Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
File: 9c3be55c-de0f-4901-938e-229a296fa31f.roa (raw, json)
Hash identifier: ktt/pxkrowc5gRusL69w9R15F17RakxR6laWdwq+wF8=
Subject key identifier: A2:86:95:10:28:35:E5:28:F5:5F:D8:7D:9A:FA:4E:B2:72:A3:B1:11
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D6F500AF4B6941BD1007C8642DC342299EA8A62
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
Signing time: Fri 25 Jul 2025 16:51:07 +0000
ROA not before: Fri 25 Jul 2025 16:51:07 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.168.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:6f:50:0a:f4:b6:94:1b:d1:00:7c:86:42:dc:34:22:99:ea:8a:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:07 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=9fe8a949b047ab8167057acebb87196d4293fbead57e34e34325008000bcb824, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:88:ed:15:60:42:b3:93:c1:31:f1:76:4a:81:
de:3c:fa:9d:64:71:b4:fd:b8:d4:7d:04:9b:1b:f0:
3f:ae:15:3e:30:88:d8:09:92:81:de:d1:db:15:f3:
62:e4:2e:29:1f:de:92:ea:e0:9d:9f:41:f4:34:fb:
42:48:f0:6c:46:c5:8c:b3:b7:0c:49:62:08:d2:81:
37:6d:bf:ed:82:de:0e:0e:5b:7a:61:a8:99:d0:49:
a1:c9:69:47:21:44:80:74:75:e7:ea:c4:84:3e:2f:
8d:fd:09:4e:04:d7:c3:68:a6:a0:b8:6a:0c:fe:33:
ba:24:8c:2c:b0:c6:d5:df:7e:de:40:80:97:8b:a8:
32:cd:d0:be:0f:50:53:73:46:a5:4a:21:0a:df:7a:
f1:c0:7a:9a:d3:e9:ab:de:7c:e5:e9:27:88:09:82:
19:07:95:b7:ed:47:4d:18:ed:7d:f2:30:96:7e:a2:
a9:f5:90:ab:fa:a8:0d:28:99:44:67:c5:b7:f7:d5:
a1:72:26:87:2d:a8:22:b9:3d:24:9c:93:9e:45:7a:
9f:80:8f:e4:89:e3:f3:8e:89:22:e4:c5:6a:8d:07:
c6:ac:ce:08:53:57:79:69:d5:6d:80:ee:81:43:d3:
ab:43:ff:5b:08:76:46:46:52:49:af:d6:dd:94:8b:
24:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:86:95:10:28:35:E5:28:F5:5F:D8:7D:9A:FA:4E:B2:72:A3:B1:11
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.168.0/23
Signature Algorithm: sha256WithRSAEncryption
29:1b:1d:4f:c1:1d:3a:f3:b3:80:85:ad:de:94:71:c7:ce:1d:
0f:63:0a:a4:8b:c4:88:9d:34:5b:0d:88:53:57:c0:8e:0c:5a:
77:12:89:19:27:9f:35:31:96:da:b0:2d:ab:86:d6:6a:64:e5:
54:be:40:b3:ec:3c:82:af:e9:d1:a7:a9:10:db:ac:6b:c9:0b:
24:01:54:77:bd:3a:36:b5:26:28:1c:c6:a0:3d:1e:8c:a4:1a:
91:18:f0:43:5e:6a:00:9b:67:07:6c:14:d0:b1:69:fd:76:f8:
5b:80:34:4f:c6:0c:37:24:aa:06:f9:1a:64:0e:df:96:08:1a:
f9:45:14:89:51:7d:c5:1d:01:55:0b:4f:fe:ea:72:1e:5b:4d:
8a:bf:c8:64:40:2f:c0:56:78:1f:d1:6b:82:5c:f9:17:44:32:
e3:8d:86:40:32:86:98:74:bf:b5:7e:86:d9:d2:09:13:5e:0b:
5d:95:31:61:3c:0b:37:7c:96:e1:53:f4:4b:70:39:a8:8c:cb:
1e:cc:d2:e0:0e:de:72:c7:4c:f5:87:61:ba:f8:e8:4d:8d:20:
43:35:f6:b8:2f:58:7b:fa:38:7b:bc:06:1e:28:be:29:a9:e9:
a3:8c:5b:74:66:34:d3:43:e6:61:4c:c6:b8:6d:72:b6:a4:5f:
59:66:f5:6b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXW9QCvS2lBvRAHyGQtw0IpnqimIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMDdaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmZThhOTQ5YjA0N2FiODE2NzA1N2FjZWJiODcxOTZkNDI5M2ZiZWFkNTdl
MzRlMzQzMjUwMDgwMDBiY2I4MjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIaI7RVgQrOTwTHxdkqB3jz6nWRxtP241H0EmxvwP64VPjCI2AmSgd7R2xXz
YuQuKR/ekurgnZ9B9DT7QkjwbEbFjLO3DEliCNKBN22/7YLeDg5bemGomdBJoclp
RyFEgHR15+rEhD4vjf0JTgTXw2imoLhqDP4zuiSMLLDG1d9+3kCAl4uoMs3Qvg9Q
U3NGpUohCt968cB6mtPpq9585ekniAmCGQeVt+1HTRjtffIwln6iqfWQq/qoDSiZ
RGfFt/fVoXImhy2oIrk9JJyTnkV6n4CP5Inj846JIuTFao0HxqzOCFNXeWnVbYDu
gUPTq0P/Wwh2RkZSSa/W3ZSLJKMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSihpUQ
KDXlKPVf2H2a+k6ycqOxETAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWMzYmU1NWMtZGUwZi00OTAxLTkzOGUtMjI5YTI5NmZhMzFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS6JqDAN
BgkqhkiG9w0BAQsFAAOCAQEAKRsdT8EdOvOzgIWt3pRxx84dD2MKpIvEiJ00Ww2I
U1fAjgxadxKJGSefNTGW2rAtq4bWamTlVL5As+w8gq/p0aepENusa8kLJAFUd706
NrUmKBzGoD0ejKQakRjwQ15qAJtnB2wU0LFp/Xb4W4A0T8YMNySqBvkaZA7flgga
+UUUiVF9xR0BVQtP/upyHltNir/IZEAvwFZ4H9Frglz5F0Qy442GQDKGmHS/tX6G
2dIJE14LXZUxYTwLN3yW4VP0S3A5qIzLHszS4A7ecsdM9YdhuvjoTY0gQzX2uC9Y
e/o4e7wGHii+Kanpo4xbdGY000PmYUzGuG1ytqRfWWb1aw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:51 2025 by rpki-client