Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
File: 46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa (raw, json)
Hash identifier: hZnxlL/JatIw2Fac5PiDuVEnL7KSrSg7shYXIjLsSwE=
Subject key identifier: 43:45:0F:A5:D0:BE:59:7B:42:79:26:8B:71:15:ED:42:93:E9:36:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56382B66F022507F394B58CB44712726FA898231
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
Signing time: Fri 25 Jul 2025 17:00:21 +0000
ROA not before: Fri 25 Jul 2025 17:00:21 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:38:2b:66:f0:22:50:7f:39:4b:58:cb:44:71:27:26:fa:89:82:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:21 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=fff17503c946b64597869691018022be3fe19b846645acb463e273c4505979f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4a:2d:65:e5:b5:a7:e7:68:22:89:35:d5:6c:
eb:20:eb:47:6d:06:87:f3:1f:ad:5d:15:9a:90:59:
69:b7:40:20:1f:9b:59:8c:0f:44:1c:cc:dd:3a:88:
98:c0:a4:dd:05:9e:ee:ec:f4:09:4c:29:cd:52:52:
62:ab:21:8a:bd:f2:bb:59:28:a0:e0:f3:16:01:4f:
63:10:44:f2:d8:4f:6f:e4:b2:af:78:ec:c3:1f:90:
fc:ca:11:32:e6:a7:d7:5e:be:87:df:02:2c:5a:c0:
1e:f9:6c:5f:c7:38:8c:0f:64:3d:c1:c5:1e:b5:7b:
29:2a:0f:16:e4:38:f9:7f:c1:44:f3:c5:fe:93:67:
7d:fa:55:47:36:88:13:df:df:7e:1f:b0:6c:63:40:
50:be:33:06:48:fa:7a:02:15:d1:34:65:c7:ab:3e:
8f:61:d7:06:ec:32:1d:f0:a3:e7:8f:5a:d9:c3:5b:
c4:1c:73:4c:5a:16:53:9b:6d:e5:b0:15:e2:3d:85:
fc:4a:1c:36:a0:97:27:bf:59:6d:c6:36:1b:37:56:
7a:61:a5:6c:ee:f9:94:09:b4:c3:f0:99:9f:a2:41:
a2:f4:fd:df:98:12:43:09:6b:3c:b1:8e:e7:64:a5:
76:eb:b6:d0:49:cd:24:d7:2d:30:26:36:e4:60:0a:
2e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:45:0F:A5:D0:BE:59:7B:42:79:26:8B:71:15:ED:42:93:E9:36:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.224.0/19
Signature Algorithm: sha256WithRSAEncryption
02:cd:14:c1:c1:33:dd:51:6f:76:d8:5a:ff:ae:23:af:2f:59:
18:94:e4:bf:39:8d:06:a5:0e:c5:0b:d2:2b:e3:33:89:fc:95:
8e:99:59:0a:85:69:fe:d7:02:82:2c:16:df:b5:82:e3:6f:aa:
8e:1e:e0:47:b1:70:4c:ae:42:7f:6a:65:df:d1:1b:d8:72:3d:
7d:63:64:1a:e8:f7:b9:dd:1c:89:6a:30:e3:f3:da:1e:b4:b7:
c7:76:d7:aa:22:0d:13:f3:6a:80:9a:9d:e0:2d:18:fa:44:e8:
0d:66:a3:7b:26:01:dd:81:fc:c9:61:f1:41:c8:3a:d3:5b:45:
63:63:fc:4f:22:e3:0c:24:88:b7:89:7a:95:ae:23:04:5c:94:
e9:e6:48:b7:17:e8:16:f9:79:10:3b:2b:53:04:de:b6:78:a2:
e0:00:43:92:75:b3:30:9c:16:25:d6:57:ac:64:d5:3b:5b:57:
03:54:b5:74:1d:97:ae:ca:b5:2d:a2:55:54:26:2f:d3:b0:e0:
8c:f6:fe:ba:bd:ef:75:f4:a7:b3:18:c6:d5:c8:36:e2:90:4e:
2d:ba:2f:9b:ea:6c:e1:c1:1a:2c:fe:e3:b2:a6:15:bf:58:e3:
66:66:2f:cc:7a:97:e7:19:2a:e5:88:2b:34:0c:78:7b:21:2e:
cb:ac:aa:47
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVjgrZvAiUH85S1jLRHEnJvqJgjEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMjFaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmZjE3NTAzYzk0NmI2NDU5Nzg2OTY5MTAxODAyMmJlM2ZlMTliODQ2NjQ1
YWNiNDYzZTI3M2M0NTA1OTc5ZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9KLWXltafnaCKJNdVs6yDrR20Gh/MfrV0VmpBZabdAIB+bWYwPRBzM3TqI
mMCk3QWe7uz0CUwpzVJSYqshir3yu1kooODzFgFPYxBE8thPb+Syr3jswx+Q/MoR
Muan116+h98CLFrAHvlsX8c4jA9kPcHFHrV7KSoPFuQ4+X/BRPPF/pNnffpVRzaI
E9/ffh+wbGNAUL4zBkj6egIV0TRlx6s+j2HXBuwyHfCj549a2cNbxBxzTFoWU5tt
5bAV4j2F/EocNqCXJ79ZbcY2GzdWemGlbO75lAm0w/CZn6JBovT935gSQwlrPLGO
52Slduu20EnNJNctMCY25GAKLoUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRDRQ+l
0L5Ze0J5JotxFe1Ck+k2ZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDZhMjFmZjgtNGRlYS00ZGE0LWEyNzYtNmI0MjRkNGUzYmVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6J4DAN
BgkqhkiG9w0BAQsFAAOCAQEAAs0UwcEz3VFvdtha/64jry9ZGJTkvzmNBqUOxQvS
K+MzifyVjplZCoVp/tcCgiwW37WC42+qjh7gR7FwTK5Cf2pl39Eb2HI9fWNkGuj3
ud0ciWow4/PaHrS3x3bXqiINE/NqgJqd4C0Y+kToDWajeyYB3YH8yWHxQcg601tF
Y2P8TyLjDCSIt4l6la4jBFyU6eZItxfoFvl5EDsrUwTetnii4ABDknWzMJwWJdZX
rGTVO1tXA1S1dB2Xrsq1LaJVVCYv07DgjPb+ur3vdfSnsxjG1cg24pBOLbovm+ps
4cEaLP7jsqYVv1jjZmYvzHqX5xkq5YgrNAx4eyEuy6yqRw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:41 2025 by rpki-client