Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
File: b1697edb-eb6c-486d-a5cc-c22724b14f96.roa (raw, json)
Hash identifier: JR+D7Y0pNiTvvgTjkJ271tZ/EPjRvJsgCjdFPigFP24=
Subject key identifier: E1:70:74:4E:87:30:DC:A7:6D:D5:F5:8C:F0:18:AF:9C:3B:68:0B:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A50ACF2E3CC9D595E4AF5BA19007E4773021916
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
Signing time: Fri 25 Jul 2025 16:50:49 +0000
ROA not before: Fri 25 Jul 2025 16:50:49 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:50:ac:f2:e3:cc:9d:59:5e:4a:f5:ba:19:00:7e:47:73:02:19:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:49 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=9aeaa7440dd85cfbdf28fcdd517a90620663442284fae24176006ded903db7fc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ad:cf:1a:0d:5a:2d:36:65:59:c2:59:c3:a0:
d3:f1:1b:48:67:5c:87:69:d8:23:bc:aa:1b:d2:22:
bc:b8:f3:cb:7c:4c:7e:27:d4:f2:61:4f:d7:0e:09:
e3:21:d9:28:ee:9b:b3:8b:75:4e:40:50:7c:a2:de:
4f:70:e4:de:7c:96:4a:13:4f:57:d6:9b:56:1c:7c:
22:f4:f5:41:2f:0a:88:78:50:34:2e:1d:09:74:77:
8e:fe:2f:7b:e7:63:b4:6a:e8:39:b0:17:92:57:da:
a8:94:86:3b:e7:c7:f8:91:6f:f1:56:ca:be:ea:bf:
bc:6d:e3:a6:d4:17:23:a3:e2:7b:3e:29:65:84:2b:
ea:0a:d3:35:e4:f3:45:9c:41:93:85:e3:1e:76:75:
0d:4b:36:c1:37:f8:ad:76:2d:f2:ae:16:21:50:6b:
33:71:42:76:98:da:d9:e1:45:b6:82:b4:65:02:cd:
ba:80:91:fd:cf:8f:5e:b8:83:d1:c5:21:b6:33:e8:
25:77:9b:6b:a1:d4:66:58:ae:d6:a7:66:1f:90:52:
f3:b9:1d:c3:e2:b1:7c:90:07:28:f2:c3:61:91:19:
46:42:d4:3a:e9:69:99:2a:b5:fc:b9:05:ae:4d:da:
2a:7a:5d:94:82:f3:9a:2b:c7:08:b8:f0:db:32:ca:
cd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:70:74:4E:87:30:DC:A7:6D:D5:F5:8C:F0:18:AF:9C:3B:68:0B:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.170.0/24
Signature Algorithm: sha256WithRSAEncryption
49:bd:b8:3d:13:ba:33:61:68:8e:06:de:4b:b4:b0:42:02:4a:
8e:ed:54:66:07:5e:d8:1f:d9:49:ed:59:26:ae:76:1c:40:a6:
2d:42:bd:ca:8a:19:01:b8:ec:52:c8:e3:46:2e:fa:99:e8:0f:
19:94:0b:d6:21:19:d8:d5:7d:ab:a9:9d:40:82:cf:b3:2a:00:
64:2e:2d:08:73:f0:87:9d:62:47:e1:46:ce:53:01:a2:53:21:
59:ee:08:ac:ed:e3:b8:f7:66:6a:b1:aa:a2:5e:5e:11:86:ec:
36:2e:ed:91:1e:6f:23:f1:41:88:dd:bc:b4:d7:80:3a:f0:19:
70:08:c4:7d:43:7c:86:4a:64:49:df:dc:fb:ee:d2:10:80:f0:
3d:ea:26:5f:45:be:77:59:fb:ae:3c:f9:36:e4:92:e4:8e:4a:
7e:6e:10:52:29:c2:6c:f1:ed:ab:e8:d2:a3:ee:76:92:ad:4b:
3f:53:dd:44:fd:97:7c:27:f4:74:19:6f:8c:13:4d:17:f1:1a:
cc:ce:c9:c3:3e:85:9c:a3:c1:97:74:0f:f9:8e:77:bf:b5:1a:
1c:47:97:a7:81:42:02:f4:45:62:1c:75:13:00:58:2c:ab:b7:
35:7a:22:33:3a:ef:53:50:e1:dc:23:39:3c:1d:ac:88:6c:c2:
76:ca:73:a7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWlCs8uPMnVleSvW6GQB+R3MCGRYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwNDlaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhZWFhNzQ0MGRkODVjZmJkZjI4ZmNkZDUxN2E5MDYyMDY2MzQ0MjI4NGZh
ZTI0MTc2MDA2ZGVkOTAzZGI3ZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALatzxoNWi02ZVnCWcOg0/EbSGdch2nYI7yqG9IivLjzy3xMfifU8mFP1w4J
4yHZKO6bs4t1TkBQfKLeT3Dk3nyWShNPV9abVhx8IvT1QS8KiHhQNC4dCXR3jv4v
e+djtGroObAXklfaqJSGO+fH+JFv8VbKvuq/vG3jptQXI6Piez4pZYQr6grTNeTz
RZxBk4XjHnZ1DUs2wTf4rXYt8q4WIVBrM3FCdpja2eFFtoK0ZQLNuoCR/c+PXriD
0cUhtjPoJXeba6HUZliu1qdmH5BS87kdw+KxfJAHKPLDYZEZRkLUOulpmSq1/LkF
rk3aKnpdlILzmivHCLjw2zLKzZcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBThcHRO
hzDcp23V9YzwGK+cO2gLVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE2OTdlZGItZWI2Yy00ODZkLWE1Y2MtYzIyNzI0YjE0Zjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC6JqjAN
BgkqhkiG9w0BAQsFAAOCAQEASb24PRO6M2FojgbeS7SwQgJKju1UZgde2B/ZSe1Z
Jq52HECmLUK9yooZAbjsUsjjRi76megPGZQL1iEZ2NV9q6mdQILPsyoAZC4tCHPw
h51iR+FGzlMBolMhWe4IrO3juPdmarGqol5eEYbsNi7tkR5vI/FBiN28tNeAOvAZ
cAjEfUN8hkpkSd/c++7SEIDwPeomX0W+d1n7rjz5NuSS5I5Kfm4QUinCbPHtq+jS
o+52kq1LP1PdRP2XfCf0dBlvjBNNF/EazM7Jwz6FnKPBl3QP+Y53v7UaHEeXp4FC
AvRFYhx1EwBYLKu3NXoiMzrvU1Dh3CM5PB2siGzCdspzpw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:57 2025 by rpki-client