Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
File: 8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa (raw, json)
Hash identifier: TXCls1Sg54KgnBcUdMb7Jf0cICIbLQJo5bgufbOjhIA=
Subject key identifier: 99:B4:22:AD:38:04:79:A9:D7:C7:F3:84:B1:4B:5D:E1:A7:22:B2:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02AE38F7CA624C9D396B701B1EB01946E95AC4D4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
Signing time: Fri 25 Jul 2025 17:00:04 +0000
ROA not before: Fri 25 Jul 2025 17:00:04 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.192.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:ae:38:f7:ca:62:4c:9d:39:6b:70:1b:1e:b0:19:46:e9:5a:c4:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:04 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=5e332e86d57c908bf718bc55bcdd1bcc4ea34cdd943c87d4c8e9adb15559ff96, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:37:1e:2b:38:d0:60:19:7d:17:ac:6b:2b:ea:
f8:04:c4:e5:5c:52:1d:51:af:87:e3:30:50:26:5a:
22:41:7c:52:d4:69:87:74:c1:60:88:67:55:03:29:
79:df:9f:31:cd:4c:8f:6d:b7:0e:54:69:22:25:9e:
60:b6:08:32:e9:0e:4a:ed:37:1c:ac:89:39:79:cf:
84:06:3a:5c:fc:2d:dc:82:a7:af:fa:1c:ec:59:0e:
8a:39:b3:3f:af:59:f5:69:17:ef:88:f0:33:c7:0a:
fa:07:72:de:02:98:1d:e4:2a:8c:5a:ef:d4:39:a0:
91:b0:18:48:d0:09:7f:a9:d5:4f:ad:25:20:12:94:
ea:92:a9:8f:bd:52:de:9e:ce:2d:f1:9c:1d:6b:17:
3e:9a:6b:f4:73:bb:fa:80:fb:66:35:08:34:a4:4f:
93:3e:7e:3e:58:08:5b:3f:b6:f6:3e:83:4f:e2:9b:
6b:ed:c4:05:92:81:a2:db:66:fd:b9:12:5e:a2:0d:
cf:ed:c0:48:c0:c5:69:b3:f2:fd:55:08:70:db:e3:
bf:84:fe:37:65:23:8b:ba:69:15:7d:2b:d9:a1:c9:
72:f5:eb:d7:88:71:c3:32:3c:12:7b:8f:7d:2a:d7:
cf:15:11:b1:bd:4b:a6:30:f7:96:27:78:a2:5e:46:
fa:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B4:22:AD:38:04:79:A9:D7:C7:F3:84:B1:4B:5D:E1:A7:22:B2:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.192.0/20
Signature Algorithm: sha256WithRSAEncryption
7e:72:21:af:00:dd:23:5d:7b:28:6b:7f:8f:74:1e:40:11:06:
41:8b:46:9e:0d:20:8f:19:41:52:9b:d6:0f:d2:26:34:6e:61:
d7:9c:5f:63:05:f4:6e:4b:30:80:ad:2b:8d:42:58:11:67:a7:
b9:49:75:32:61:61:1b:3e:d9:2d:06:aa:51:70:d1:f0:0a:e2:
e0:ff:a9:d3:2b:1c:1a:33:a8:2d:e4:df:66:12:f9:4c:ae:63:
a4:5e:14:51:2f:65:45:c3:76:a4:75:74:ba:d1:34:2c:3d:d9:
bc:2f:5d:ce:01:2d:8d:63:a4:a7:08:90:f4:92:7f:58:c8:05:
28:45:02:4c:2d:40:ff:16:51:f8:10:46:4c:13:62:38:58:e8:
54:f9:13:86:34:e1:dd:96:75:37:f3:8e:4c:f4:41:62:fe:ae:
96:97:57:97:94:96:99:de:bc:39:3a:47:23:43:1f:89:47:08:
24:16:28:e4:d5:e7:89:23:63:f2:83:a8:31:12:01:98:24:83:
3f:64:75:75:34:51:d0:2c:b0:26:c9:87:af:b8:96:5f:01:14:
99:04:bf:6c:97:02:b6:19:8a:39:9a:b5:f1:3f:34:32:09:7d:
ad:ca:d2:72:22:42:ca:1a:41:f0:e1:61:48:e9:70:f6:4a:e7:
c9:7f:78:dc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAq4498piTJ05a3AbHrAZRulaxNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMDRaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlMzMyZTg2ZDU3YzkwOGJmNzE4YmM1NWJjZGQxYmNjNGVhMzRjZGQ5NDNj
ODdkNGM4ZTlhZGIxNTU1OWZmOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMs3His40GAZfResayvq+ATE5VxSHVGvh+MwUCZaIkF8UtRph3TBYIhnVQMp
ed+fMc1Mj223DlRpIiWeYLYIMukOSu03HKyJOXnPhAY6XPwt3IKnr/oc7FkOijmz
P69Z9WkX74jwM8cK+gdy3gKYHeQqjFrv1DmgkbAYSNAJf6nVT60lIBKU6pKpj71S
3p7OLfGcHWsXPppr9HO7+oD7ZjUINKRPkz5+PlgIWz+29j6DT+Kba+3EBZKBottm
/bkSXqINz+3ASMDFabPy/VUIcNvjv4T+N2Uji7ppFX0r2aHJcvXr14hxwzI8EnuP
fSrXzxURsb1LpjD3lid4ol5G+gUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSZtCKt
OAR5qdfH84SxS13hpyKy3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGFiOTMwODMtMDBmNy00ODQxLThjZWYtNmI1OTI2YjZlM2Y2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4zwDAN
BgkqhkiG9w0BAQsFAAOCAQEAfnIhrwDdI117KGt/j3QeQBEGQYtGng0gjxlBUpvW
D9ImNG5h15xfYwX0bkswgK0rjUJYEWenuUl1MmFhGz7ZLQaqUXDR8Ari4P+p0ysc
GjOoLeTfZhL5TK5jpF4UUS9lRcN2pHV0utE0LD3ZvC9dzgEtjWOkpwiQ9JJ/WMgF
KEUCTC1A/xZR+BBGTBNiOFjoVPkThjTh3ZZ1N/OOTPRBYv6ulpdXl5SWmd68OTpH
I0MfiUcIJBYo5NXniSNj8oOoMRIBmCSDP2R1dTRR0CywJsmHr7iWXwEUmQS/bJcC
thmKOZq18T80Mgl9rcrSciJCyhpB8OFhSOlw9krnyX943A==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:44 2025 by rpki-client