Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
File: 4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa (raw, json)
Hash identifier: RXnPaKnrTAxQBBcR0F9R/q19OEwUXHx6bwUJH//4oWQ=
Subject key identifier: 13:0E:32:F8:91:FC:D5:1B:69:EE:0D:09:E0:03:7E:37:6C:65:27:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53E9D21786E398DA6D838A9DA9427DD628E75BD7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
Signing time: Fri 25 Jul 2025 17:00:34 +0000
ROA not before: Fri 25 Jul 2025 17:00:34 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:e9:d2:17:86:e3:98:da:6d:83:8a:9d:a9:42:7d:d6:28:e7:5b:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:34 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=c893a3b839d05b6999a082b664aa08da41a32860996f28529434b513e336105b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:8b:f0:4e:f4:87:a1:46:3b:9b:82:be:36:9e:
3e:be:41:7f:69:4b:2a:36:ba:e9:a7:94:1c:08:62:
42:e9:26:3d:5e:c6:6f:7f:84:5c:27:36:6e:5f:85:
b5:5d:84:4e:8f:bf:c3:4b:b0:81:80:9d:31:26:2a:
c8:93:df:c2:8f:50:bc:0c:76:31:51:62:51:d8:bf:
9a:81:c1:33:2d:20:f9:25:2e:fa:65:3f:4e:bc:fd:
7d:df:d2:0a:e8:50:a8:eb:81:b2:76:0c:fc:5a:d8:
6c:36:75:07:36:12:cc:09:16:75:72:b3:b6:d6:09:
a8:74:e3:a7:7c:d4:ca:1b:c5:25:70:4a:45:d2:2f:
f3:d7:88:c4:46:ae:ea:80:a3:1e:e8:ac:84:35:55:
e3:88:74:bc:f0:78:5f:a2:e1:37:dc:4e:de:72:12:
40:a9:5c:6b:2b:a2:f2:90:a8:06:b6:24:3e:84:5d:
cb:cc:b6:ed:3c:4b:65:33:49:d3:3a:a4:99:99:11:
7f:41:d6:a5:58:17:2a:95:16:b9:70:5d:31:a9:c8:
ad:3c:80:36:8d:17:b4:03:94:c0:66:90:19:1d:d6:
d9:5f:f2:12:8e:f5:0e:60:eb:cc:79:0a:00:ca:63:
ad:2b:22:d2:5f:81:48:05:5d:6e:9e:4d:4e:60:36:
a9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:0E:32:F8:91:FC:D5:1B:69:EE:0D:09:E0:03:7E:37:6C:65:27:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.224.0/19
Signature Algorithm: sha256WithRSAEncryption
81:17:c1:4c:d8:a4:b0:22:79:6b:f6:77:0f:c7:dc:7f:4d:05:
59:76:29:9d:19:02:19:2b:0f:f7:ec:91:ad:40:27:19:82:e6:
ff:7f:73:91:b4:29:63:96:b9:98:47:39:bb:d9:f9:7f:21:38:
ba:81:81:76:ff:c6:13:02:84:53:0f:40:63:5d:c6:34:5d:fb:
64:2d:23:74:de:d3:c5:ba:9c:a3:3c:38:cb:29:28:1c:3e:59:
ee:73:18:38:4d:a8:d9:5e:c7:ca:a7:b7:ca:b0:68:db:39:a3:
26:1d:16:ed:64:4f:b7:f0:59:a6:e0:a1:15:ab:69:bb:4c:06:
0e:be:8a:11:12:2d:e6:26:02:c8:b2:d3:a5:a7:a2:ca:81:db:
3e:3f:90:8e:fd:e4:3f:79:ff:d7:f2:b9:6b:48:f8:cf:84:2b:
88:23:a1:41:93:a4:25:39:3c:36:33:d5:86:96:5b:91:b1:15:
45:2c:b2:7d:aa:71:ca:6f:30:04:0d:36:60:85:30:17:fc:05:
f0:c5:dc:5b:8b:16:03:2b:5a:34:2c:e8:fe:7c:54:4e:2b:d2:
ef:cb:e2:fc:9d:c1:7f:c1:3c:8f:ee:dd:77:f1:63:4e:29:6d:
6b:60:c8:51:fa:a7:67:a3:e3:62:4e:5f:01:4c:07:7a:e4:1f:
2d:cc:fe:1e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUU+nSF4bjmNptg4qdqUJ91ijnW9cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMzRaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4OTNhM2I4MzlkMDViNjk5OWEwODJiNjY0YWEwOGRhNDFhMzI4NjA5OTZm
Mjg1Mjk0MzRiNTEzZTMzNjEwNWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOyL8E70h6FGO5uCvjaePr5Bf2lLKja66aeUHAhiQukmPV7Gb3+EXCc2bl+F
tV2ETo+/w0uwgYCdMSYqyJPfwo9QvAx2MVFiUdi/moHBMy0g+SUu+mU/Trz9fd/S
CuhQqOuBsnYM/FrYbDZ1BzYSzAkWdXKzttYJqHTjp3zUyhvFJXBKRdIv89eIxEau
6oCjHuishDVV44h0vPB4X6LhN9xO3nISQKlcayui8pCoBrYkPoRdy8y27TxLZTNJ
0zqkmZkRf0HWpVgXKpUWuXBdManIrTyANo0XtAOUwGaQGR3W2V/yEo71DmDrzHkK
AMpjrSsi0l+BSAVdbp5NTmA2qQ0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQTDjL4
kfzVG2nuDQngA343bGUnTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDk1NmU1MDctNjNiNy00ZDdkLWFjMTktNmU1YzVkMWRkZGQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS4z4DAN
BgkqhkiG9w0BAQsFAAOCAQEAgRfBTNiksCJ5a/Z3D8fcf00FWXYpnRkCGSsP9+yR
rUAnGYLm/39zkbQpY5a5mEc5u9n5fyE4uoGBdv/GEwKEUw9AY13GNF37ZC0jdN7T
xbqcozw4yykoHD5Z7nMYOE2o2V7Hyqe3yrBo2zmjJh0W7WRPt/BZpuChFatpu0wG
Dr6KERIt5iYCyLLTpaeiyoHbPj+Qjv3kP3n/1/K5a0j4z4QriCOhQZOkJTk8NjPV
hpZbkbEVRSyyfapxym8wBA02YIUwF/wF8MXcW4sWAytaNCzo/nxUTivS78vi/J3B
f8E8j+7dd/FjTilta2DIUfqnZ6PjYk5fAUwHeuQfLcz+Hg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:04 2025 by rpki-client