Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82037871-73f4-40ba-be5d-495a41d85184.roa
File: 82037871-73f4-40ba-be5d-495a41d85184.roa (raw, json)
Hash identifier: zw1IRamf38m8rbU7lWrvevOkZo0TmumTlKxgmvSOpik=
Subject key identifier: F9:51:D7:CE:EF:A6:02:1D:9D:AA:29:5E:F7:53:B7:BC:77:8D:A0:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A6FED8ACB37BDB384CD427ACE8AB6091F897FAE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82037871-73f4-40ba-be5d-495a41d85184.roa
Signing time: Fri 31 Oct 2025 01:20:11 +0000
ROA not before: Fri 31 Oct 2025 01:20:11 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 7224
IP address blocks: 46.51.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:6f:ed:8a:cb:37:bd:b3:84:cd:42:7a:ce:8a:b6:09:1f:89:7f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 31 01:20:11 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=0d2e809d7f7d33f30b8ed67c8ec97e3fc2ed994374693838477435f21edd7f5c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:db:da:7b:b1:fc:8e:c9:06:f4:07:ea:96:d9:
53:46:e1:8f:fb:6c:e7:34:9d:83:b4:9a:24:d8:26:
c1:db:d6:d0:ce:c4:23:93:9c:a4:46:19:0c:31:0d:
8d:b7:20:8a:f6:3d:85:c1:93:93:bb:a1:df:91:bf:
61:54:b4:76:44:3a:8d:fb:bc:dd:10:8a:fc:c5:26:
41:fc:60:20:de:d0:61:89:42:98:a9:55:91:5c:e4:
4a:a8:f7:00:11:35:41:7a:8d:f7:42:d6:30:77:8b:
ab:47:da:7f:86:ed:cd:c8:1a:c2:49:12:74:87:40:
2b:73:af:97:da:33:f5:e5:b5:b1:31:45:fb:11:27:
ae:dc:e5:d7:d4:10:28:66:4e:e0:da:31:5f:17:6d:
45:88:f7:71:b5:da:82:e3:34:a9:61:d9:3f:01:e2:
2f:77:25:61:78:62:10:ec:4f:63:a4:ec:fc:3b:c7:
18:c8:b4:bc:16:19:c8:8b:4f:40:4f:94:b0:b4:bb:
ce:04:91:a7:5e:08:92:36:b4:89:06:c4:69:af:43:
42:28:08:c9:0d:9b:f3:07:b8:68:4e:af:3f:70:d2:
56:b5:9d:b0:ef:47:d2:e7:d4:07:85:79:69:28:47:
08:12:fc:d5:6c:92:4f:ad:f4:26:64:82:fa:96:f1:
10:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:51:D7:CE:EF:A6:02:1D:9D:AA:29:5E:F7:53:B7:BC:77:8D:A0:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82037871-73f4-40ba-be5d-495a41d85184.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.212.0/22
Signature Algorithm: sha256WithRSAEncryption
73:27:4f:5c:59:64:28:d6:34:59:67:fd:de:78:d4:cb:74:dd:
a1:14:35:c7:44:8e:fb:91:06:5c:73:b7:c0:ea:ff:71:75:fc:
85:aa:9e:6a:61:f2:cc:9f:23:b9:f6:4a:29:d7:8b:1d:07:23:
eb:56:15:d7:47:0b:88:2c:e3:9c:b6:0a:b9:01:6b:6f:20:53:
d2:5a:9c:2c:5a:08:ac:89:0f:cf:ab:0b:0c:f7:e1:6c:69:fb:
0a:53:b3:f5:a0:4f:a9:59:1b:b9:48:19:02:57:10:e1:4c:af:
59:98:5b:82:ec:dc:a3:03:14:94:f7:5e:ce:98:e6:15:0f:8f:
e2:e5:47:5e:9b:ee:23:2a:e1:5e:53:96:1a:c7:c0:82:09:80:
76:87:a9:e4:1a:d6:7d:6b:34:1e:03:92:f5:92:20:4a:9c:ea:
f2:14:48:b8:f4:e1:a8:e5:4f:f7:19:79:bd:ea:75:83:65:1f:
e9:a1:14:1d:fa:69:be:a8:25:0d:6d:ff:41:85:18:c3:12:f4:
6e:77:ea:19:8c:04:bc:e9:3b:d9:53:f1:1d:6c:3a:49:bd:1f:
0b:93:6a:b6:d0:17:02:1c:a8:1d:88:21:23:64:ad:7d:f6:31:
03:22:2f:d3:24:79:5a:c6:73:b3:c8:bb:35:28:e5:95:ae:00:
8e:d4:3a:19
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUam/tiss3vbOEzUJ6zoq2CR+Jf64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMzEwMTIwMTFaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkMmU4MDlkN2Y3ZDMzZjMwYjhlZDY3YzhlYzk3ZTNmYzJlZDk5NDM3NDY5
MzgzODQ3NzQzNWYyMWVkZDdmNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/b2nux/I7JBvQH6pbZU0bhj/ts5zSdg7SaJNgmwdvW0M7EI5OcpEYZDDEN
jbcgivY9hcGTk7uh35G/YVS0dkQ6jfu83RCK/MUmQfxgIN7QYYlCmKlVkVzkSqj3
ABE1QXqN90LWMHeLq0faf4btzcgawkkSdIdAK3Ovl9oz9eW1sTFF+xEnrtzl19QQ
KGZO4NoxXxdtRYj3cbXaguM0qWHZPwHiL3clYXhiEOxPY6Ts/DvHGMi0vBYZyItP
QE+UsLS7zgSRp14Ikja0iQbEaa9DQigIyQ2b8we4aE6vP3DSVrWdsO9H0ufUB4V5
aShHCBL81WyST630JmSC+pbxEDcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT5UdfO
76YCHZ2qKV73U7e8d42gdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODIwMzc4NzEtNzNmNC00MGJhLWJlNWQtNDk1YTQxZDg1MTg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z1DAN
BgkqhkiG9w0BAQsFAAOCAQEAcydPXFlkKNY0WWf93njUy3TdoRQ1x0SO+5EGXHO3
wOr/cXX8haqeamHyzJ8jufZKKdeLHQcj61YV10cLiCzjnLYKuQFrbyBT0lqcLFoI
rIkPz6sLDPfhbGn7ClOz9aBPqVkbuUgZAlcQ4UyvWZhbguzcowMUlPdezpjmFQ+P
4uVHXpvuIyrhXlOWGsfAggmAdoep5BrWfWs0HgOS9ZIgSpzq8hRIuPThqOVP9xl5
vep1g2Uf6aEUHfppvqglDW3/QYUYwxL0bnfqGYwEvOk72VPxHWw6Sb0fC5NqttAX
AhyoHYghI2StffYxAyIv0yR5WsZzs8i7NSjlla4AjtQ6GQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:12:47 2025 by rpki-client