Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
File: 4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa (raw, json)
Hash identifier: ir4rYR/3htYa5fuy2zYR9l4cg1ol91Y9cto8O/uZDrQ=
Subject key identifier: EE:9A:2A:D8:2C:3D:BA:5B:B6:15:5F:75:71:C1:CF:68:7D:AA:EA:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 787CCDCC873AC0E0642D9F6124977A3E39072B13
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
Signing time: Fri 25 Jul 2025 16:51:23 +0000
ROA not before: Fri 25 Jul 2025 16:51:23 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:7c:cd:cc:87:3a:c0:e0:64:2d:9f:61:24:97:7a:3e:39:07:2b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:23 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=e138fddd81972ffde5eb63bcbd466e0a73a25f94be006962557cf0ff3cb642b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6f:c7:c3:b2:c8:70:c7:56:5e:a0:5a:b3:dc:
2e:b7:33:b6:6d:d0:73:ce:5f:8c:63:2b:15:a7:b4:
93:67:88:64:8b:57:4b:87:27:6b:dc:51:52:ae:2c:
1c:03:cd:9c:50:5b:9f:28:a8:05:68:94:49:a3:08:
d9:d1:43:21:89:5e:0d:bc:10:c9:11:4e:f7:8e:a9:
e1:fc:21:59:33:e2:08:7e:a7:8b:49:e2:fe:e8:ac:
ef:04:29:39:eb:18:91:12:ec:1d:56:43:1a:ac:87:
2c:2d:3a:26:4f:5d:62:6b:25:4f:c3:f3:08:ed:73:
a2:5a:da:ba:ef:af:30:b6:99:c9:ef:34:fa:b5:d3:
41:cc:00:91:94:97:14:db:2a:55:a4:d9:17:21:a5:
d2:b4:fa:3e:79:71:0f:1e:f8:94:3d:77:21:fb:13:
9d:b9:91:8d:bc:50:0a:72:2a:2e:5b:6e:b1:61:65:
38:b1:2f:88:70:90:8a:6c:b5:39:b0:b0:39:9c:b6:
1c:f2:b8:73:f7:ec:16:10:65:06:aa:e7:69:90:43:
28:2f:b3:85:ee:4b:27:6c:d7:94:f8:61:54:4a:4d:
ac:d4:4a:86:05:50:04:c4:e8:d2:b5:20:f8:e3:e8:
fb:28:5d:78:fd:47:ae:ae:94:9a:8d:b6:7e:b4:31:
bb:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9A:2A:D8:2C:3D:BA:5B:B6:15:5F:75:71:C1:CF:68:7D:AA:EA:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.240.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:23:8d:e7:cc:3f:50:98:88:bd:45:a8:8b:5f:b7:8d:22:e2:
e2:88:da:18:53:64:ca:85:b8:be:72:fb:3a:fe:03:49:0e:ed:
c8:12:a6:5e:da:83:1f:f1:48:6c:65:ad:b1:50:9c:b5:bb:2a:
fe:1f:26:23:1e:91:e4:33:f7:50:10:cc:5e:50:d8:3e:e1:bf:
ff:1b:e6:fe:44:bf:a1:55:36:87:e6:47:d0:34:72:79:99:1d:
52:1c:78:8c:78:8d:93:fc:da:1e:86:b9:04:22:2f:f5:f7:be:
ac:ad:03:fe:5b:a5:99:60:f0:7d:4f:c9:55:d9:0b:a0:ad:0f:
e6:0b:92:c8:9f:b7:7a:4d:16:b1:83:23:80:28:db:7c:8b:ca:
58:eb:dc:40:0a:3a:cc:00:ce:49:ca:52:c6:b0:05:c8:78:09:
4f:17:34:73:42:09:e0:b6:ec:73:b5:73:b5:00:4a:b6:e9:75:
0a:ff:52:83:c0:26:16:6a:7a:9a:5b:ba:b6:de:b9:ee:6b:49:
57:23:f5:46:ee:9d:25:64:aa:11:94:d5:fe:8f:65:c9:ab:92:
48:59:1e:13:85:ae:09:9d:e8:36:a8:93:32:75:b3:2c:0d:40:
48:2d:03:27:93:2e:84:79:77:a4:9e:ef:fe:da:7b:63:99:ec:
bc:f8:d5:06
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeHzNzIc6wOBkLZ9hJJd6PjkHKxMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMjNaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxMzhmZGRkODE5NzJmZmRlNWViNjNiY2JkNDY2ZTBhNzNhMjVmOTRiZTAw
Njk2MjU1N2NmMGZmM2NiNjQyYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJvx8OyyHDHVl6gWrPcLrcztm3Qc85fjGMrFae0k2eIZItXS4cna9xRUq4s
HAPNnFBbnyioBWiUSaMI2dFDIYleDbwQyRFO946p4fwhWTPiCH6ni0ni/uis7wQp
OesYkRLsHVZDGqyHLC06Jk9dYmslT8PzCO1zolrauu+vMLaZye80+rXTQcwAkZSX
FNsqVaTZFyGl0rT6PnlxDx74lD13IfsTnbmRjbxQCnIqLltusWFlOLEviHCQimy1
ObCwOZy2HPK4c/fsFhBlBqrnaZBDKC+zhe5LJ2zXlPhhVEpNrNRKhgVQBMTo0rUg
+OPo+yhdeP1Hrq6Umo22frQxuy8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTumirY
LD26W7YVX3Vxwc9ofarq5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRkMzExNjMtMmFkNy00OWY1LWEyNGQtMmVhNDE3MGJiMDVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6J8DAN
BgkqhkiG9w0BAQsFAAOCAQEArSON58w/UJiIvUWoi1+3jSLi4ojaGFNkyoW4vnL7
Ov4DSQ7tyBKmXtqDH/FIbGWtsVCctbsq/h8mIx6R5DP3UBDMXlDYPuG//xvm/kS/
oVU2h+ZH0DRyeZkdUhx4jHiNk/zaHoa5BCIv9fe+rK0D/lulmWDwfU/JVdkLoK0P
5guSyJ+3ek0WsYMjgCjbfIvKWOvcQAo6zADOScpSxrAFyHgJTxc0c0IJ4Lbsc7Vz
tQBKtul1Cv9Sg8AmFmp6mlu6tt657mtJVyP1Ru6dJWSqEZTV/o9lyauSSFkeE4Wu
CZ3oNqiTMnWzLA1ASC0DJ5MuhHl3pJ7v/tp7Y5nsvPjVBg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:23 2025 by rpki-client