Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
File: bb73d62f-513c-4673-8547-902e7fa2148b.roa (raw, json)
Hash identifier: 9ASZN5ipw532MyP8eFWfcf3HMKzFs4qHfDEpUa9OmEg=
Subject key identifier: AF:84:8D:AD:F2:1E:75:26:E2:59:20:10:AB:04:D2:5A:D7:92:20:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1872F61C3FEB0DA6C7D184A13316914225F0AC96
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
Signing time: Fri 25 Jul 2025 17:00:22 +0000
ROA not before: Fri 25 Jul 2025 17:00:22 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:72:f6:1c:3f:eb:0d:a6:c7:d1:84:a1:33:16:91:42:25:f0:ac:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:22 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=ce0aea809f591a7761530cc28ae1a02ec3f389b20de099c95f0de7e136ea6c76, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:05:92:24:08:e4:c8:0a:1e:d7:48:d3:89:1e:
47:a9:de:97:76:f0:f5:22:c6:50:80:3c:e8:6f:a6:
96:5a:70:66:2a:be:83:3a:a6:e2:2b:5d:32:10:50:
aa:8e:cb:9b:24:3b:0f:27:a3:b1:4c:27:c3:9a:57:
c7:b0:10:bf:44:14:5a:cf:84:ee:72:50:ba:df:d1:
eb:26:cb:00:0d:15:dd:5f:f4:92:dc:de:40:5e:bb:
67:20:da:23:dd:49:00:49:f1:02:fa:8f:0d:37:de:
58:be:bb:25:7c:58:d7:19:74:cc:b3:21:58:73:af:
b9:39:c5:ad:0f:4f:58:91:c8:c3:fd:71:2b:69:18:
cd:19:37:88:80:b0:63:4b:3d:0a:b1:7d:76:a5:8d:
de:c7:d9:15:1b:b2:c5:44:8f:c9:38:fc:e7:85:8e:
d7:77:7d:30:93:a6:d1:b1:b5:ce:54:bd:ad:b6:ac:
0b:46:10:04:df:56:7a:fe:a2:6f:66:95:fe:9c:db:
a5:2a:c6:c8:05:c1:6b:93:c0:bf:2c:4a:fb:b3:d3:
28:82:22:96:06:6c:d0:cc:c3:de:ed:1a:b1:dc:8a:
05:f4:a5:21:c2:91:49:65:aa:48:6f:cb:bc:a5:a9:
7e:be:7a:ad:2b:86:4a:f0:17:62:d0:21:e5:6b:45:
03:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:84:8D:AD:F2:1E:75:26:E2:59:20:10:AB:04:D2:5A:D7:92:20:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/17
Signature Algorithm: sha256WithRSAEncryption
64:7a:e7:65:66:a8:f5:c4:32:a8:5e:06:ba:65:db:ea:a6:67:
3b:94:e8:f9:be:81:a8:12:8e:f7:bb:02:23:28:d0:79:20:ac:
89:a3:c7:c6:7b:0f:8c:90:d3:9c:5b:05:a2:43:76:b4:06:92:
80:9f:09:e9:27:e1:48:de:92:54:ef:c4:31:f1:ea:96:7c:a5:
ad:21:ae:ec:b7:38:29:ee:ff:b8:b1:a4:56:a1:57:5a:71:dc:
37:cd:76:e8:dc:4e:cb:09:17:bd:36:7e:89:1c:9c:c6:a3:56:
c1:79:ed:f6:b8:13:e1:27:e9:54:07:57:a9:8d:8e:aa:a0:81:
5a:e4:25:ca:ac:d1:bb:d0:58:21:ba:38:89:ca:d9:34:a3:d5:
c0:49:6e:61:57:2d:91:72:86:2d:84:49:2f:4c:75:18:14:35:
8c:44:4b:c5:1b:b4:78:75:c0:40:84:cc:61:1c:77:dc:38:f5:
33:70:cd:f9:1c:67:22:68:c6:86:03:d5:11:fe:51:e5:13:13:
bc:62:f4:eb:ee:8f:62:8a:4f:f2:8f:d3:12:fe:34:c5:9a:e9:
b0:a3:bd:8d:d3:91:df:3d:a2:58:e6:a7:c0:2b:69:7c:74:e6:
bc:c7:f6:0c:17:c4:7c:a2:ee:e2:dc:ee:53:c4:4c:dd:cb:70:
2c:59:3f:9c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGHL2HD/rDabH0YShMxaRQiXwrJYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMjJaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlMGFlYTgwOWY1OTFhNzc2MTUzMGNjMjhhZTFhMDJlYzNmMzg5YjIwZGUw
OTljOTVmMGRlN2UxMzZlYTZjNzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8FkiQI5MgKHtdI04keR6nel3bw9SLGUIA86G+mllpwZiq+gzqm4itdMhBQ
qo7LmyQ7DyejsUwnw5pXx7AQv0QUWs+E7nJQut/R6ybLAA0V3V/0ktzeQF67ZyDa
I91JAEnxAvqPDTfeWL67JXxY1xl0zLMhWHOvuTnFrQ9PWJHIw/1xK2kYzRk3iICw
Y0s9CrF9dqWN3sfZFRuyxUSPyTj854WO13d9MJOm0bG1zlS9rbasC0YQBN9Wev6i
b2aV/pzbpSrGyAXBa5PAvyxK+7PTKIIilgZs0MzD3u0asdyKBfSlIcKRSWWqSG/L
vKWpfr56rSuGSvAXYtAh5WtFA2MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSvhI2t
8h51JuJZIBCrBNJa15IgkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmI3M2Q2MmYtNTEzYy00NjczLTg1NDctOTAyZTdmYTIxNDhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBy6JADAN
BgkqhkiG9w0BAQsFAAOCAQEAZHrnZWao9cQyqF4GumXb6qZnO5To+b6BqBKO97sC
IyjQeSCsiaPHxnsPjJDTnFsFokN2tAaSgJ8J6SfhSN6SVO/EMfHqlnylrSGu7Lc4
Ke7/uLGkVqFXWnHcN8126NxOywkXvTZ+iRycxqNWwXnt9rgT4SfpVAdXqY2OqqCB
WuQlyqzRu9BYIbo4icrZNKPVwEluYVctkXKGLYRJL0x1GBQ1jERLxRu0eHXAQITM
YRx33Dj1M3DN+RxnImjGhgPVEf5R5RMTvGL06+6PYopP8o/TEv40xZrpsKO9jdOR
3z2iWOanwCtpfHTmvMf2DBfEfKLu4tzuU8RM3ctwLFk/nA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:58 2025 by rpki-client