Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
File: bb73d62f-513c-4673-8547-902e7fa2148b.roa (raw, json)
Hash identifier: 0sK4c1tsl1pJ0zrvVnnLeXGdrw7OefmkrjF1SpJw8YE=
Subject key identifier: A6:04:E5:C1:82:4F:87:59:B3:11:A9:5F:D9:DB:63:0F:E1:BE:2F:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DAD5CC300431821D7D11C21F7D3759E02BE28D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
Signing time: Tue 04 Nov 2025 03:00:07 +0000
ROA not before: Tue 04 Nov 2025 03:00:07 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:ad:5c:c3:00:43:18:21:d7:d1:1c:21:f7:d3:75:9e:02:be:28:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 03:00:07 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=bb48622e11b2b9ec9bd7abe2f06a350e216526f39c6f3450edffdbacbbc084f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:9e:ce:dc:31:aa:d5:67:bf:2a:b0:21:ae:6a:
2a:18:29:47:63:36:fb:9b:24:d2:2a:44:99:72:53:
03:57:10:8f:f3:e5:ee:72:b6:e0:65:af:76:b9:53:
e4:58:c3:4f:d1:63:78:22:23:d6:ef:60:40:08:fa:
55:2c:6d:75:e6:05:cf:33:7a:26:39:22:06:e9:2c:
89:7e:6c:91:d9:f1:3d:4f:17:1b:45:05:44:be:6a:
14:8e:f7:09:a1:c5:ff:42:f9:30:03:5a:45:1a:4d:
a9:52:17:8a:f2:aa:b7:f4:85:69:06:85:29:5f:96:
86:02:d1:74:15:4d:71:e9:14:22:4c:9a:44:04:68:
b8:e6:80:e4:3d:32:e4:58:77:4a:8d:df:3b:6f:f1:
15:4e:d6:ed:28:8e:d2:c2:a0:de:b0:8e:d9:c3:7b:
1e:67:8d:07:bc:8c:9f:a1:27:5d:6c:7a:95:26:51:
9a:4f:a9:40:fa:9b:d0:05:ac:9f:ce:ca:0e:2b:05:
1f:b3:e0:8c:dd:af:3c:b6:35:bb:f6:4a:2c:16:96:
04:af:a4:95:7c:86:87:5f:09:85:5a:47:2e:95:11:
f0:62:84:54:46:46:6c:2a:66:5a:82:2a:f8:e5:7d:
41:14:11:33:0c:0a:6a:f3:f5:23:0b:50:3c:03:38:
61:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:04:E5:C1:82:4F:87:59:B3:11:A9:5F:D9:DB:63:0F:E1:BE:2F:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/17
Signature Algorithm: sha256WithRSAEncryption
7c:8d:91:82:6e:78:9f:4f:3f:84:bc:4a:18:b8:c2:8f:2e:4d:
39:f9:12:35:25:8c:8a:00:0f:13:54:ca:7f:30:f3:51:c2:6c:
12:34:ba:0c:f1:80:fe:22:53:56:35:17:ce:90:51:07:79:f4:
be:b3:1d:20:da:a2:90:c5:24:5d:8d:af:d4:1f:f1:b3:d8:4d:
34:77:2c:af:38:75:20:53:da:c9:8e:5b:85:98:b7:17:64:5f:
e9:12:d9:0e:59:2b:dd:53:90:97:fc:c7:22:0b:5d:eb:e5:6b:
0e:c0:9f:af:76:51:46:1d:af:53:af:0a:eb:ce:ca:ae:15:83:
0b:b0:3c:fd:af:5d:78:89:83:42:70:36:93:9c:21:3b:76:8c:
84:d1:84:80:96:0d:d8:9e:84:f8:d9:9c:54:17:e5:2a:06:76:
d8:3f:9b:43:0a:c4:f5:dc:dd:f0:88:e8:aa:32:a1:4a:c2:ed:
5a:d3:53:c3:70:ed:20:76:af:d8:da:e8:fe:5e:67:01:c3:4e:
bf:e1:94:44:6f:aa:eb:95:0d:4b:d3:21:ea:7b:21:19:42:d3:
c1:bd:d3:2a:67:6e:42:f4:ed:ca:ef:5e:12:30:bf:f4:69:6e:
9a:d9:df:cd:16:4a:5b:c5:7f:cb:4d:af:ff:92:57:52:21:bc:
30:92:af:bb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTa1cwwBDGCHX0Rwh99N1ngK+KNYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMzAwMDdaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiNDg2MjJlMTFiMmI5ZWM5YmQ3YWJlMmYwNmEzNTBlMjE2NTI2ZjM5YzZm
MzQ1MGVkZmZkYmFjYmJjMDg0ZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOaeztwxqtVnvyqwIa5qKhgpR2M2+5sk0ipEmXJTA1cQj/Pl7nK24GWvdrlT
5FjDT9FjeCIj1u9gQAj6VSxtdeYFzzN6JjkiBuksiX5skdnxPU8XG0UFRL5qFI73
CaHF/0L5MANaRRpNqVIXivKqt/SFaQaFKV+WhgLRdBVNcekUIkyaRARouOaA5D0y
5Fh3So3fO2/xFU7W7SiO0sKg3rCO2cN7HmeNB7yMn6EnXWx6lSZRmk+pQPqb0AWs
n87KDisFH7PgjN2vPLY1u/ZKLBaWBK+klXyGh18JhVpHLpUR8GKEVEZGbCpmWoIq
+OV9QRQRMwwKavP1IwtQPAM4YU0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSmBOXB
gk+HWbMRqV/Z22MP4b4vBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmI3M2Q2MmYtNTEzYy00NjczLTg1NDctOTAyZTdmYTIxNDhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBy6JADAN
BgkqhkiG9w0BAQsFAAOCAQEAfI2Rgm54n08/hLxKGLjCjy5NOfkSNSWMigAPE1TK
fzDzUcJsEjS6DPGA/iJTVjUXzpBRB3n0vrMdINqikMUkXY2v1B/xs9hNNHcsrzh1
IFPayY5bhZi3F2Rf6RLZDlkr3VOQl/zHIgtd6+VrDsCfr3ZRRh2vU68K687KrhWD
C7A8/a9deImDQnA2k5whO3aMhNGEgJYN2J6E+NmcVBflKgZ22D+bQwrE9dzd8Ijo
qjKhSsLtWtNTw3DtIHav2Nro/l5nAcNOv+GURG+q65UNS9Mh6nshGULTwb3TKmdu
QvTtyu9eEjC/9GlumtnfzRZKW8V/y02v/5JXUiG8MJKvuw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:43:50 2025 by rpki-client