Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
File: ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa (raw, json)
Hash identifier: Gq6VnZGwxZlV5/byRiWWjgwosEAW8UxboSCYEHshPhc=
Subject key identifier: 49:CB:39:2A:7D:2E:21:21:7D:20:0F:2A:8E:CD:A1:52:01:D7:1F:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12DFE08F2367031B7910B12AD9843DE42B375898
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
Signing time: Tue 04 Nov 2025 03:00:13 +0000
ROA not before: Tue 04 Nov 2025 03:00:13 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 14618
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:df:e0:8f:23:67:03:1b:79:10:b1:2a:d9:84:3d:e4:2b:37:58:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 03:00:13 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=c514b0a06ca7f8d78581199480a59fb29e90b2a5dc0969d92dc25c91d1516b60, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e3:62:1e:f3:6b:5a:66:8b:26:dd:e6:a1:90:
b3:e8:1c:a8:e5:98:a6:c1:c5:4b:42:88:8e:30:46:
ed:0c:2e:07:58:1f:3e:d3:5f:8a:d6:13:61:bd:13:
a9:b3:e3:fe:c8:52:97:9f:f4:86:32:a6:bc:ad:c0:
c5:54:96:62:24:61:f3:41:16:a3:dc:8e:d6:60:c4:
3a:80:ce:b1:55:16:d0:c7:d6:88:cf:73:79:ff:bf:
79:05:10:ae:db:f6:e3:ff:ca:79:ab:37:de:18:16:
07:10:4e:aa:20:33:f1:a3:6c:da:45:db:68:40:fa:
c7:9c:0b:06:40:ae:30:74:b5:a2:b9:d7:cc:d3:86:
1f:3c:e3:fc:f1:4d:ba:af:d1:d0:ee:7c:35:da:6e:
b7:33:aa:05:7b:13:f0:65:19:72:0b:f1:13:f9:f6:
8f:a3:74:52:e3:c7:41:14:e9:e3:c0:2e:4c:3c:20:
ef:2b:8e:ed:d2:fc:25:46:db:32:04:3a:9d:e7:40:
e5:07:40:3c:ac:b4:89:be:07:54:37:2e:cd:3f:a4:
40:2b:a9:a9:f2:dd:30:e6:2c:8d:2a:a4:85:55:09:
43:d5:c0:e5:0b:4a:7d:3b:3e:41:79:9c:a4:ae:f2:
e6:44:98:2a:55:a5:9f:e9:3f:c8:d4:a5:a5:f5:7d:
36:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:CB:39:2A:7D:2E:21:21:7D:20:0F:2A:8E:CD:A1:52:01:D7:1F:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:e2:e9:06:26:a8:5c:ab:79:58:3c:06:1e:e9:12:bb:34:9c:
cb:80:b8:57:d7:b3:c5:db:73:c8:b1:a8:52:df:14:e3:26:83:
b3:32:8a:1c:03:ba:f2:f6:f0:d7:26:e2:08:45:c1:ec:ce:76:
8a:f0:08:50:c9:4b:a3:4d:4c:7d:57:c5:53:f9:ea:cc:ae:ba:
16:12:17:a3:57:1a:28:69:6d:2d:2a:c5:d2:fb:01:21:5b:b1:
fc:85:85:9d:63:79:a9:9d:82:3f:f4:5f:f1:dc:0a:35:d9:0b:
82:7c:49:c0:c6:f6:f3:83:df:54:ce:a2:b7:be:c7:6c:1f:6c:
22:6f:d4:bd:78:90:25:62:4d:0e:89:79:bc:46:c4:f4:fd:de:
47:98:c6:34:85:1a:2a:09:33:5f:e8:4a:b5:5b:97:29:c3:cb:
af:e0:7d:ae:a8:a0:eb:7b:8a:e1:1a:b0:e4:e7:8a:d0:8e:68:
48:8a:af:ba:ad:69:62:9e:b4:f1:4d:39:59:4e:d3:64:08:54:
ce:84:18:6b:df:0c:93:cc:24:b7:a8:2e:70:bc:da:f9:9a:17:
94:90:1a:ce:9f:77:6c:1a:6f:16:2f:35:a9:74:97:3c:40:75:
b9:b5:ec:f9:56:13:85:73:05:7f:20:6d:18:b0:a1:d9:49:6f:
17:61:dd:ad
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEt/gjyNnAxt5ELEq2YQ95Cs3WJgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMzAwMTNaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1MTRiMGEwNmNhN2Y4ZDc4NTgxMTk5NDgwYTU5ZmIyOWU5MGIyYTVkYzA5
NjlkOTJkYzI1YzkxZDE1MTZiNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/jYh7za1pmiybd5qGQs+gcqOWYpsHFS0KIjjBG7QwuB1gfPtNfitYTYb0T
qbPj/shSl5/0hjKmvK3AxVSWYiRh80EWo9yO1mDEOoDOsVUW0MfWiM9zef+/eQUQ
rtv24//Keas33hgWBxBOqiAz8aNs2kXbaED6x5wLBkCuMHS1ornXzNOGHzzj/PFN
uq/R0O58NdputzOqBXsT8GUZcgvxE/n2j6N0UuPHQRTp48AuTDwg7yuO7dL8JUbb
MgQ6nedA5QdAPKy0ib4HVDcuzT+kQCupqfLdMOYsjSqkhVUJQ9XA5QtKfTs+QXmc
pK7y5kSYKlWln+k/yNSlpfV9NnkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRJyzkq
fS4hIX0gDyqOzaFSAdcfRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQxZmExYTQtNDRkNi00YTRlLTgyYzQtZjMyZDMxNTgzMGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEAPeLpBiaoXKt5WDwGHukSuzScy4C4V9ezxdtzyLGo
Ut8U4yaDszKKHAO68vbw1ybiCEXB7M52ivAIUMlLo01MfVfFU/nqzK66FhIXo1ca
KGltLSrF0vsBIVux/IWFnWN5qZ2CP/Rf8dwKNdkLgnxJwMb284PfVM6it77HbB9s
Im/UvXiQJWJNDol5vEbE9P3eR5jGNIUaKgkzX+hKtVuXKcPLr+B9rqig63uK4Rqw
5OeK0I5oSIqvuq1pYp608U05WU7TZAhUzoQYa98Mk8wkt6gucLza+ZoXlJAazp93
bBpvFi81qXSXPEB1ubXs+VYThXMFfyBtGLCh2UlvF2HdrQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:43:55 2025 by rpki-client