Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
File: 68677111-f27d-417a-8b43-a65f84482997.roa (raw, json)
Hash identifier: JD4AcvkMV6Wi0Ab4v7hpYfb2JfzTQ898/jIiroOC+gI=
Subject key identifier: 4B:16:5B:FD:F2:A3:87:47:E3:E0:1B:44:19:9E:2F:33:AA:ED:83:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 108E8DE91EE27520A099A3A0B683DDBCDEBFBB23
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
Signing time: Tue 04 Nov 2025 02:51:05 +0000
ROA not before: Tue 04 Nov 2025 02:51:05 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:8e:8d:e9:1e:e2:75:20:a0:99:a3:a0:b6:83:dd:bc:de:bf:bb:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:51:05 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=2ba44a3a4f22fe047ba110b326694e7781795f553b638b6da6b94bf3465f0fbf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4b:62:9a:f4:1e:1d:3d:76:36:e3:91:f4:21:
7a:2c:31:36:42:32:46:25:6f:95:64:57:dc:34:a0:
23:a8:09:93:82:a4:88:a6:53:89:94:6a:46:f5:f9:
c2:16:4e:80:a6:d8:68:84:39:6d:d1:92:40:97:49:
51:2d:72:08:47:11:18:66:5f:66:b6:52:de:e3:fa:
88:f3:84:98:08:ae:0e:22:04:d1:ac:4a:12:71:6d:
65:4e:13:eb:72:70:d1:11:e9:d3:60:da:05:5f:f5:
ae:65:f9:02:b6:65:92:d6:31:df:e5:d2:6f:6f:fe:
de:57:0f:89:73:00:6d:e6:ee:5a:08:6b:0c:6f:9a:
fc:a7:0a:2d:1c:fb:41:ba:c5:00:30:ce:bf:0c:2a:
12:93:e7:66:e9:12:f8:d3:80:57:33:b6:4f:e0:2e:
16:e4:75:b5:cc:4f:bb:e8:f8:69:14:74:9c:34:ba:
56:e1:4d:78:b5:fc:ca:8f:ae:b0:90:06:cd:d0:39:
37:60:a7:7f:55:e5:96:a9:f5:13:cd:0b:a9:fa:c8:
e6:7f:d2:4f:43:9c:79:9b:ed:e7:3c:0f:11:9b:78:
8b:85:57:76:c6:17:08:01:77:39:db:8f:2c:7c:b7:
2c:a3:6f:8c:94:2a:8a:68:bf:bf:53:56:cb:fa:42:
33:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:16:5B:FD:F2:A3:87:47:E3:E0:1B:44:19:9E:2F:33:AA:ED:83:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/19
Signature Algorithm: sha256WithRSAEncryption
26:2f:d9:9a:08:18:f8:10:78:f5:44:c7:a3:bb:98:0d:5f:68:
f1:08:ff:b0:99:77:72:00:b3:10:cd:11:97:24:f1:62:2f:b3:
04:ae:b0:40:5c:96:96:a8:97:42:e7:75:59:8f:c9:f8:06:8f:
fc:8b:9a:63:c5:d0:d7:20:c9:3d:a2:cd:a7:1f:75:5b:a7:48:
70:ce:fe:08:4f:b6:8a:b3:7e:ac:23:45:73:ee:0b:95:9e:69:
bf:f3:26:78:ae:d5:44:b1:26:f4:90:af:3d:cf:6f:5d:64:f0:
6b:70:c5:c9:c5:8d:fc:48:ba:14:70:b7:54:e1:27:31:b2:ed:
a2:e6:d1:4b:0e:52:fc:90:c2:6f:fd:76:48:07:32:e3:e6:85:
a3:30:5c:ef:3e:62:13:55:3d:76:95:5f:f7:a3:f1:f1:93:f1:
f8:4f:13:69:06:34:53:fa:38:05:d3:fd:1c:f0:db:1f:fb:28:
4e:04:24:b6:8e:17:31:66:85:5d:96:f0:cc:44:aa:63:d5:07:
d2:5e:b3:29:e2:21:b8:a5:9d:7d:74:ab:f5:7b:9a:81:7d:83:
26:c3:7c:cf:0d:7d:73:4c:8d:15:ed:06:c5:d0:e2:61:33:28:
98:a4:86:89:e4:e8:a4:d6:5e:8c:8e:d0:98:90:0f:9a:ac:ec:
df:3f:fa:88
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEI6N6R7idSCgmaOgtoPdvN6/uyMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUxMDVaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiYTQ0YTNhNGYyMmZlMDQ3YmExMTBiMzI2Njk0ZTc3ODE3OTVmNTUzYjYz
OGI2ZGE2Yjk0YmYzNDY1ZjBmYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJLYpr0Hh09djbjkfQheiwxNkIyRiVvlWRX3DSgI6gJk4KkiKZTiZRqRvX5
whZOgKbYaIQ5bdGSQJdJUS1yCEcRGGZfZrZS3uP6iPOEmAiuDiIE0axKEnFtZU4T
63Jw0RHp02DaBV/1rmX5ArZlktYx3+XSb2/+3lcPiXMAbebuWghrDG+a/KcKLRz7
QbrFADDOvwwqEpPnZukS+NOAVzO2T+AuFuR1tcxPu+j4aRR0nDS6VuFNeLX8yo+u
sJAGzdA5N2Cnf1Xllqn1E80LqfrI5n/ST0OceZvt5zwPEZt4i4VXdsYXCAF3OduP
LHy3LKNvjJQqimi/v1NWy/pCM+ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRLFlv9
8qOHR+PgG0QZni8zqu2DSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg2NzcxMTEtZjI3ZC00MTdhLThiNDMtYTY1Zjg0NDgyOTk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAJi/ZmggY+BB49UTHo7uYDV9o8Qj/sJl3cgCzEM0R
lyTxYi+zBK6wQFyWlqiXQud1WY/J+AaP/IuaY8XQ1yDJPaLNpx91W6dIcM7+CE+2
irN+rCNFc+4LlZ5pv/MmeK7VRLEm9JCvPc9vXWTwa3DFycWN/Ei6FHC3VOEnMbLt
oubRSw5S/JDCb/12SAcy4+aFozBc7z5iE1U9dpVf96Px8ZPx+E8TaQY0U/o4BdP9
HPDbH/soTgQkto4XMWaFXZbwzESqY9UH0l6zKeIhuKWdfXSr9XuagX2DJsN8zw19
c0yNFe0GxdDiYTMomKSGieTopNZejI7QmJAPmqzs3z/6iA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:17:06 2025 by rpki-client