Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
File: b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa (raw, json)
Hash identifier: HqqE2/rydhoX/F5xSWLVU8Zbd3UPa2wAKgG6TqhkpYs=
Subject key identifier: 3C:19:8C:95:55:28:73:9D:8F:43:4D:C5:02:B2:CB:62:10:58:86:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15CB8F6279F5ABA3BEE7EBA559F0820EAF1138A7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
Signing time: Tue 04 Nov 2025 02:50:11 +0000
ROA not before: Tue 04 Nov 2025 02:50:11 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:cb:8f:62:79:f5:ab:a3:be:e7:eb:a5:59:f0:82:0e:af:11:38:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:50:11 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=23867955b226feab2fde4c5597f63c0ce8d0008e0b400778134ee0e8be0554ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1b:12:a8:a3:2b:8d:af:88:e9:4f:8f:07:19:
2b:b1:91:b2:55:c2:27:d3:cd:d0:cb:04:b1:ec:d3:
1f:1f:d6:8b:0d:1c:02:33:1e:b7:65:62:be:2c:90:
96:5b:25:33:58:14:d8:58:30:c2:3c:64:e0:2d:2f:
80:39:d9:d7:53:da:52:bd:ae:41:49:08:d7:4b:97:
49:e2:de:41:3b:8a:02:52:a8:29:f6:b0:69:c3:7f:
ff:be:30:d6:67:e1:b9:d4:de:2a:e0:db:cb:fd:cd:
3e:85:15:e7:9b:c8:2a:57:84:6c:26:f8:aa:7e:13:
cb:b6:50:0c:b9:26:ac:65:54:36:6d:e1:64:e9:ba:
91:c0:0a:5f:b7:4b:b3:99:a2:eb:9e:da:b7:6c:fa:
32:f9:d7:a8:c6:d4:67:df:6c:db:fe:bd:d0:c5:04:
9a:58:6d:5c:db:e0:21:e4:65:30:59:44:f4:82:18:
14:9d:7a:b2:95:c4:6d:f8:c3:79:ca:73:ab:6e:d3:
2d:0d:62:13:8c:b8:fb:56:34:30:4b:1a:85:df:34:
8f:bc:0b:e3:d0:e3:21:31:16:a3:b3:3f:06:91:55:
c7:d3:ad:5d:46:3e:df:c5:84:17:14:e5:1c:bf:6e:
66:af:91:6c:51:6f:00:b6:75:f6:6e:87:a7:bb:a4:
01:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:19:8C:95:55:28:73:9D:8F:43:4D:C5:02:B2:CB:62:10:58:86:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.240.0/20
Signature Algorithm: sha256WithRSAEncryption
1f:33:69:f1:e4:7b:c9:f2:39:0f:25:b5:7f:99:dc:96:cf:82:
e0:2a:e5:a9:ed:cc:d2:42:64:57:2f:b3:25:c1:f5:8f:8e:d3:
f1:5d:b0:30:83:da:34:e6:ad:9e:54:cd:5e:11:54:e5:76:e6:
fa:81:7b:2b:b5:4a:80:7b:c0:29:6b:4f:29:bc:c2:69:1f:47:
d2:6b:c8:d3:a6:c6:f0:71:c3:d1:09:66:9c:32:02:91:de:c8:
4f:6c:c1:30:8b:ba:57:b7:1d:8a:64:7f:46:d0:ec:81:5a:c0:
d8:97:b8:e0:11:c8:2f:75:3f:e2:6d:0f:02:c4:b9:5c:6c:e4:
9c:a0:2a:b6:0d:52:64:f4:83:7c:41:be:56:67:e7:df:9a:d2:
3b:49:65:f4:08:1a:04:9c:84:9b:2f:a6:81:5a:49:c2:68:99:
29:d1:7e:6d:64:d9:a8:77:49:f1:a8:9f:84:a2:03:70:5e:5e:
ef:51:47:fe:b9:f0:92:38:11:c4:d8:61:aa:80:c3:54:0f:2d:
3b:2d:81:1b:8a:4f:b1:a5:ec:e1:12:6a:17:11:9a:fd:0b:a8:
38:4a:f6:70:c4:0c:a6:c2:36:cd:e8:be:6b:b4:5d:a7:21:ce:
40:cf:a2:c4:db:cd:7c:2e:f7:3c:d5:eb:36:b1:e1:6d:d8:85:
0d:25:eb:39
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFcuPYnn1q6O+5+ulWfCCDq8ROKcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUwMTFaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzODY3OTU1YjIyNmZlYWIyZmRlNGM1NTk3ZjYzYzBjZThkMDAwOGUwYjQw
MDc3ODEzNGVlMGU4YmUwNTU0ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEbEqijK42viOlPjwcZK7GRslXCJ9PN0MsEsezTHx/Wiw0cAjMet2ViviyQ
llslM1gU2Fgwwjxk4C0vgDnZ11PaUr2uQUkI10uXSeLeQTuKAlKoKfawacN//74w
1mfhudTeKuDby/3NPoUV55vIKleEbCb4qn4Ty7ZQDLkmrGVUNm3hZOm6kcAKX7dL
s5mi657at2z6MvnXqMbUZ99s2/690MUEmlhtXNvgIeRlMFlE9IIYFJ16spXEbfjD
ecpzq27TLQ1iE4y4+1Y0MEsahd80j7wL49DjITEWo7M/BpFVx9OtXUY+38WEFxTl
HL9uZq+RbFFvALZ19m6Hp7ukAbcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ8GYyV
VShznY9DTcUCsstiEFiGWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQ0MzYzYjktYmE0OC00OTEzLWI4YTQtOWNkMGRjMzJiYTAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4z8DAN
BgkqhkiG9w0BAQsFAAOCAQEAHzNp8eR7yfI5DyW1f5ncls+C4Crlqe3M0kJkVy+z
JcH1j47T8V2wMIPaNOatnlTNXhFU5Xbm+oF7K7VKgHvAKWtPKbzCaR9H0mvI06bG
8HHD0QlmnDICkd7IT2zBMIu6V7cdimR/RtDsgVrA2Je44BHIL3U/4m0PAsS5XGzk
nKAqtg1SZPSDfEG+Vmfn35rSO0ll9AgaBJyEmy+mgVpJwmiZKdF+bWTZqHdJ8aif
hKIDcF5e71FH/rnwkjgRxNhhqoDDVA8tOy2BG4pPsaXs4RJqFxGa/QuoOEr2cMQM
psI2zei+a7RdpyHOQM+ixNvNfC73PNXrNrHhbdiFDSXrOQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:43:46 2025 by rpki-client