Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
File: 968c7897-1d8d-4c3a-b38e-6602ae947f34.roa (raw, json)
Hash identifier: R6wpLTo8faZKEoTu1EYtWtD/RxLIjiar1JuvoEDiTEQ=
Subject key identifier: 9E:C0:43:FB:0E:C1:25:F3:07:73:A5:88:06:4A:03:87:47:24:52:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FFBEC405F55A7FC1F429C1DF219DA2DE755C052
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
Signing time: Fri 25 Jul 2025 16:51:21 +0000
ROA not before: Fri 25 Jul 2025 16:51:21 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.208.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:fb:ec:40:5f:55:a7:fc:1f:42:9c:1d:f2:19:da:2d:e7:55:c0:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:21 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=6997407e3ea7c4d0bbc194d8ae962efbe6e5b5dccc4cd3a9753e53a305821297, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bd:be:08:f1:c2:ef:2c:6c:e8:d4:b5:52:75:
5f:26:f3:7d:c6:51:82:9c:16:fd:85:04:79:58:12:
20:41:93:73:5e:d0:5d:2e:30:d2:41:ea:6d:94:01:
c0:87:e9:96:3f:ca:df:c3:06:3b:ce:0f:33:c0:f0:
b9:38:7c:70:ca:17:b1:0d:46:b8:2a:55:fd:72:3f:
44:d1:11:9d:bb:0b:bb:dd:ea:04:71:a6:ca:a5:6e:
2e:57:fc:af:c8:bf:bb:d5:94:10:17:7b:d1:58:27:
ef:c4:96:90:13:7c:4a:7e:a0:2a:ac:6d:ea:95:ee:
f0:c3:bc:39:99:b9:98:d3:88:88:e6:f0:43:b5:a1:
3b:c1:ca:8a:90:85:3b:2e:57:18:73:3a:64:07:31:
e5:eb:55:3f:d7:e3:73:fe:04:7e:1d:76:d1:03:58:
c4:fc:aa:8b:1f:59:2d:18:4d:9b:74:a6:c3:e7:1d:
01:49:fe:77:25:d3:d6:e4:48:2e:10:de:32:ba:67:
d4:b1:47:64:32:9e:76:b5:a4:ca:38:d3:6f:b6:20:
46:56:ea:08:be:64:ad:8a:74:e0:15:41:56:af:cb:
d1:62:43:fe:78:65:81:22:ec:93:ac:21:0d:9c:74:
55:53:07:a8:92:02:b4:e7:b1:5b:6e:2d:fb:4a:67:
39:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C0:43:FB:0E:C1:25:F3:07:73:A5:88:06:4A:03:87:47:24:52:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.208.0/21
Signature Algorithm: sha256WithRSAEncryption
9d:cb:9f:d4:20:d5:e9:ba:2b:66:52:58:f8:eb:2c:73:e2:90:
c5:03:ab:24:47:70:ed:f4:c6:e0:5a:5f:db:69:36:d0:56:ba:
f0:8c:98:ed:98:e3:99:97:af:d1:f9:8d:10:a2:6d:2d:c9:4b:
c2:40:b9:6e:52:49:71:42:e7:5d:c7:e6:00:d6:a9:06:c9:79:
9b:25:5e:64:3c:d9:0a:c7:4e:09:7b:f4:7d:d3:c9:4e:57:28:
7f:4d:b3:0a:11:ed:47:57:74:5b:d7:97:e9:41:e4:f6:16:4c:
d6:a9:4a:a9:31:66:a9:bb:26:7b:93:ae:9c:9b:9a:09:f5:1b:
91:94:98:1d:d2:35:0b:ed:8c:fc:c0:d8:56:96:eb:e1:da:70:
41:00:4a:d4:a1:0e:85:b0:94:f5:80:9f:c4:05:ef:66:9a:fb:
bb:e8:e9:b4:9c:c3:52:b9:d0:d0:40:c5:d8:e2:ae:64:1b:ca:
e5:85:91:f2:e8:1f:88:10:ab:fd:db:82:1b:f3:bf:d4:0b:d4:
49:a4:e7:c3:7a:5c:d1:b2:9a:ff:39:a6:1a:f6:4c:f8:57:7f:
b0:00:0e:d2:b0:8b:14:1a:a5:e2:1e:f0:ad:58:94:c9:d7:6d:
20:cf:82:9a:9e:44:66:26:5c:cf:bb:51:b9:99:de:f0:54:5a:
25:53:53:95
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUX/vsQF9Vp/wfQpwd8hnaLedVwFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMjFaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5OTc0MDdlM2VhN2M0ZDBiYmMxOTRkOGFlOTYyZWZiZTZlNWI1ZGNjYzRj
ZDNhOTc1M2U1M2EzMDU4MjEyOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJq9vgjxwu8sbOjUtVJ1XybzfcZRgpwW/YUEeVgSIEGTc17QXS4w0kHqbZQB
wIfplj/K38MGO84PM8DwuTh8cMoXsQ1GuCpV/XI/RNERnbsLu93qBHGmyqVuLlf8
r8i/u9WUEBd70Vgn78SWkBN8Sn6gKqxt6pXu8MO8OZm5mNOIiObwQ7WhO8HKipCF
Oy5XGHM6ZAcx5etVP9fjc/4Efh120QNYxPyqix9ZLRhNm3Smw+cdAUn+dyXT1uRI
LhDeMrpn1LFHZDKedrWkyjjTb7YgRlbqCL5krYp04BVBVq/L0WJD/nhlgSLsk6wh
DZx0VVMHqJICtOexW24t+0pnOYsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSewEP7
DsEl8wdzpYgGSgOHRyRSPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTY4Yzc4OTctMWQ4ZC00YzNhLWIzOGUtNjYwMmFlOTQ3ZjM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6J0DAN
BgkqhkiG9w0BAQsFAAOCAQEAncuf1CDV6borZlJY+Ossc+KQxQOrJEdw7fTG4Fpf
22k20Fa68IyY7ZjjmZev0fmNEKJtLclLwkC5blJJcULnXcfmANapBsl5myVeZDzZ
CsdOCXv0fdPJTlcof02zChHtR1d0W9eX6UHk9hZM1qlKqTFmqbsme5OunJuaCfUb
kZSYHdI1C+2M/MDYVpbr4dpwQQBK1KEOhbCU9YCfxAXvZpr7u+jptJzDUrnQ0EDF
2OKuZBvK5YWR8ugfiBCr/duCG/O/1AvUSaTnw3pc0bKa/zmmGvZM+Fd/sAAO0rCL
FBql4h7wrViUyddtIM+Cmp5EZiZcz7tRuZne8FRaJVNTlQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:19 2025 by rpki-client