Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
File: 9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa (raw, json)
Hash identifier: ZR7LXMWFhkUl4TepJfP/3nbC/HGhsYoR8ESiIv1Z1zk=
Subject key identifier: DE:E7:80:00:AE:F4:91:C6:5F:15:B5:8D:FA:28:7E:7E:CD:D8:0F:47
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 108EFC2395AFEFFE69C26DA8C29D50E29C1284F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
Signing time: Fri 25 Jul 2025 16:51:10 +0000
ROA not before: Fri 25 Jul 2025 16:51:10 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.216.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:8e:fc:23:95:af:ef:fe:69:c2:6d:a8:c2:9d:50:e2:9c:12:84:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:10 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=a18b1e4ba20b7780099fd3c84d0617f159ab8856e8b14ba27c9b39cb3cc9c7ac, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:47:d2:84:56:3d:a1:64:29:62:e0:49:f5:91:
78:58:43:c9:91:c4:4b:ed:bc:4e:52:36:aa:1b:55:
3f:c4:6f:4f:f0:a1:6f:0b:bc:f3:a4:e0:51:5a:7b:
e9:16:35:a2:df:8c:c1:88:ad:c6:bf:38:c3:5b:85:
80:25:0f:a9:75:06:4b:44:0b:29:41:d7:48:ac:2f:
70:14:37:1f:bc:4d:57:b1:10:eb:86:cb:77:96:74:
77:56:02:14:f3:16:46:bf:ad:f0:f5:28:53:7e:15:
70:73:3d:82:05:b7:c6:0d:44:48:6b:a2:2b:c2:d5:
da:31:b4:db:08:05:31:f5:af:c5:a7:d4:32:1f:b7:
6a:b6:b0:d3:2d:2e:a7:e3:01:26:4f:47:12:15:22:
86:b9:ca:27:cb:98:02:ac:32:bd:60:9e:03:9e:0d:
56:72:67:99:c4:d2:d2:2e:6a:fa:42:d4:aa:c6:d2:
31:5b:d1:21:d6:ac:26:70:97:1d:6e:4d:4a:f4:5f:
c8:aa:df:15:83:81:63:47:b3:20:56:a3:3e:a6:f2:
18:20:1e:6d:c0:98:bf:51:92:8d:18:5a:f9:d7:28:
38:bf:ae:30:eb:0b:88:9a:0c:c7:c0:cd:84:d8:f1:
8e:6c:09:2c:7e:34:73:e3:06:25:f7:3f:14:5d:f2:
10:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E7:80:00:AE:F4:91:C6:5F:15:B5:8D:FA:28:7E:7E:CD:D8:0F:47
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.216.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:e9:df:ba:49:cf:49:4a:7f:3e:37:a8:e6:6f:bb:ff:75:32:
b9:e6:bd:d7:8a:33:88:38:ab:d3:97:92:2c:7a:87:c8:09:2d:
10:26:32:2c:a8:e4:4e:c9:9e:f4:81:31:c7:f5:23:d7:08:58:
b4:48:15:b8:dd:2c:09:d0:03:97:89:16:cc:97:dc:93:26:d8:
a5:48:55:48:29:4c:62:d2:a9:59:e7:a3:e3:67:b5:1f:73:da:
cf:4e:d3:73:eb:dd:8e:ce:30:4e:e5:0b:5b:7c:4a:ba:c5:4a:
c3:28:7c:f3:0d:91:92:46:f6:18:26:71:c4:40:9c:66:e0:87:
04:60:67:db:a4:d5:60:77:94:08:a1:20:75:26:74:60:51:36:
4d:f3:f8:76:4b:e4:21:b3:61:b5:32:34:ff:9d:a8:c6:95:68:
e7:d2:4b:77:7b:df:16:03:9c:2f:03:26:4e:e3:78:ae:54:73:
11:ad:45:04:a9:dd:30:2c:64:19:29:1f:95:e5:7c:27:84:1d:
03:5c:f0:9f:bb:22:e2:45:b5:4e:fb:97:47:69:41:05:21:c7:
f5:a2:b4:65:af:44:4f:39:8a:bf:da:57:ff:26:82:69:31:f6:
70:72:19:99:13:a7:8b:00:66:25:19:10:a5:14:06:b3:4f:29:
a9:2a:33:eb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEI78I5Wv7/5pwm2owp1Q4pwShPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMTBaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGExOGIxZTRiYTIwYjc3ODAwOTlmZDNjODRkMDYxN2YxNTlhYjg4NTZlOGIx
NGJhMjdjOWIzOWNiM2NjOWM3YWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPBH0oRWPaFkKWLgSfWReFhDyZHES+28TlI2qhtVP8RvT/Chbwu886TgUVp7
6RY1ot+MwYitxr84w1uFgCUPqXUGS0QLKUHXSKwvcBQ3H7xNV7EQ64bLd5Z0d1YC
FPMWRr+t8PUoU34VcHM9ggW3xg1ESGuiK8LV2jG02wgFMfWvxafUMh+3araw0y0u
p+MBJk9HEhUihrnKJ8uYAqwyvWCeA54NVnJnmcTS0i5q+kLUqsbSMVvRIdasJnCX
HW5NSvRfyKrfFYOBY0ezIFajPqbyGCAebcCYv1GSjRha+dcoOL+uMOsLiJoMx8DN
hNjxjmwJLH40c+MGJfc/FF3yEIcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTe54AA
rvSRxl8VtY36KH5+zdgPRzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWI2ZWEyYzMtYzI1Yi00OTJjLTk1NDctN2M1ZGRiNzVkMTVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6J2DAN
BgkqhkiG9w0BAQsFAAOCAQEApenfuknPSUp/Pjeo5m+7/3Uyuea914oziDir05eS
LHqHyAktECYyLKjkTsme9IExx/Uj1whYtEgVuN0sCdADl4kWzJfckybYpUhVSClM
YtKpWeej42e1H3Paz07Tc+vdjs4wTuULW3xKusVKwyh88w2Rkkb2GCZxxECcZuCH
BGBn26TVYHeUCKEgdSZ0YFE2TfP4dkvkIbNhtTI0/52oxpVo59JLd3vfFgOcLwMm
TuN4rlRzEa1FBKndMCxkGSkfleV8J4QdA1zwn7si4kW1TvuXR2lBBSHH9aK0Za9E
TzmKv9pX/yaCaTH2cHIZmROniwBmJRkQpRQGs08pqSoz6w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:37 2025 by rpki-client