRrmB965JKxyrwl8zrVmm9bSxLmLGOBLI=
Subject key identifier: 2B:9C:7E:AA:4A:F7:60:7A:0F:E4:44:71:80:B8:5B:DC:13:52:9B:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5236B1FEBD329EEB18C3074D1A5346AF7460AE24
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
Signing time: Fri 25 Jul 2025 17:00:32 +0000
ROA not before: Fri 25 Jul 2025 17:00:32 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:36:b1:fe:bd:32:9e:eb:18:c3:07:4d:1a:53:46:af:74:60:ae:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:32 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=d1199a46ad22b60f6b2a7591f0a070ef36617d6598e0de9bf7360bfef0b6977d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:21:fa:d4:88:50:6f:67:32:c9:69:15:a4:63:
a1:00:45:b4:17:e7:2e:41:4f:9c:0b:52:80:68:13:
39:e1:0d:61:9d:02:7c:38:26:9c:5f:b8:29:3f:0e:
f5:df:8f:0c:d5:aa:2e:2b:c2:1b:a6:aa:30:45:68:
c0:0f:d4:e4:e6:ff:08:cb:87:04:2a:71:a1:4e:e4:
dd:7a:29:48:ab:15:c0:f8:f3:6e:9a:e4:25:b4:fd:
9f:0b:b9:b9:2b:e6:ad:d9:01:f8:20:54:ce:f9:53:
08:bd:78:e6:80:88:5a:60:5a:e7:0a:33:e2:07:6b:
fb:d4:f5:8b:67:16:c0:12:50:b3:c6:7e:44:b3:f8:
c8:3e:bb:14:a4:8d:18:e9:d1:5a:1d:8c:29:0a:23:
46:b6:3c:18:9c:f2:30:ea:90:95:db:ab:45:ed:48:
11:c7:07:82:57:74:8f:59:9f:3e:1e:f4:84:51:c3:
0b:95:84:e1:07:e5:a2:f7:66:46:af:92:9c:8b:e7:
b1:3a:cd:1f:68:ea:40:0c:35:3f:cd:ca:99:ac:e7:
50:1b:57:50:76:3c:9e:c4:8b:4c:7e:12:33:f0:d5:
c8:c8:ad:0c:b3:0e:4b:c9:04:b3:08:5e:ce:ed:44:
37:b9:d6:c6:c0:1c:7d:99:f3:f1:3d:da:32:95:7b:
36:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:9C:7E:AA:4A:F7:60:7A:0F:E4:44:71:80:B8:5B:DC:13:52:9B:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.176.0/20
Signature Algorithm: sha256WithRSAEncryption
9a:b1:6b:f1:c1:ab:80:2f:e9:7a:0f:d0:38:f6:73:69:d4:44:
23:9e:9d:6c:f8:2f:af:2d:18:7a:c2:9c:4e:aa:6d:7e:57:c6:
af:97:63:5a:52:57:6d:af:97:18:05:13:4c:ea:e6:92:8f:ba:
78:8d:7e:6d:1e:63:c3:c2:d4:7c:64:c0:62:7f:67:be:02:36:
d1:0a:00:80:49:df:4f:02:de:ba:92:5f:f4:c9:22:e0:d6:b5:
e6:65:30:39:43:d5:09:a9:7f:c2:98:a9:14:47:f9:ec:cf:e0:
40:23:e2:d7:7a:fe:0a:f5:ff:d4:3b:b0:8c:27:e9:09:0a:35:
fb:9a:f4:fc:b3:06:78:7f:e6:e2:62:09:3d:91:dd:29:45:0e:
42:79:0c:73:60:64:ac:3a:21:60:bf:51:2e:dd:00:97:43:02:
9f:a9:31:b4:78:1a:fe:9e:ee:19:78:5e:be:e4:4e:32:59:06:
53:3d:27:95:f0:1e:82:0d:92:cd:48:f3:57:32:b6:c9:f5:13:
e7:70:0f:fb:ba:90:78:03:ef:cd:b3:35:d0:78:a8:6e:1e:b2:
04:c1:3d:20:07:92:7f:a0:77:5d:d5:b8:dd:20:e8:cb:0e:ae:
90:d7:54:a2:a9:d5:29:69:03:4b:9e:c7:19:92:f1:4b:e5:88:
66:11:b0:c5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUjax/r0ynusYwwdNGlNGr3RgriQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMzJaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxMTk5YTQ2YWQyMmI2MGY2YjJhNzU5MWYwYTA3MGVmMzY2MTdkNjU5OGUw
ZGU5YmY3MzYwYmZlZjBiNjk3N2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkh+tSIUG9nMslpFaRjoQBFtBfnLkFPnAtSgGgTOeENYZ0CfDgmnF+4KT8O
9d+PDNWqLivCG6aqMEVowA/U5Ob/CMuHBCpxoU7k3XopSKsVwPjzbprkJbT9nwu5
uSvmrdkB+CBUzvlTCL145oCIWmBa5woz4gdr+9T1i2cWwBJQs8Z+RLP4yD67FKSN
GOnRWh2MKQojRrY8GJzyMOqQldurRe1IEccHgld0j1mfPh70hFHDC5WE4Qflovdm
Rq+SnIvnsTrNH2jqQAw1P83KmaznUBtXUHY8nsSLTH4SM/DVyMitDLMOS8kEswhe
zu1EN7nWxsAcfZnz8T3aMpV7NvkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQrnH6q
Svdgeg/kRHGAuFvcE1Kb/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjdkMjc0MzItYjU0Mi00YWFkLWIzYTQtZGFmMmEwYTliYjVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4zsDAN
BgkqhkiG9w0BAQsFAAOCAQEAmrFr8cGrgC/peg/QOPZzadREI56dbPgvry0YesKc
TqptflfGr5djWlJXba+XGAUTTOrmko+6eI1+bR5jw8LUfGTAYn9nvgI20QoAgEnf
TwLeupJf9Mki4Na15mUwOUPVCal/wpipFEf57M/gQCPi13r+CvX/1DuwjCfpCQo1
+5r0/LMGeH/m4mIJPZHdKUUOQnkMc2BkrDohYL9RLt0Al0MCn6kxtHga/p7uGXhe
vuROMlkGUz0nlfAegg2SzUjzVzK2yfUT53AP+7qQeAPvzbM10Hiobh6yBME9IAeS
f6B3XdW43SDoyw6ukNdUoqnVKWkDS57HGZLxS+WIZhGwxQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:22 2025 by rpki-client