Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
File: b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa (raw, json)
Hash identifier: D29mOOCzOitgcsT0hX7WO9VGhymCuYlhTXZF7VaVb8w=
Subject key identifier: FE:2B:E8:7C:87:BB:64:AB:83:BE:C6:C8:C2:E3:CE:4A:00:F3:50:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4A3CFF3EEA4B109D0981A3800C376550DC30FEAE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
Signing time: Fri 25 Jul 2025 16:51:13 +0000
ROA not before: Fri 25 Jul 2025 16:51:13 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:3c:ff:3e:ea:4b:10:9d:09:81:a3:80:0c:37:65:50:dc:30:fe:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:13 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=a6102ff2c767f8b2b655c566606f736d56b0c37d566b79f2ef9913baa327bf77, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:20:49:4c:5c:90:ae:25:26:cf:9d:a6:22:56:
7a:75:3e:81:43:60:34:45:d8:fe:a9:c4:d4:b4:8a:
56:dd:0a:55:99:1c:47:63:bb:da:2b:99:06:b4:44:
c6:b0:75:38:a3:a1:24:e8:9e:b1:29:12:8d:70:d1:
55:c3:2d:a6:c1:78:4b:e1:3f:00:51:48:ec:37:4d:
e1:ff:ef:92:51:40:2b:d5:21:a4:5c:2e:65:54:fd:
80:27:a0:20:0c:dc:a0:da:9b:ae:61:7b:2b:1b:8e:
d5:ae:95:51:49:45:86:36:b9:f9:3d:40:a0:7a:d3:
46:8f:5a:fe:58:e1:17:59:15:db:43:b7:c4:fc:e9:
4c:cc:ae:38:76:56:62:2d:7c:db:1e:30:fc:7f:62:
18:c5:0f:a8:cc:31:57:2c:0a:6f:d6:47:1f:27:ce:
39:f5:8d:02:92:4f:e3:c7:1f:13:93:ea:fc:fa:2b:
e7:2f:0d:21:ac:2a:ca:d7:b3:29:32:b6:b8:54:08:
b8:30:75:76:10:06:6e:a1:0c:80:6f:54:8b:3f:6b:
51:6d:bb:9e:ee:59:a0:69:48:78:b5:70:c7:e4:72:
85:88:93:6b:0d:a0:5f:c6:3b:11:fe:c2:6e:a5:e4:
50:f8:55:05:14:ee:26:9f:67:ab:d2:ec:f3:6a:ea:
ae:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:2B:E8:7C:87:BB:64:AB:83:BE:C6:C8:C2:E3:CE:4A:00:F3:50:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.156.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:75:a7:21:62:ac:73:8a:ba:75:86:7b:09:e9:5d:b8:4b:54:
85:64:21:fa:f9:1a:9c:89:aa:ba:21:5a:1a:dd:77:9f:ef:35:
55:02:51:57:ea:b1:48:46:ab:99:47:a7:9c:34:e3:2d:cb:cb:
c3:27:c3:37:79:40:fa:57:e6:d7:00:62:a5:5b:cd:7b:51:44:
e1:12:8c:68:7b:03:1d:22:76:84:46:08:13:6a:5e:b8:68:8d:
0b:9f:38:ee:74:e3:b7:89:05:ca:b1:ea:a5:84:cb:76:7a:02:
90:8c:c7:28:14:5a:d0:f1:0a:77:a2:a7:82:1b:1c:41:7c:94:
5e:18:bb:5d:2d:f2:74:2a:b1:88:89:29:03:60:d5:a6:18:02:
3a:fd:84:5c:a1:de:37:c9:80:7a:7e:bc:49:ba:51:66:4a:67:
fc:05:6a:62:5e:f9:73:ac:4a:6e:e0:af:c3:13:0b:19:6e:43:
39:47:b6:bd:55:06:66:d6:f7:86:22:a9:7b:15:0b:fb:ec:49:
3f:7e:09:9c:57:30:17:08:b8:fe:20:8f:a1:5e:25:b7:39:82:
14:86:b3:d6:d4:ba:7c:07:69:18:10:ce:9c:01:1e:46:8b:0d:
34:f8:4a:6b:ec:94:2f:50:c8:da:d4:a9:b0:7a:0f:bf:0f:5e:
96:d8:8e:ca
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSjz/PupLEJ0JgaOADDdlUNww/q4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMTNaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2MTAyZmYyYzc2N2Y4YjJiNjU1YzU2NjYwNmY3MzZkNTZiMGMzN2Q1NjZi
NzlmMmVmOTkxM2JhYTMyN2JmNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI8gSUxckK4lJs+dpiJWenU+gUNgNEXY/qnE1LSKVt0KVZkcR2O72iuZBrRE
xrB1OKOhJOiesSkSjXDRVcMtpsF4S+E/AFFI7DdN4f/vklFAK9UhpFwuZVT9gCeg
IAzcoNqbrmF7KxuO1a6VUUlFhja5+T1AoHrTRo9a/ljhF1kV20O3xPzpTMyuOHZW
Yi182x4w/H9iGMUPqMwxVywKb9ZHHyfOOfWNApJP48cfE5Pq/Por5y8NIawqytez
KTK2uFQIuDB1dhAGbqEMgG9Uiz9rUW27nu5ZoGlIeLVwx+RyhYiTaw2gX8Y7Ef7C
bqXkUPhVBRTuJp9nq9Ls82rqrpcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT+K+h8
h7tkq4O+xsjC485KAPNQgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjllODUxNzQtMmZmZC00YjkzLTgzNTctMWUyYmE4NTQ0OWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JnDAN
BgkqhkiG9w0BAQsFAAOCAQEATXWnIWKsc4q6dYZ7CelduEtUhWQh+vkanImquiFa
Gt13n+81VQJRV+qxSEarmUennDTjLcvLwyfDN3lA+lfm1wBipVvNe1FE4RKMaHsD
HSJ2hEYIE2peuGiNC5847nTjt4kFyrHqpYTLdnoCkIzHKBRa0PEKd6KnghscQXyU
Xhi7XS3ydCqxiIkpA2DVphgCOv2EXKHeN8mAen68SbpRZkpn/AVqYl75c6xKbuCv
wxMLGW5DOUe2vVUGZtb3hiKpexUL++xJP34JnFcwFwi4/iCPoV4ltzmCFIaz1tS6
fAdpGBDOnAEeRosNNPhKa+yUL1DI2tSpsHoPvw9eltiOyg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:55 2025 by rpki-client