Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
File: 8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa (raw, json)
Hash identifier: RevZLD8LUFv/i8MHW3lDuPiDqAysMXxTkUhVima+Iow=
Subject key identifier: 91:07:9F:44:1C:82:6B:D3:E0:19:55:F0:83:A3:1E:68:53:FE:5E:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14FFCD8FCCB6DF7C3857446F199F06B8B2E65B96
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
Signing time: Tue 04 Nov 2025 02:51:07 +0000
ROA not before: Tue 04 Nov 2025 02:51:07 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.192.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:ff:cd:8f:cc:b6:df:7c:38:57:44:6f:19:9f:06:b8:b2:e6:5b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:51:07 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=9ffeb165c8a2b884e62d710f84940c6f95b46a4ba37803d6e7ab06e0f954b271, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c3:e7:6d:0f:6e:fc:01:c2:7c:b8:50:2a:08:
6d:1d:97:0d:b3:2c:eb:59:a5:33:dd:30:c6:92:81:
66:68:c6:5b:0d:b4:4d:07:ee:13:9a:13:4c:1d:c4:
ce:6c:92:25:e5:05:a1:18:42:74:41:2e:c8:a3:3a:
1a:c7:57:1d:3d:93:38:b2:35:8a:61:61:6e:f5:4f:
b5:15:6a:76:c0:30:be:c9:45:4e:c4:a4:86:53:ef:
51:76:94:f7:ea:4d:69:08:c1:77:e8:6c:30:ab:fa:
8e:e3:2d:af:14:28:36:3b:2a:8a:a1:ab:39:08:74:
08:04:10:12:4b:ff:7b:51:f9:50:c5:68:df:8a:fb:
6b:fe:bd:72:bd:f3:4d:f6:cc:29:4e:33:b0:d8:2e:
bc:90:ff:b6:80:ec:18:d9:11:a9:96:c9:ed:f4:94:
8e:ac:ce:e8:04:1a:19:e4:6c:7e:2c:a7:28:8f:c8:
eb:28:ed:26:6d:ee:55:f6:b5:fe:f2:03:ff:c6:8d:
fa:f1:fd:3d:91:5a:ab:e5:7e:35:cd:eb:72:a6:90:
99:51:9f:7f:90:8c:c3:89:35:83:e8:a8:53:4e:6f:
e6:69:f0:41:b2:17:9a:e4:da:7b:b0:d4:5d:04:c2:
d9:9c:fc:89:ff:62:2d:09:43:00:b3:cb:6c:5d:0c:
07:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:07:9F:44:1C:82:6B:D3:E0:19:55:F0:83:A3:1E:68:53:FE:5E:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.192.0/20
Signature Algorithm: sha256WithRSAEncryption
9b:f4:16:89:27:f6:5d:b5:26:07:7b:3c:ed:9b:b3:15:ad:33:
e0:61:39:d8:d3:05:55:b2:96:92:98:4c:8c:b2:73:56:2d:f4:
96:23:47:55:ac:bb:4d:ed:0c:f6:73:b2:80:15:2c:cb:6f:7c:
59:c4:b1:db:66:2b:85:31:40:13:d2:b9:b8:4d:16:e8:1d:78:
6a:9b:9d:32:da:50:26:35:c6:24:b1:2f:a0:75:c6:81:b5:21:
4e:de:2a:1d:8e:b7:c3:ba:bc:f8:c5:d2:a6:00:aa:f9:12:61:
50:42:77:b4:ea:d6:11:d8:a9:5d:b2:57:e7:e3:64:06:73:39:
9f:83:df:28:fd:03:d3:16:56:96:49:10:d2:34:dd:96:17:6f:
4f:8c:c9:ec:fe:6b:1f:26:72:10:46:4f:9c:11:21:0a:f7:21:
cd:c8:07:56:17:0c:b1:43:7d:70:0c:aa:5e:b4:7b:e0:b1:f7:
3b:6d:ef:8c:de:8a:e1:85:fe:1c:6c:f5:15:0b:17:64:c8:e8:
3d:77:a4:f6:06:52:d3:23:88:01:04:9a:b7:44:fb:98:14:c0:
61:3f:16:81:17:9c:7b:3c:d4:60:c2:5d:95:4b:f7:c4:ed:a1:
8e:26:a2:b6:9b:78:3d:9a:59:5b:34:01:b4:f7:31:b4:e3:a1:
42:14:a4:f0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFP/Nj8y233w4V0RvGZ8GuLLmW5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUxMDdaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmZmViMTY1YzhhMmI4ODRlNjJkNzEwZjg0OTQwYzZmOTViNDZhNGJhMzc4
MDNkNmU3YWIwNmUwZjk1NGIyNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTD520PbvwBwny4UCoIbR2XDbMs61mlM90wxpKBZmjGWw20TQfuE5oTTB3E
zmySJeUFoRhCdEEuyKM6GsdXHT2TOLI1imFhbvVPtRVqdsAwvslFTsSkhlPvUXaU
9+pNaQjBd+hsMKv6juMtrxQoNjsqiqGrOQh0CAQQEkv/e1H5UMVo34r7a/69cr3z
TfbMKU4zsNguvJD/toDsGNkRqZbJ7fSUjqzO6AQaGeRsfiynKI/I6yjtJm3uVfa1
/vID/8aN+vH9PZFaq+V+Nc3rcqaQmVGff5CMw4k1g+ioU05v5mnwQbIXmuTae7DU
XQTC2Zz8if9iLQlDALPLbF0MB1cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSRB59E
HIJr0+AZVfCDox5oU/5ebzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGFiOTMwODMtMDBmNy00ODQxLThjZWYtNmI1OTI2YjZlM2Y2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4zwDAN
BgkqhkiG9w0BAQsFAAOCAQEAm/QWiSf2XbUmB3s87ZuzFa0z4GE52NMFVbKWkphM
jLJzVi30liNHVay7Te0M9nOygBUsy298WcSx22YrhTFAE9K5uE0W6B14apudMtpQ
JjXGJLEvoHXGgbUhTt4qHY63w7q8+MXSpgCq+RJhUEJ3tOrWEdipXbJX5+NkBnM5
n4PfKP0D0xZWlkkQ0jTdlhdvT4zJ7P5rHyZyEEZPnBEhCvchzcgHVhcMsUN9cAyq
XrR74LH3O23vjN6K4YX+HGz1FQsXZMjoPXek9gZS0yOIAQSat0T7mBTAYT8WgRec
ezzUYMJdlUv3xO2hjiaitpt4PZpZWzQBtPcxtOOhQhSk8A==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:43:45 2025 by rpki-client