Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
File: 6e1e6e69-6595-40ff-9430-d53f22670630.roa (raw, json)
Hash identifier: 1tvHfPkMSgk/2xfq+jvbbA5veN9sOTH+Qfs5EXJIclI=
Subject key identifier: 7C:E8:8B:46:CE:D9:63:79:58:B0:17:68:4A:6B:B7:3B:26:AD:E6:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20AFEDE8157D314FB9FA7D77B700B8D0C4CD02B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
Signing time: Tue 04 Nov 2025 03:00:11 +0000
ROA not before: Tue 04 Nov 2025 03:00:11 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.72.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:af:ed:e8:15:7d:31:4f:b9:fa:7d:77:b7:00:b8:d0:c4:cd:02:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 03:00:11 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=173583bd3116c8f5c53cb7737702dc410df5eb0737dce744104f0e60242180fa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:79:f5:9e:72:cc:d7:36:4c:fa:19:2a:98:98:
5b:de:32:2d:75:0c:1c:62:3f:ac:69:d1:bb:c4:36:
40:99:54:e8:ec:ca:83:2f:06:e9:24:40:d2:4a:1b:
94:48:6b:3e:ff:17:ca:89:b5:26:7a:6a:dd:51:cb:
ab:e3:51:2d:7f:0c:56:c9:a6:82:2c:8b:a3:6d:02:
24:97:14:7a:13:56:7f:eb:eb:1f:4e:e3:99:38:e5:
df:17:75:ce:f5:5d:f9:ff:ab:98:7c:df:36:dd:88:
11:26:ef:bc:23:1d:04:16:c6:a3:d8:c7:51:91:a4:
e5:75:5a:42:92:06:0c:5d:eb:e8:eb:1a:4c:75:04:
1c:55:8f:af:c7:95:0d:24:6d:07:41:b0:97:c6:ba:
88:56:24:76:aa:82:3f:3b:ce:f7:b3:73:9c:ec:9b:
4c:35:89:fe:9c:f7:b5:d4:e8:1f:47:1d:f8:cb:13:
35:2c:f7:c4:aa:09:b2:78:05:89:92:73:fd:a2:16:
18:36:64:c4:a4:47:91:df:6e:c2:34:08:c5:75:82:
2d:39:c1:2b:76:d8:a6:6f:76:53:b6:2d:1b:34:70:
6b:06:41:50:df:cc:78:b0:0f:34:d7:ce:50:12:a9:
ec:35:a0:0f:66:15:b9:1e:d3:71:48:6b:eb:af:c9:
68:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:E8:8B:46:CE:D9:63:79:58:B0:17:68:4A:6B:B7:3B:26:AD:E6:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.72.0/21
Signature Algorithm: sha256WithRSAEncryption
24:fa:94:a0:40:f8:84:12:d0:d4:d3:37:a5:c0:48:ec:0c:5f:
15:8f:cc:5b:67:8e:24:22:26:2c:be:c7:9e:d7:8f:e4:e2:ff:
1a:7c:db:24:9d:d1:e5:1a:d0:f3:02:84:a0:6e:d2:c2:d3:86:
a0:d0:50:7d:95:e0:41:54:f3:0a:be:25:37:4a:ae:78:91:9d:
d8:b3:40:ac:97:c9:65:bb:e1:0c:7f:29:dc:02:12:09:91:4e:
64:31:ef:7d:d6:1a:00:12:4b:5e:e6:55:28:3f:e7:cd:e9:10:
3d:13:bb:12:da:e5:3a:58:68:b4:58:f1:12:87:ce:7e:b4:5b:
ee:ab:2f:37:27:70:61:1a:d4:85:df:3d:6b:4e:7f:7a:c3:38:
d4:4c:95:31:7b:34:fa:20:53:24:97:6a:fa:57:33:ec:ba:c6:
25:21:f6:3b:68:e1:28:52:e2:6d:ce:e2:42:bc:9a:ed:30:64:
6d:91:75:30:7d:68:ba:e7:42:cf:07:0a:99:de:6b:81:05:0e:
6d:bb:2a:f4:3f:ce:7b:a5:f4:28:6f:cb:eb:73:0c:af:46:0e:
b6:43:4b:13:56:02:2b:0d:c5:ee:c8:f0:b6:3d:45:22:ba:f1:
04:a3:24:ae:14:2f:51:aa:9a:3b:ad:4c:d9:9b:99:cb:7a:2a:
d1:c5:5d:b0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIK/t6BV9MU+5+n13twC40MTNArgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMzAwMTFaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3MzU4M2JkMzExNmM4ZjVjNTNjYjc3Mzc3MDJkYzQxMGRmNWViMDczN2Rj
ZTc0NDEwNGYwZTYwMjQyMTgwZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALN59Z5yzNc2TPoZKpiYW94yLXUMHGI/rGnRu8Q2QJlU6OzKgy8G6SRA0kob
lEhrPv8Xyom1Jnpq3VHLq+NRLX8MVsmmgiyLo20CJJcUehNWf+vrH07jmTjl3xd1
zvVd+f+rmHzfNt2IESbvvCMdBBbGo9jHUZGk5XVaQpIGDF3r6OsaTHUEHFWPr8eV
DSRtB0Gwl8a6iFYkdqqCPzvO97NznOybTDWJ/pz3tdToH0cd+MsTNSz3xKoJsngF
iZJz/aIWGDZkxKRHkd9uwjQIxXWCLTnBK3bYpm92U7YtGzRwawZBUN/MeLAPNNfO
UBKp7DWgD2YVuR7TcUhr66/JaDsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR86ItG
ztljeViwF2hKa7c7Jq3mTzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUxZTZlNjktNjU5NS00MGZmLTk0MzAtZDUzZjIyNjcwNjMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JSDAN
BgkqhkiG9w0BAQsFAAOCAQEAJPqUoED4hBLQ1NM3pcBI7AxfFY/MW2eOJCImLL7H
nteP5OL/GnzbJJ3R5RrQ8wKEoG7SwtOGoNBQfZXgQVTzCr4lN0queJGd2LNArJfJ
ZbvhDH8p3AISCZFOZDHvfdYaABJLXuZVKD/nzekQPRO7EtrlOlhotFjxEofOfrRb
7qsvNydwYRrUhd89a05/esM41EyVMXs0+iBTJJdq+lcz7LrGJSH2O2jhKFLibc7i
Qrya7TBkbZF1MH1ouudCzwcKmd5rgQUObbsq9D/Oe6X0KG/L63MMr0YOtkNLE1YC
Kw3F7sjwtj1FIrrxBKMkrhQvUaqaO61M2ZuZy3oq0cVdsA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:14:30 2025 by rpki-client