Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
File: b1697edb-eb6c-486d-a5cc-c22724b14f96.roa (raw, json)
Hash identifier: OZFv5SJn7iJ9kJ7FoYRpjAspZZ7kZYSrUU6rNc7Z59Q=
Subject key identifier: 37:C6:6A:BC:EA:20:FB:E9:F2:26:B3:5B:26:CF:F4:99:4E:95:0A:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F54D7EAA454BD3A0B455BB6B06F72A316B8CD99
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
Signing time: Tue 04 Nov 2025 02:50:07 +0000
ROA not before: Tue 04 Nov 2025 02:50:07 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:54:d7:ea:a4:54:bd:3a:0b:45:5b:b6:b0:6f:72:a3:16:b8:cd:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:50:07 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=16c3d4b452809a5b40eb3bc217d7f51d1b7d4db3841eb45eba08b5e407ebfecb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c2:25:2d:4c:62:15:e2:42:0e:16:6f:cf:0c:
1b:23:c1:d3:51:cc:85:5d:ad:4e:9b:ac:02:41:6d:
35:45:ca:99:5b:22:66:3c:5c:b8:e6:21:01:4f:e4:
90:79:11:ed:6a:d5:5d:af:1a:61:66:07:0d:63:f8:
f1:40:20:cd:c2:e8:41:48:22:a0:52:5e:33:49:23:
36:7c:fe:6b:06:f3:48:bb:de:66:f1:fe:d0:2f:3e:
2d:85:2c:bb:fe:9a:d5:c6:ac:fa:b8:7d:61:60:7d:
5d:5d:a4:5c:8b:52:89:3b:94:27:e7:a4:36:0e:2b:
d0:ad:35:90:f4:df:a7:5e:3b:11:12:6e:0f:27:7e:
7e:74:11:31:b4:89:c0:da:02:22:e0:73:c2:f9:85:
9c:95:56:5e:5a:d7:4f:d0:9c:02:c7:0b:a4:27:c6:
22:09:05:ef:42:0f:91:aa:61:c6:fe:c9:59:f1:8b:
35:96:e2:5e:65:93:de:af:b3:51:da:8b:34:a3:3a:
d3:67:61:5e:82:ba:19:46:71:d0:03:8e:13:a9:b2:
30:29:76:bb:07:00:f4:3d:9b:6a:5d:32:54:cc:70:
0b:ef:48:2e:15:d0:67:7b:c2:2c:17:61:2f:90:7d:
ba:87:4a:43:89:d5:7f:6a:20:79:65:01:ae:54:c6:
d7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C6:6A:BC:EA:20:FB:E9:F2:26:B3:5B:26:CF:F4:99:4E:95:0A:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.170.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:f3:06:66:c8:db:2d:ea:25:f9:57:c7:b8:59:74:28:85:c1:
63:04:94:77:af:85:2b:4c:26:9f:83:af:1e:18:ba:6c:96:eb:
20:af:c9:ae:5d:ba:5c:13:ae:e8:97:f4:8d:78:25:a3:ec:80:
5b:d0:c9:86:27:63:87:4b:ea:fa:ea:ce:24:6c:1e:e7:da:3e:
49:ad:29:ee:01:35:c3:13:eb:b0:f4:c7:70:3c:dd:a2:b3:b4:
1b:9d:da:de:aa:89:5d:0e:8b:f2:87:f2:b8:0b:de:33:97:f5:
37:da:27:8d:67:a9:f6:d8:ed:02:97:a1:ae:75:f1:80:bb:32:
58:32:ed:cb:ba:f8:a3:09:41:c2:e8:66:2d:76:96:b3:eb:48:
10:a4:79:e4:9e:a8:d7:06:9e:c3:0e:c0:40:92:f2:c4:cd:25:
d9:f6:d1:ac:63:9e:66:7c:e0:20:45:70:0d:7d:a7:0f:a1:ce:
b8:10:7e:c9:81:b9:d0:5e:4c:62:0e:61:13:7e:12:17:f6:8a:
d8:3e:db:a4:46:5d:97:64:87:ad:f1:09:fc:be:d6:85:5a:f1:
c5:58:93:b7:3e:2f:75:93:b5:d4:90:84:de:5f:52:18:43:d5:
ae:4e:07:24:82:8b:a4:20:79:7e:eb:d2:07:69:63:1f:22:7b:
a1:27:ce:76
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUD1TX6qRUvToLRVu2sG9yoxa4zZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUwMDdaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2YzNkNGI0NTI4MDlhNWI0MGViM2JjMjE3ZDdmNTFkMWI3ZDRkYjM4NDFl
YjQ1ZWJhMDhiNWU0MDdlYmZlY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/CJS1MYhXiQg4Wb88MGyPB01HMhV2tTpusAkFtNUXKmVsiZjxcuOYhAU/k
kHkR7WrVXa8aYWYHDWP48UAgzcLoQUgioFJeM0kjNnz+awbzSLveZvH+0C8+LYUs
u/6a1cas+rh9YWB9XV2kXItSiTuUJ+ekNg4r0K01kPTfp147ERJuDyd+fnQRMbSJ
wNoCIuBzwvmFnJVWXlrXT9CcAscLpCfGIgkF70IPkaphxv7JWfGLNZbiXmWT3q+z
UdqLNKM602dhXoK6GUZx0AOOE6myMCl2uwcA9D2bal0yVMxwC+9ILhXQZ3vCLBdh
L5B9uodKQ4nVf2ogeWUBrlTG12UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ3xmq8
6iD76fIms1smz/SZTpUKYTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE2OTdlZGItZWI2Yy00ODZkLWE1Y2MtYzIyNzI0YjE0Zjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC6JqjAN
BgkqhkiG9w0BAQsFAAOCAQEADfMGZsjbLeol+VfHuFl0KIXBYwSUd6+FK0wmn4Ov
Hhi6bJbrIK/Jrl26XBOu6Jf0jXglo+yAW9DJhidjh0vq+urOJGwe59o+Sa0p7gE1
wxPrsPTHcDzdorO0G53a3qqJXQ6L8ofyuAveM5f1N9onjWep9tjtApehrnXxgLsy
WDLty7r4owlBwuhmLXaWs+tIEKR55J6o1waeww7AQJLyxM0l2fbRrGOeZnzgIEVw
DX2nD6HOuBB+yYG50F5MYg5hE34SF/aK2D7bpEZdl2SHrfEJ/L7WhVrxxViTtz4v
dZO11JCE3l9SGEPVrk4HJIKLpCB5fuvSB2ljHyJ7oSfOdg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:29:48 2025 by rpki-client