Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
File: 4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa (raw, json)
Hash identifier: UWuv3EOvEkLW7E3/qXpK5oQSthtTfmA2PgPYofF6zg8=
Subject key identifier: 0A:6D:C0:9E:47:F5:C5:47:42:1E:E0:5F:AD:20:CB:D7:4C:A3:07:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 422A073F0E9694BA972B520D1B74FA25C16017B7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
Signing time: Tue 04 Nov 2025 02:50:49 +0000
ROA not before: Tue 04 Nov 2025 02:50:49 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:2a:07:3f:0e:96:94:ba:97:2b:52:0d:1b:74:fa:25:c1:60:17:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:50:49 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=4fb9ff2445c4f8d72e14ea43de083b83b2a53a8b36b03b5259d77001da89f4f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:86:10:ce:5c:2f:95:b8:74:90:65:ea:58:9a:
a8:6a:05:7c:dd:4e:4f:0f:8d:b8:b4:2b:88:af:da:
0f:a4:a5:ad:69:64:3b:56:b3:d4:cc:c0:c4:d1:be:
80:78:b4:f6:51:4e:18:63:fa:ea:a3:6d:2d:8b:fb:
4e:74:36:92:83:94:ec:eb:3e:73:83:e6:28:9a:2e:
75:c7:43:b6:f1:3c:d5:4d:0b:15:49:19:b4:8b:48:
b9:48:92:a8:e6:a2:51:78:6a:0b:5a:a9:40:52:c2:
47:27:8e:11:ad:83:8f:8b:37:02:34:7b:2d:4f:e2:
75:8d:fe:a5:33:5c:6a:b7:9d:33:de:b1:f7:54:06:
62:49:48:5c:a3:4d:67:21:7d:f8:57:01:e8:a0:47:
2d:24:30:b7:59:e1:ed:82:e3:06:5f:ba:c8:30:a0:
e4:d2:ee:ab:47:5e:4a:35:53:e1:23:55:cb:bc:19:
cf:4c:d7:11:c8:a3:46:98:5a:f8:af:cf:86:7d:ac:
c5:5d:d8:b7:25:47:f2:2b:11:95:16:4a:dc:33:54:
9b:8e:7e:5d:50:d0:d4:9c:26:84:7d:71:cc:4e:55:
99:e9:8c:15:5a:5a:0f:55:a8:58:57:4f:2f:bd:1f:
6d:0d:69:8c:63:ff:7a:5c:59:03:08:8f:c5:5c:78:
ee:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:6D:C0:9E:47:F5:C5:47:42:1E:E0:5F:AD:20:CB:D7:4C:A3:07:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.224.0/19
Signature Algorithm: sha256WithRSAEncryption
3e:43:b5:25:a0:d4:cf:20:9b:4b:49:7b:45:f5:88:d6:fc:02:
2e:ae:86:a1:0d:41:f4:fc:69:79:57:14:f0:64:e5:36:ad:3e:
49:5c:6c:bb:de:b3:6f:56:6d:fb:2f:b9:87:76:b5:fb:99:74:
7b:8f:56:82:2d:fb:64:ba:e3:a8:ea:fe:98:d5:be:72:ae:a4:
9b:48:f2:0b:5b:e0:5d:26:b3:4e:70:86:26:a0:5c:7d:9e:9a:
a1:37:6d:75:fe:b7:b9:45:9c:d0:89:24:20:dd:d7:6a:fb:27:
01:23:fe:b4:ad:de:a3:c1:32:0f:10:18:06:9e:ec:b3:e8:12:
66:7f:c3:a2:18:5c:7b:61:0e:46:97:0f:f5:03:89:15:7a:db:
55:bf:4b:6e:cd:ac:e4:c5:df:73:71:e6:ab:54:6c:52:b9:e1:
6c:42:16:76:a6:64:8e:c3:86:a5:eb:14:51:25:83:14:bd:a5:
ed:8b:88:6a:ca:84:01:25:3d:57:78:36:9f:03:64:28:69:41:
7a:38:b1:e5:27:a7:70:2e:ce:d8:3e:8a:cb:90:cf:94:85:13:
25:c3:73:df:32:96:90:75:90:50:87:aa:a7:98:e1:00:93:82:
08:ec:f2:ef:f5:0f:94:f4:7b:1b:ac:de:f8:28:d9:7c:41:de:
99:0e:c4:a0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQioHPw6WlLqXK1ING3T6JcFgF7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUwNDlaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmYjlmZjI0NDVjNGY4ZDcyZTE0ZWE0M2RlMDgzYjgzYjJhNTNhOGIzNmIw
M2I1MjU5ZDc3MDAxZGE4OWY0ZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2GEM5cL5W4dJBl6liaqGoFfN1OTw+NuLQriK/aD6SlrWlkO1az1MzAxNG+
gHi09lFOGGP66qNtLYv7TnQ2koOU7Os+c4PmKJoudcdDtvE81U0LFUkZtItIuUiS
qOaiUXhqC1qpQFLCRyeOEa2Dj4s3AjR7LU/idY3+pTNcaredM96x91QGYklIXKNN
ZyF9+FcB6KBHLSQwt1nh7YLjBl+6yDCg5NLuq0deSjVT4SNVy7wZz0zXEcijRpha
+K/Phn2sxV3YtyVH8isRlRZK3DNUm45+XVDQ1JwmhH1xzE5VmemMFVpaD1WoWFdP
L70fbQ1pjGP/elxZAwiPxVx47gECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQKbcCe
R/XFR0Ie4F+tIMvXTKMHRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDk1NmU1MDctNjNiNy00ZDdkLWFjMTktNmU1YzVkMWRkZGQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS4z4DAN
BgkqhkiG9w0BAQsFAAOCAQEAPkO1JaDUzyCbS0l7RfWI1vwCLq6GoQ1B9PxpeVcU
8GTlNq0+SVxsu96zb1Zt+y+5h3a1+5l0e49Wgi37ZLrjqOr+mNW+cq6km0jyC1vg
XSazTnCGJqBcfZ6aoTdtdf63uUWc0IkkIN3XavsnASP+tK3eo8EyDxAYBp7ss+gS
Zn/Dohhce2EORpcP9QOJFXrbVb9Lbs2s5MXfc3Hmq1RsUrnhbEIWdqZkjsOGpesU
USWDFL2l7YuIasqEASU9V3g2nwNkKGlBejix5SencC7O2D6Ky5DPlIUTJcNz3zKW
kHWQUIeqp5jhAJOCCOzy7/UPlPR7G6ze+CjZfEHemQ7EoA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:52:11 2025 by rpki-client