Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
File: 68677111-f27d-417a-8b43-a65f84482997.roa (raw, json)
Hash identifier: 2JgJY6YcNDQlQirO/EPi7HjARAr+FPIVb9glFhpF+S4=
Subject key identifier: AE:DC:49:60:FF:AC:5B:6A:FE:B5:06:46:1D:9B:5C:B9:62:2A:8E:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6416E72FD30BCCE469CC148245326C410E26ADA7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
Signing time: Fri 25 Jul 2025 16:51:06 +0000
ROA not before: Fri 25 Jul 2025 16:51:06 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:16:e7:2f:d3:0b:cc:e4:69:cc:14:82:45:32:6c:41:0e:26:ad:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:06 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=119893e651f009c410809633b18a187303dcd41f088a724cb21eaaf9d0c6a425, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:cd:ed:44:3e:b2:e5:a6:f5:51:bf:a9:a4:7d:
c6:64:48:47:84:c3:c9:2f:34:89:bc:bc:45:55:8c:
e7:cf:cb:e6:cd:8d:61:7f:c4:0c:df:c7:8a:7e:58:
bf:c5:89:c4:75:19:69:3f:b4:71:87:6a:6a:dc:3d:
cc:fb:5a:4a:91:31:9e:20:e8:d1:90:bc:2b:33:97:
58:d5:fc:d5:01:50:68:ea:a5:a5:90:46:75:88:11:
1c:bf:d7:80:8d:97:63:92:fc:b9:cd:35:12:14:8e:
56:a7:2e:e7:f0:b1:c5:50:c8:af:ad:15:62:ea:09:
d9:ac:b3:01:12:54:cf:fd:b6:68:a5:d1:d0:7b:75:
88:4f:29:36:16:2d:e5:fb:52:78:ce:1c:93:00:6e:
5c:71:10:64:1f:0f:49:cc:57:ea:97:77:08:7b:71:
f9:88:8b:38:2a:ac:ae:c1:4f:0b:b2:25:fb:c4:fd:
02:34:48:2f:35:57:b8:b8:7c:15:2f:d4:ba:5a:b5:
1e:50:66:c5:d9:31:5b:2e:1f:98:a4:97:56:59:f5:
30:cf:11:14:04:56:af:cb:a9:25:db:4c:f9:10:ec:
5a:ee:80:40:68:ad:49:3e:24:a8:46:71:59:e6:fa:
78:7c:58:99:7e:87:ea:ca:05:38:59:55:12:5f:51:
50:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:DC:49:60:FF:AC:5B:6A:FE:B5:06:46:1D:9B:5C:B9:62:2A:8E:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/19
Signature Algorithm: sha256WithRSAEncryption
55:ec:f1:74:85:ac:8b:21:53:6c:42:da:83:e7:c8:1a:5d:5a:
ee:8c:0d:38:d3:b1:3b:df:78:8b:fc:ef:07:27:94:b9:3b:83:
9e:ff:0e:6d:39:9f:53:b3:d3:b5:6f:68:d9:16:43:00:ec:56:
62:5a:23:aa:b0:fa:7e:83:98:a7:8d:03:d7:30:20:93:b2:ec:
8f:52:04:da:17:3c:00:43:54:67:43:e5:a2:fb:fd:d0:4c:32:
8e:12:4b:39:04:74:00:3a:b0:32:a1:15:cf:3a:00:46:c5:ca:
64:11:fa:a9:82:ee:74:1b:a6:50:c7:b0:1d:63:b1:6a:f8:9b:
a6:dc:ef:5f:45:26:c0:44:74:6e:7a:bc:af:f0:0b:b5:2d:90:
0a:e7:96:92:85:1e:5c:36:d1:70:f8:e6:29:fb:dc:6c:d6:c9:
af:a0:7c:15:7d:bf:ac:c8:66:c5:71:96:fa:b0:b8:d8:54:b4:
a1:af:69:a8:48:e0:ec:b3:c7:0a:49:4c:02:71:1b:9b:44:64:
d1:63:4d:00:a9:ce:02:f6:e3:1c:31:85:f8:5f:20:f3:95:07:
c0:eb:e1:48:c8:b6:87:11:eb:02:50:1c:46:47:86:9e:84:5b:
82:28:ab:ae:77:7d:62:56:47:83:2f:6c:d4:95:1e:66:94:6a:
2b:dd:9e:46
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZBbnL9MLzORpzBSCRTJsQQ4mracwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMDZaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDExOTg5M2U2NTFmMDA5YzQxMDgwOTYzM2IxOGExODczMDNkY2Q0MWYwODhh
NzI0Y2IyMWVhYWY5ZDBjNmE0MjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzN7UQ+suWm9VG/qaR9xmRIR4TDyS80iby8RVWM58/L5s2NYX/EDN/Hin5Y
v8WJxHUZaT+0cYdqatw9zPtaSpExniDo0ZC8KzOXWNX81QFQaOqlpZBGdYgRHL/X
gI2XY5L8uc01EhSOVqcu5/CxxVDIr60VYuoJ2ayzARJUz/22aKXR0Ht1iE8pNhYt
5ftSeM4ckwBuXHEQZB8PScxX6pd3CHtx+YiLOCqsrsFPC7Il+8T9AjRILzVXuLh8
FS/Uulq1HlBmxdkxWy4fmKSXVln1MM8RFARWr8upJdtM+RDsWu6AQGitST4kqEZx
Web6eHxYmX6H6soFOFlVEl9RUL8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSu3Elg
/6xbav61BkYdm1y5YiqOUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg2NzcxMTEtZjI3ZC00MTdhLThiNDMtYTY1Zjg0NDgyOTk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAVezxdIWsiyFTbELag+fIGl1a7owNONOxO994i/zv
ByeUuTuDnv8ObTmfU7PTtW9o2RZDAOxWYlojqrD6foOYp40D1zAgk7Lsj1IE2hc8
AENUZ0Plovv90EwyjhJLOQR0ADqwMqEVzzoARsXKZBH6qYLudBumUMewHWOxavib
ptzvX0UmwER0bnq8r/ALtS2QCueWkoUeXDbRcPjmKfvcbNbJr6B8FX2/rMhmxXGW
+rC42FS0oa9pqEjg7LPHCklMAnEbm0Rk0WNNAKnOAvbjHDGF+F8g85UHwOvhSMi2
hxHrAlAcRkeGnoRbgiirrnd9YlZHgy9s1JUeZpRqK92eRg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:00:56 2025 by rpki-client