Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
File: 2c6881bd-10fc-4994-83fe-43244d2b078a.roa (raw, json)
Hash identifier: ZZfGAP8Mh1Wj7gNApbpHQXo0Nu10Ix5OocyV9UHkLZk=
Subject key identifier: 73:28:BA:ED:44:2E:F5:F3:BE:2F:E1:48:B1:6A:74:1F:AB:C2:AC:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50F987A59E715FAE8779985AEDB838B5E5ACAA4D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
Signing time: Fri 25 Jul 2025 17:00:21 +0000
ROA not before: Fri 25 Jul 2025 17:00:21 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.80.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:f9:87:a5:9e:71:5f:ae:87:79:98:5a:ed:b8:38:b5:e5:ac:aa:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:21 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=eae0fd3d2c21c2c664d0afd46fe773cbd63cf0e289ad4cb079553d0019c61b48, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:49:5e:6a:89:77:8b:ea:7e:e1:f7:f8:70:60:
04:50:84:70:37:9b:ac:17:44:55:42:11:2d:5c:44:
cf:ea:a5:f1:06:4c:97:93:1c:35:cf:31:8f:80:6f:
6b:5e:e4:c6:69:73:60:ca:69:f9:d6:75:35:7b:46:
4c:bb:9d:dd:9a:d1:43:95:bc:af:4e:aa:ed:31:65:
18:60:a1:8c:60:74:21:8b:cb:58:2d:5f:8e:61:81:
ff:11:75:db:49:f2:20:e4:5f:c6:78:7c:a5:89:8f:
90:16:40:dd:0f:e8:27:8c:bd:00:5d:32:5c:77:25:
ae:f9:24:b5:15:5c:cb:25:ea:78:9f:18:c3:4b:38:
f4:8b:04:57:e4:7d:df:0a:a7:62:52:76:5f:a3:3d:
d2:45:98:be:53:3d:a5:c7:e3:9d:6f:bd:2a:9e:fa:
0e:05:c2:43:ce:e4:50:04:be:1e:08:54:b8:b9:f2:
70:25:5a:85:d0:3c:fe:98:de:62:80:f1:a0:d7:16:
d4:8e:9c:2b:07:37:e1:40:bc:56:23:6c:05:1a:3a:
e0:a8:f3:8c:36:c9:7a:cd:38:b1:a6:f7:81:20:11:
02:92:5f:ff:ed:61:11:35:17:46:7a:92:c7:0d:8e:
a9:b3:7f:4f:ec:9d:19:ec:3d:1b:cd:ba:c5:ee:fa:
40:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:28:BA:ED:44:2E:F5:F3:BE:2F:E1:48:B1:6A:74:1F:AB:C2:AC:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.80.0/20
Signature Algorithm: sha256WithRSAEncryption
c4:48:b5:9f:8e:ba:a1:47:03:6e:74:0b:0a:39:29:29:de:86:
39:21:c6:95:35:fe:d6:fe:58:54:ca:2e:f5:bd:5d:b6:a8:3c:
b4:8e:e5:0c:3b:a8:12:d8:e2:18:f6:fd:b0:8a:7a:7c:b3:df:
c8:c9:7f:bc:fc:1f:46:9e:1c:1f:32:1a:7e:2d:a2:9b:78:6a:
78:8c:8f:5c:b8:90:a9:5f:2e:1d:b0:66:d7:5f:b0:d6:48:7a:
3d:25:65:76:8e:3b:ab:76:60:dc:0b:87:2b:22:e9:67:6a:74:
cd:60:72:b0:28:29:0c:53:a1:f6:53:dc:dc:18:db:70:c8:85:
79:53:bb:62:66:d6:49:39:56:3c:76:df:6a:ad:fc:45:1b:e5:
f5:65:56:d8:ba:06:14:d5:f5:7d:dd:8a:24:42:b1:79:03:4c:
d7:70:50:4a:77:37:a5:21:85:d0:96:a2:a0:fd:a4:cf:f6:a2:
9a:92:11:9e:c7:3f:df:c9:7e:45:e2:f2:3f:d8:6d:42:e5:4b:
5c:c4:2a:3f:ef:46:20:ae:12:db:98:7e:12:37:35:b1:69:f5:
89:db:ea:a1:a3:c5:98:13:ad:37:83:fe:4d:28:65:a2:98:dc:
27:98:35:bd:14:5a:b0:e7:4d:fa:c2:0f:bb:a2:63:59:3f:aa:
79:e1:0e:0b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUPmHpZ5xX66HeZha7bg4teWsqk0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMjFaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhZTBmZDNkMmMyMWMyYzY2NGQwYWZkNDZmZTc3M2NiZDYzY2YwZTI4OWFk
NGNiMDc5NTUzZDAwMTljNjFiNDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxJXmqJd4vqfuH3+HBgBFCEcDebrBdEVUIRLVxEz+ql8QZMl5McNc8xj4Bv
a17kxmlzYMpp+dZ1NXtGTLud3ZrRQ5W8r06q7TFlGGChjGB0IYvLWC1fjmGB/xF1
20nyIORfxnh8pYmPkBZA3Q/oJ4y9AF0yXHclrvkktRVcyyXqeJ8Yw0s49IsEV+R9
3wqnYlJ2X6M90kWYvlM9pcfjnW+9Kp76DgXCQ87kUAS+HghUuLnycCVahdA8/pje
YoDxoNcW1I6cKwc34UC8ViNsBRo64KjzjDbJes04sab3gSARApJf/+1hETUXRnqS
xw2OqbN/T+ydGew9G826xe76QI8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRzKLrt
RC71874v4UixanQfq8KsXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM2ODgxYmQtMTBmYy00OTk0LTgzZmUtNDMyNDRkMmIwNzhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JUDAN
BgkqhkiG9w0BAQsFAAOCAQEAxEi1n466oUcDbnQLCjkpKd6GOSHGlTX+1v5YVMou
9b1dtqg8tI7lDDuoEtjiGPb9sIp6fLPfyMl/vPwfRp4cHzIafi2im3hqeIyPXLiQ
qV8uHbBm11+w1kh6PSVldo47q3Zg3AuHKyLpZ2p0zWBysCgpDFOh9lPc3BjbcMiF
eVO7YmbWSTlWPHbfaq38RRvl9WVW2LoGFNX1fd2KJEKxeQNM13BQSnc3pSGF0Jai
oP2kz/aimpIRnsc/38l+ReLyP9htQuVLXMQqP+9GIK4S25h+Ejc1sWn1idvqoaPF
mBOtN4P+TShlopjcJ5g1vRRasOdN+sIPu6JjWT+qeeEOCw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:13 2025 by rpki-client