Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82037871-73f4-40ba-be5d-495a41d85184.roa
File: 82037871-73f4-40ba-be5d-495a41d85184.roa (raw, json)
Hash identifier: OQbLKohU7/Gi52O56S8q48UunWRUaShAGgOPzdGorWA=
Subject key identifier: F4:14:5A:96:64:21:12:A4:97:8C:78:DB:18:3B:0E:07:71:DA:D7:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17526AC5E18544D5FCCEDD37B6EBDB8DC9C02664
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82037871-73f4-40ba-be5d-495a41d85184.roa
Signing time: Mon 21 Jul 2025 17:00:08 +0000
ROA not before: Mon 21 Jul 2025 17:00:08 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 7224
IP address blocks: 46.51.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:52:6a:c5:e1:85:44:d5:fc:ce:dd:37:b6:eb:db:8d:c9:c0:26:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 17:00:08 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=8c2dcada2f0027a089249b714ef2ebed53d070abc61bd4532fd7785346b97ee5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3a:c3:ec:b6:b3:49:5e:08:30:65:d1:81:ff:
ff:2a:09:3e:ee:15:a3:89:13:c2:c0:90:76:61:74:
b5:56:ae:06:52:1f:53:81:17:6f:46:79:8d:43:dc:
ca:f5:79:4f:0f:db:44:cf:16:b7:0c:eb:5d:6e:c1:
9d:48:49:c9:93:9f:c5:1b:e1:f8:99:dd:6d:46:10:
1b:22:95:e7:dc:c5:e3:7e:37:04:be:41:ea:ab:0a:
06:79:95:fa:17:7e:cf:5d:b9:cf:c9:c4:3b:11:35:
b4:b6:85:82:ec:ee:1b:11:5b:57:2d:ed:3a:aa:a6:
c0:35:f7:63:59:c2:bc:00:8f:31:e6:00:b1:c8:c5:
dc:43:f9:82:35:10:df:3d:30:21:f8:ef:9d:32:6f:
2d:b3:b5:aa:80:53:75:a5:80:c4:a6:f9:43:22:8f:
b8:e1:44:dc:0f:b4:93:2f:48:98:d9:2e:71:4a:4b:
65:88:c6:64:c7:7b:65:62:91:eb:e7:99:f7:c4:7c:
91:20:15:98:0c:32:24:a1:de:3b:02:49:bc:49:03:
43:f7:64:33:d8:45:75:04:af:92:b4:c0:7f:f3:92:
ec:0c:cf:b3:54:98:3b:8d:02:cf:fb:55:41:14:11:
a0:45:31:93:21:b4:62:c2:e4:d5:bc:d4:7a:84:da:
ad:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:14:5A:96:64:21:12:A4:97:8C:78:DB:18:3B:0E:07:71:DA:D7:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82037871-73f4-40ba-be5d-495a41d85184.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.212.0/22
Signature Algorithm: sha256WithRSAEncryption
81:b5:be:b4:82:ff:da:0c:23:04:44:2d:7e:1a:e8:96:e7:cf:
e1:29:54:a0:2b:eb:61:41:05:cd:04:9e:a2:d4:bb:16:8b:98:
96:ed:ae:8f:0e:c6:fe:68:c5:85:fd:ac:ab:65:ab:96:ec:d2:
ac:ef:0b:9c:98:2f:31:24:2c:29:be:9f:64:fa:68:17:44:87:
54:8e:fd:b6:63:5a:ef:ce:6f:b9:41:0f:20:87:65:13:d7:da:
b9:99:b2:06:94:ef:29:b7:bc:9d:98:0b:c1:32:d6:a1:4c:af:
9a:1f:3e:46:92:2e:b8:a5:a8:59:3d:b2:81:f5:14:2c:c4:74:
66:26:b7:76:c9:40:61:8a:f2:4b:27:a0:d5:f6:60:84:27:09:
15:dd:00:73:af:f8:c2:bb:42:88:85:c4:55:d2:70:40:5e:e9:
12:a8:a5:26:45:32:c0:3a:e6:68:18:bd:5a:48:05:f4:89:0d:
cc:68:cf:0e:be:5a:66:dc:51:c2:28:ca:a8:d9:d2:bd:7a:a7:
6f:f8:83:33:0b:51:27:15:44:f5:c2:3b:05:a2:a8:97:bc:35:
33:3c:bf:36:a0:97:a2:a6:e9:3a:b3:6d:38:dc:62:29:30:3e:
70:7b:68:21:0c:c3:57:33:89:3d:ad:37:3c:22:d7:5d:33:25:
8a:d8:29:fa
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUF1JqxeGFRNX8zt03tuvbjcnAJmQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNzAwMDhaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjMmRjYWRhMmYwMDI3YTA4OTI0OWI3MTRlZjJlYmVkNTNkMDcwYWJjNjFi
ZDQ1MzJmZDc3ODUzNDZiOTdlZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK86w+y2s0leCDBl0YH//yoJPu4Vo4kTwsCQdmF0tVauBlIfU4EXb0Z5jUPc
yvV5Tw/bRM8WtwzrXW7BnUhJyZOfxRvh+JndbUYQGyKV59zF4343BL5B6qsKBnmV
+hd+z125z8nEOxE1tLaFguzuGxFbVy3tOqqmwDX3Y1nCvACPMeYAscjF3EP5gjUQ
3z0wIfjvnTJvLbO1qoBTdaWAxKb5QyKPuOFE3A+0ky9ImNkucUpLZYjGZMd7ZWKR
6+eZ98R8kSAVmAwyJKHeOwJJvEkDQ/dkM9hFdQSvkrTAf/OS7AzPs1SYO40Cz/tV
QRQRoEUxkyG0YsLk1bzUeoTarT8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT0FFqW
ZCESpJeMeNsYOw4HcdrXDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODIwMzc4NzEtNzNmNC00MGJhLWJlNWQtNDk1YTQxZDg1MTg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z1DAN
BgkqhkiG9w0BAQsFAAOCAQEAgbW+tIL/2gwjBEQtfhrolufP4SlUoCvrYUEFzQSe
otS7FouYlu2ujw7G/mjFhf2sq2WrluzSrO8LnJgvMSQsKb6fZPpoF0SHVI79tmNa
785vuUEPIIdlE9fauZmyBpTvKbe8nZgLwTLWoUyvmh8+RpIuuKWoWT2ygfUULMR0
Zia3dslAYYrySyeg1fZghCcJFd0Ac6/4wrtCiIXEVdJwQF7pEqilJkUywDrmaBi9
WkgF9IkNzGjPDr5aZtxRwijKqNnSvXqnb/iDMwtRJxVE9cI7BaKol7w1Mzy/NqCX
oqbpOrNtONxiKTA+cHtoIQzDVzOJPa03PCLXXTMlitgp+g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:57:34 2025 by rpki-client