Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
File: b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa (raw, json)
Hash identifier: Hv5S7XyGOOAXLRzzXI6+OHUmomctRnFYNJQUgVkFqb0=
Subject key identifier: 4B:D3:2F:06:7B:2D:7E:0B:B6:5F:97:CE:52:3F:2E:5F:3E:93:B5:6D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E72D92B8E04FECFDBB9946C0E112DDECED2B441
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
Signing time: Tue 04 Nov 2025 03:00:12 +0000
ROA not before: Tue 04 Nov 2025 03:00:12 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:72:d9:2b:8e:04:fe:cf:db:b9:94:6c:0e:11:2d:de:ce:d2:b4:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 03:00:12 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=5f7bd077fea7e0082e124b1a9936008bc29cf368fa43899b3216e45f156eeb4e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e4:f7:f6:bd:bd:7e:3f:48:30:2b:4f:c8:53:
98:3a:39:a9:85:70:56:3f:f2:77:b7:bc:e3:3d:8c:
c5:aa:b3:8b:a9:f9:d5:92:46:c1:5c:59:27:47:f8:
f5:6a:4f:9b:93:4b:a3:5b:e9:83:66:32:1a:f4:87:
a3:91:58:31:cd:51:b5:6d:1e:af:30:ae:20:db:7e:
20:90:57:91:66:bf:a8:b2:7f:fc:2d:49:56:0e:8e:
59:74:e3:82:26:94:c4:90:aa:5f:38:24:47:2d:54:
e0:ca:5c:b2:70:2e:ab:08:fd:b0:83:d0:f6:fb:b3:
a8:54:20:3e:2f:03:81:82:35:b0:c7:30:e2:d5:e7:
36:9a:4c:89:1a:54:d2:c1:73:5e:30:45:80:06:00:
6c:f5:98:ce:5f:74:8b:2e:c2:96:7b:6c:e0:19:2a:
ca:1b:ed:35:a2:1d:a6:20:5c:44:73:90:a6:86:5c:
a1:aa:44:5b:6d:05:4a:f1:40:7b:be:16:8b:90:b9:
6a:b0:90:3c:6c:56:58:20:54:46:07:1c:4f:42:dd:
9f:f6:43:bf:0f:5d:af:2f:52:fe:4d:4b:31:ad:7f:
f1:53:f9:a0:25:4b:8f:28:0e:ec:3d:b6:9a:85:eb:
47:bd:2c:bc:66:ed:c9:0d:6b:0f:e0:77:70:22:74:
f4:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D3:2F:06:7B:2D:7E:0B:B6:5F:97:CE:52:3F:2E:5F:3E:93:B5:6D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.160.0/21
Signature Algorithm: sha256WithRSAEncryption
91:c0:8b:6f:7a:d5:3e:12:0e:c5:7e:19:ae:02:a5:12:4a:97:
cd:11:15:ed:03:f7:62:90:39:58:c4:97:f3:26:c8:30:51:f5:
cb:70:ec:07:22:a1:f1:c2:d7:d4:e0:9a:76:45:f1:5e:10:39:
d9:ef:ad:bc:43:70:45:be:fb:6a:d8:c5:c8:67:0b:23:ee:70:
73:21:cb:54:77:b6:d8:07:7a:5c:8a:c2:9c:3c:85:92:a4:a6:
11:2c:b0:7c:31:89:55:66:37:15:91:7b:b1:cd:b5:27:86:8c:
9c:03:16:e4:ce:62:0e:a6:0d:79:b3:64:09:3f:06:c9:90:6d:
9b:51:a8:99:ff:da:51:e2:85:d5:02:26:d7:04:b5:ef:67:34:
51:f6:b2:df:a1:5e:be:29:3f:51:b6:9c:07:b8:98:45:72:af:
1c:9f:8a:8b:02:12:0a:6d:cb:93:78:89:43:fd:af:c5:6c:b3:
8e:ee:06:69:fc:a4:e3:5d:cf:8e:84:6d:30:62:b6:72:02:6f:
b5:0a:71:fb:22:d2:27:8d:3b:9c:17:27:cf:55:5a:2c:8a:29:
3a:5d:69:dc:87:cd:db:4c:14:b5:ca:f0:79:94:18:b2:7f:7c:
b3:f7:ef:2e:bf:c8:e5:82:6f:f0:89:bc:40:b2:74:91:59:fe:
2e:3e:ed:de
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHnLZK44E/s/buZRsDhEt3s7StEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMzAwMTJaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmN2JkMDc3ZmVhN2UwMDgyZTEyNGIxYTk5MzYwMDhiYzI5Y2YzNjhmYTQz
ODk5YjMyMTZlNDVmMTU2ZWViNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfk9/a9vX4/SDArT8hTmDo5qYVwVj/yd7e84z2Mxaqzi6n51ZJGwVxZJ0f4
9WpPm5NLo1vpg2YyGvSHo5FYMc1RtW0erzCuINt+IJBXkWa/qLJ//C1JVg6OWXTj
giaUxJCqXzgkRy1U4MpcsnAuqwj9sIPQ9vuzqFQgPi8DgYI1sMcw4tXnNppMiRpU
0sFzXjBFgAYAbPWYzl90iy7Clnts4BkqyhvtNaIdpiBcRHOQpoZcoapEW20FSvFA
e74Wi5C5arCQPGxWWCBURgccT0Ldn/ZDvw9dry9S/k1LMa1/8VP5oCVLjygO7D22
moXrR70svGbtyQ1rD+B3cCJ09MUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRL0y8G
ey1+C7Zfl85SPy5fPpO1bTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjczMGVlZjAtYmI5NC00ZDMxLWJmOWEtYzBmYjlhNDdiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4zoDAN
BgkqhkiG9w0BAQsFAAOCAQEAkcCLb3rVPhIOxX4ZrgKlEkqXzREV7QP3YpA5WMSX
8ybIMFH1y3DsByKh8cLX1OCadkXxXhA52e+tvENwRb77atjFyGcLI+5wcyHLVHe2
2Ad6XIrCnDyFkqSmESywfDGJVWY3FZF7sc21J4aMnAMW5M5iDqYNebNkCT8GyZBt
m1Gomf/aUeKF1QIm1wS172c0Ufay36Fevik/UbacB7iYRXKvHJ+KiwISCm3Lk3iJ
Q/2vxWyzju4Gafyk413PjoRtMGK2cgJvtQpx+yLSJ407nBcnz1VaLIopOl1p3IfN
20wUtcrweZQYsn98s/fvLr/I5YJv8Im8QLJ0kVn+Lj7t3g==
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:53:27 2025 by rpki-client