Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
File: 842bd74b-e507-47ea-bb4e-32057136b2bd.roa (raw, json)
Hash identifier: 2MClbvo/AQEtVN1e+1+lIlYRD7y3otoqwrwCvSB/6EA=
Subject key identifier: 1B:B8:00:20:46:38:80:E1:9A:0A:C6:61:4C:40:B0:AF:64:0C:EC:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B04CF36FF372CFDC0857747E5419BE70F47517B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
Signing time: Tue 04 Nov 2025 02:51:04 +0000
ROA not before: Tue 04 Nov 2025 02:51:04 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:04:cf:36:ff:37:2c:fd:c0:85:77:47:e5:41:9b:e7:0f:47:51:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:51:04 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=d3be579fe4e7c2ba7e20abb7a98c75ea8294148881192633a2c0e94c68c4b70e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e7:45:55:0d:c2:22:57:ce:5b:07:1c:bb:16:
73:6b:4d:e1:23:2f:e0:2a:64:e2:d5:f8:ba:38:5e:
0a:90:ee:ae:83:22:48:89:4d:1b:3e:04:99:1e:1d:
57:2f:7f:76:df:91:37:96:97:ac:14:7a:02:9a:45:
a6:07:cd:d9:42:07:72:d1:bb:2d:ce:75:58:59:05:
99:f4:e9:f8:5d:60:08:2a:9a:65:58:4f:52:42:6d:
b2:00:17:8b:9d:93:28:c2:4d:3c:86:7c:16:b9:bb:
08:56:22:70:33:aa:26:cd:ed:08:4c:1d:97:c5:7d:
16:0c:6a:70:43:1c:93:86:c2:6e:57:25:f9:40:d6:
1b:39:c7:c0:06:3e:fe:27:0b:f5:47:e7:22:1c:51:
39:c5:de:5a:d0:c3:74:e3:1f:80:75:88:1c:ad:fd:
2b:d9:ee:d2:72:34:8f:d8:66:d8:0a:49:12:80:75:
24:74:bc:9d:18:aa:66:63:c1:72:4f:7d:95:b3:11:
7f:c5:67:8d:7e:c6:27:05:d3:31:39:9d:c9:62:b8:
32:29:c1:65:46:56:c8:30:53:7c:ac:d2:4f:a0:22:
2e:97:c6:0a:02:60:d3:aa:15:9a:50:82:56:65:83:
2d:79:38:c2:95:02:11:12:31:c8:2e:06:e7:f7:71:
f0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:B8:00:20:46:38:80:E1:9A:0A:C6:61:4C:40:B0:AF:64:0C:EC:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/18
Signature Algorithm: sha256WithRSAEncryption
9a:75:7f:df:b8:c7:62:8b:17:bb:3c:69:a8:16:95:74:ad:ab:
31:0b:83:02:ad:3c:05:fc:85:cf:a9:70:0c:34:6e:0f:86:02:
4c:c8:70:e4:7f:a0:0e:ab:61:34:52:19:df:b5:90:4c:74:9d:
3a:25:b7:22:a9:7e:b7:ca:22:e8:36:2e:07:16:c9:da:7f:99:
57:e2:43:c5:d2:76:6a:a9:2a:a2:22:82:a3:8e:0c:9f:8e:d6:
93:eb:7a:a4:ae:b8:88:a9:2e:33:7e:27:06:f0:6e:f6:55:0c:
c0:e7:f2:7e:f3:c0:03:3d:45:3c:b3:bf:1e:e3:3f:f9:a2:58:
82:3a:f0:f1:92:ff:01:1a:b4:57:bf:66:8f:d4:0c:05:28:1c:
75:2f:ba:38:0f:73:18:4e:66:83:14:77:92:a0:2b:43:fa:fc:
65:01:10:c6:ff:7d:b2:a7:8d:4a:e7:f5:74:54:7e:78:5f:eb:
66:2c:5a:c3:c2:7a:2d:55:e4:53:c5:1e:44:47:a3:6d:74:87:
f4:5a:6b:6c:d4:b4:04:ca:a3:5d:9c:62:9a:76:ef:0a:7e:33:
cc:9f:4a:f2:80:bd:d4:4f:29:21:56:1d:41:1b:ac:b2:44:f7:
e1:01:62:86:3b:29:ec:da:2b:25:ee:f7:03:34:3e:df:ae:06:
89:ad:7b:aa
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGwTPNv83LP3AhXdH5UGb5w9HUXswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUxMDRaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzYmU1NzlmZTRlN2MyYmE3ZTIwYWJiN2E5OGM3NWVhODI5NDE0ODg4MTE5
MjYzM2EyYzBlOTRjNjhjNGI3MGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXnRVUNwiJXzlsHHLsWc2tN4SMv4Cpk4tX4ujheCpDuroMiSIlNGz4EmR4d
Vy9/dt+RN5aXrBR6AppFpgfN2UIHctG7Lc51WFkFmfTp+F1gCCqaZVhPUkJtsgAX
i52TKMJNPIZ8Frm7CFYicDOqJs3tCEwdl8V9FgxqcEMck4bCblcl+UDWGznHwAY+
/icL9UfnIhxROcXeWtDDdOMfgHWIHK39K9nu0nI0j9hm2ApJEoB1JHS8nRiqZmPB
ck99lbMRf8VnjX7GJwXTMTmdyWK4MinBZUZWyDBTfKzST6AiLpfGCgJg06oVmlCC
VmWDLXk4wpUCERIxyC4G5/dx8PECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQbuAAg
RjiA4ZoKxmFMQLCvZAzsDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQyYmQ3NGItZTUwNy00N2VhLWJiNGUtMzIwNTcxMzZiMmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi6JADAN
BgkqhkiG9w0BAQsFAAOCAQEAmnV/37jHYosXuzxpqBaVdK2rMQuDAq08BfyFz6lw
DDRuD4YCTMhw5H+gDqthNFIZ37WQTHSdOiW3Iql+t8oi6DYuBxbJ2n+ZV+JDxdJ2
aqkqoiKCo44Mn47Wk+t6pK64iKkuM34nBvBu9lUMwOfyfvPAAz1FPLO/HuM/+aJY
gjrw8ZL/ARq0V79mj9QMBSgcdS+6OA9zGE5mgxR3kqArQ/r8ZQEQxv99sqeNSuf1
dFR+eF/rZixaw8J6LVXkU8UeREejbXSH9FprbNS0BMqjXZximnbvCn4zzJ9K8oC9
1E8pIVYdQRusskT34QFihjsp7NorJe73AzQ+364Gia17qg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:14:23 2025 by rpki-client