Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
File: 6e1e6e69-6595-40ff-9430-d53f22670630.roa (raw, json)
Hash identifier: 3/9PVsLRyhRzPNfO+BQ3NF4KenHrOzZkQqQBPEQXCZE=
Subject key identifier: 33:A3:64:71:82:22:F0:5D:F1:D6:2E:30:C9:8A:B9:C9:E1:98:89:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 238A1E1FD644B94EB91B1876CD7E0F8EA86356BF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
Signing time: Fri 25 Jul 2025 16:51:18 +0000
ROA not before: Fri 25 Jul 2025 16:51:18 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.72.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:8a:1e:1f:d6:44:b9:4e:b9:1b:18:76:cd:7e:0f:8e:a8:63:56:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:18 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=2a68c6c0793ba323a0cab82c45d6004ed9961dec6f736f93e6d09d160957352d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:42:51:fc:1a:21:60:58:38:a2:3c:53:66:bd:
a7:87:15:30:e2:28:a5:93:f4:43:3d:2d:af:55:d9:
89:43:a1:45:35:55:a8:fb:43:8d:84:78:d0:54:d4:
fa:f7:68:02:9b:69:56:06:f8:43:2d:fa:fa:c9:5b:
4e:eb:9e:f0:e1:3a:3e:ee:fe:03:43:e4:05:b8:67:
de:b3:d5:88:ac:55:e9:89:bb:24:56:a9:29:23:2e:
12:1f:78:96:f7:8a:66:92:dc:68:36:bb:7d:2c:83:
c7:90:c7:8b:f2:9d:95:30:64:47:6f:93:d3:c3:c2:
ef:fd:5a:64:e1:96:e5:a7:67:a6:ff:96:3a:e1:8b:
a3:36:1a:16:a2:e4:3b:ca:a7:18:29:d7:a9:1f:53:
2e:45:e2:5d:17:32:a0:8d:c5:1c:5b:47:cb:0b:19:
f3:9b:1a:b6:c4:16:2b:01:15:6f:27:5a:c4:06:8f:
6c:2a:43:9d:f4:c4:26:d7:a5:af:f1:f3:2c:e9:5b:
09:2e:16:4c:3d:24:9e:d2:75:1a:36:bb:2f:25:5a:
7a:0a:68:48:ac:1e:16:52:90:38:09:22:6c:a1:1f:
b5:c4:9a:8b:8c:2a:be:d5:8e:d6:fe:08:0b:40:26:
50:fa:32:3b:74:ca:f1:83:11:d3:64:68:f0:d9:8a:
b9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A3:64:71:82:22:F0:5D:F1:D6:2E:30:C9:8A:B9:C9:E1:98:89:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.72.0/21
Signature Algorithm: sha256WithRSAEncryption
37:c7:cb:97:44:7e:27:7f:bb:a7:93:19:b8:ed:aa:b5:b8:c8:
a5:7f:f5:90:18:8d:15:7c:cb:fd:03:28:ea:1f:e7:24:ce:92:
1c:b6:d1:60:0c:a1:42:96:65:66:ec:6c:17:ed:d2:ff:63:6d:
07:f7:d0:bc:13:fd:a1:06:e4:04:23:38:67:b2:35:4f:ca:0f:
03:cd:05:a3:79:8d:c6:d4:3f:3a:ae:a9:11:93:3a:24:d4:fe:
c1:a1:ff:4b:47:39:27:33:8b:d2:21:78:fa:fd:2b:50:ab:44:
a6:6d:b8:ae:78:0d:13:10:d6:50:07:3f:ff:0d:73:e8:08:f5:
d7:09:98:04:73:d8:2d:82:bd:03:6c:3d:4b:7b:db:74:43:b1:
02:be:2c:f2:4c:b6:71:ea:12:7d:9d:30:3c:7c:04:8f:15:74:
24:7b:30:4e:58:1a:e3:5c:b4:ba:03:91:14:77:25:b2:ad:b3:
98:2c:9e:6d:8c:41:f2:66:31:19:76:98:93:d3:0d:95:2f:70:
da:2d:2e:fc:36:84:2e:0f:8e:d2:d2:81:a1:ea:12:4c:18:76:
92:2f:ff:b5:9e:2f:56:ff:5f:63:5f:b7:a5:bc:d7:d4:7e:82:
69:7e:0b:61:22:2b:db:cd:32:3e:3f:c8:9f:05:df:97:63:0e:
21:86:ad:8d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUI4oeH9ZEuU65Gxh2zX4PjqhjVr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMThaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhNjhjNmMwNzkzYmEzMjNhMGNhYjgyYzQ1ZDYwMDRlZDk5NjFkZWM2Zjcz
NmY5M2U2ZDA5ZDE2MDk1NzM1MmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVCUfwaIWBYOKI8U2a9p4cVMOIopZP0Qz0tr1XZiUOhRTVVqPtDjYR40FTU
+vdoAptpVgb4Qy36+slbTuue8OE6Pu7+A0PkBbhn3rPViKxV6Ym7JFapKSMuEh94
lveKZpLcaDa7fSyDx5DHi/KdlTBkR2+T08PC7/1aZOGW5adnpv+WOuGLozYaFqLk
O8qnGCnXqR9TLkXiXRcyoI3FHFtHywsZ85satsQWKwEVbydaxAaPbCpDnfTEJtel
r/HzLOlbCS4WTD0kntJ1Gja7LyVaegpoSKweFlKQOAkibKEftcSai4wqvtWO1v4I
C0AmUPoyO3TK8YMR02Ro8NmKuckCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQzo2Rx
giLwXfHWLjDJirnJ4ZiJaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUxZTZlNjktNjU5NS00MGZmLTk0MzAtZDUzZjIyNjcwNjMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JSDAN
BgkqhkiG9w0BAQsFAAOCAQEAN8fLl0R+J3+7p5MZuO2qtbjIpX/1kBiNFXzL/QMo
6h/nJM6SHLbRYAyhQpZlZuxsF+3S/2NtB/fQvBP9oQbkBCM4Z7I1T8oPA80Fo3mN
xtQ/Oq6pEZM6JNT+waH/S0c5JzOL0iF4+v0rUKtEpm24rngNExDWUAc//w1z6Aj1
1wmYBHPYLYK9A2w9S3vbdEOxAr4s8ky2ceoSfZ0wPHwEjxV0JHswTlga41y0ugOR
FHclsq2zmCyebYxB8mYxGXaYk9MNlS9w2i0u/DaELg+O0tKBoeoSTBh2ki//tZ4v
Vv9fY1+3pbzX1H6CaX4LYSIr280yPj/InwXfl2MOIYatjQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:20 2025 by rpki-client