Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
File: ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa (raw, json)
Hash identifier: CBqbs874MNxtJrmf/oOqO8CmMEAsJ1k8ayQJIw+4ETE=
Subject key identifier: 24:0B:80:B7:AB:68:9F:35:57:F1:1E:74:88:9F:04:09:63:2F:4D:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06BC3EDBE38B7325FA73527006EDD019D9627629
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
Signing time: Fri 25 Jul 2025 17:00:26 +0000
ROA not before: Fri 25 Jul 2025 17:00:26 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:bc:3e:db:e3:8b:73:25:fa:73:52:70:06:ed:d0:19:d9:62:76:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:26 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=1b5566ed040b5baccf4acbea845434af709f3089fbb7ea0d40e0e730358dc83c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:92:dc:3d:9a:2f:c7:0d:26:e7:8a:9c:80:05:
d4:23:db:0e:54:04:d7:80:f5:a6:46:1c:2e:e0:82:
ba:c1:cb:87:3b:a9:a1:75:a7:3a:79:79:fa:32:bd:
df:fe:db:24:8b:7d:50:6c:93:c2:14:c2:6a:33:c8:
62:9f:7f:80:f3:72:71:8d:89:17:fe:ca:4c:10:8f:
2a:fc:6c:67:08:db:89:21:42:9d:b4:57:5c:43:24:
38:54:a4:3c:96:d5:3a:93:a4:75:46:2d:20:00:26:
0c:b0:2f:be:d3:8a:1b:1c:1d:85:51:a8:d8:ac:2c:
3c:95:f9:c2:c6:62:16:7c:aa:ec:b0:85:00:30:89:
fd:d8:bd:8d:fa:5e:b2:f4:fd:ad:d9:91:b7:17:a8:
ea:7b:08:25:05:0d:a1:0f:70:6b:3a:b7:b6:9f:81:
00:47:e3:82:09:15:33:55:e9:13:12:6a:40:58:13:
88:41:b7:aa:af:bc:4d:90:23:5e:72:ff:da:38:be:
cd:78:b3:cd:73:5c:1d:26:33:82:11:ff:21:a4:e3:
94:41:2b:65:39:40:9f:82:b8:49:0f:90:0d:75:d0:
e5:73:88:b2:93:c7:d5:1b:27:9b:3a:b0:54:de:b8:
b5:ee:c2:d6:d5:d2:97:55:fc:04:e4:6c:a3:ed:e0:
8e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0B:80:B7:AB:68:9F:35:57:F1:1E:74:88:9F:04:09:63:2F:4D:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
71:ef:d5:c7:f5:dc:40:95:8d:d9:da:17:80:c4:ce:87:4f:7f:
09:6c:af:eb:4f:86:89:05:08:1e:c0:d8:74:a6:cb:cd:2e:5d:
4c:72:ea:8e:b2:e2:2c:c0:0a:26:f1:e9:f7:c4:53:db:d6:76:
d4:0c:c7:82:07:c6:bc:6b:7d:9c:49:6f:b8:38:da:51:32:dd:
b3:0c:42:58:9c:cd:aa:0d:bf:2b:cf:bc:c1:64:0e:ff:05:0a:
d2:7c:b1:b3:5e:19:a1:8e:f7:a0:9f:7b:61:34:15:0b:48:76:
a2:c1:79:0c:28:e6:f8:ee:d8:ba:bc:e3:90:5e:5b:c2:5c:3b:
a3:ca:8d:7f:e1:f1:4e:bb:79:33:88:55:88:97:55:75:a9:e8:
f3:df:bb:6b:b6:cf:e5:f4:bb:4e:97:1f:b8:03:51:7d:18:bb:
3e:2a:46:44:94:96:e4:e7:84:54:cd:88:1a:9e:e5:44:a3:45:
41:76:4f:ad:a1:3f:34:fb:84:c2:9e:4d:1a:33:ff:3e:68:f2:
88:83:b3:7d:f2:0a:09:29:9f:9d:90:e8:69:f7:ce:ea:05:89:
dd:35:0c:27:7b:ce:f3:a6:55:ad:d0:66:05:65:02:6f:e6:54:
1c:37:3e:5f:d3:55:04:d5:7a:df:e7:b7:32:77:84:6f:4f:92:
14:bd:35:e9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBrw+2+OLcyX6c1JwBu3QGdlidikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMjZaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiNTU2NmVkMDQwYjViYWNjZjRhY2JlYTg0NTQzNGFmNzA5ZjMwODlmYmI3
ZWEwZDQwZTBlNzMwMzU4ZGM4M2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqS3D2aL8cNJueKnIAF1CPbDlQE14D1pkYcLuCCusHLhzupoXWnOnl5+jK9
3/7bJIt9UGyTwhTCajPIYp9/gPNycY2JF/7KTBCPKvxsZwjbiSFCnbRXXEMkOFSk
PJbVOpOkdUYtIAAmDLAvvtOKGxwdhVGo2KwsPJX5wsZiFnyq7LCFADCJ/di9jfpe
svT9rdmRtxeo6nsIJQUNoQ9wazq3tp+BAEfjggkVM1XpExJqQFgTiEG3qq+8TZAj
XnL/2ji+zXizzXNcHSYzghH/IaTjlEErZTlAn4K4SQ+QDXXQ5XOIspPH1Rsnmzqw
VN64te7C1tXSl1X8BORso+3gjlsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQkC4C3
q2ifNVfxHnSInwQJYy9N/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQxZmExYTQtNDRkNi00YTRlLTgyYzQtZjMyZDMxNTgzMGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEAce/Vx/XcQJWN2doXgMTOh09/CWyv60+GiQUIHsDY
dKbLzS5dTHLqjrLiLMAKJvHp98RT29Z21AzHggfGvGt9nElvuDjaUTLdswxCWJzN
qg2/K8+8wWQO/wUK0nyxs14ZoY73oJ97YTQVC0h2osF5DCjm+O7YurzjkF5bwlw7
o8qNf+HxTrt5M4hViJdVdano89+7a7bP5fS7TpcfuANRfRi7PipGRJSW5OeEVM2I
Gp7lRKNFQXZPraE/NPuEwp5NGjP/PmjyiIOzffIKCSmfnZDoaffO6gWJ3TUMJ3vO
86ZVrdBmBWUCb+ZUHDc+X9NVBNV63+e3MneEb0+SFL016Q==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:07 2025 by rpki-client