Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
File: bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa (raw, json)
Hash identifier: 9JGzVNOeh9UdTB8zF/zOyu37L5XgnwzRwRauihRjsSc=
Subject key identifier: 19:B4:46:89:32:AA:53:32:E5:24:DA:70:CC:5B:EB:F7:CE:18:BD:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34EA8E965EEECB32BC04D556D040627F744B64F5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
Signing time: Tue 04 Nov 2025 03:00:08 +0000
ROA not before: Tue 04 Nov 2025 03:00:08 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:ea:8e:96:5e:ee:cb:32:bc:04:d5:56:d0:40:62:7f:74:4b:64:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 03:00:08 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=6816abecbfd7050c5d2258442b3e6c89f414c4bd9f42dc91a480ffc2dd9b7355, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:60:fd:22:3a:00:45:e5:65:1c:2b:4f:e8:94:
89:60:31:92:13:2c:bb:23:da:71:f4:33:8f:f1:fc:
80:03:e1:f8:4b:4b:3a:3f:30:d3:2f:b5:ce:49:67:
a7:fa:8a:42:dd:c3:54:22:16:7b:12:d5:51:ea:af:
d5:36:8d:e6:e0:35:08:f8:1d:55:db:72:32:76:b1:
fa:46:31:57:b1:bf:0a:74:78:0d:26:43:32:89:72:
9b:7e:94:1a:f2:b4:07:7e:b8:3a:2a:61:51:79:4e:
c0:9d:54:20:31:ae:6e:d2:27:50:69:3f:e0:7a:39:
f1:55:68:c8:d9:3c:c1:22:d7:b3:e5:cc:c7:e2:7a:
bc:46:d6:c9:77:bc:fb:53:41:8d:d3:0b:5c:4f:64:
99:28:95:09:1c:b7:8e:d6:8d:68:b9:36:f6:b9:86:
8f:a4:fd:c4:1e:0f:31:41:6d:28:1d:ae:ea:a8:59:
20:e3:83:4b:39:38:40:fc:29:6e:77:f0:f4:10:97:
b9:07:b6:c4:11:d0:d2:92:08:dd:a9:f7:2d:fc:71:
78:da:57:11:47:44:ae:4b:c4:96:22:35:33:dc:f7:
bd:e5:33:91:47:25:67:ba:08:4b:94:d4:8c:f4:67:
be:61:d4:e6:37:dd:12:00:8e:aa:73:25:56:e0:2a:
53:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:B4:46:89:32:AA:53:32:E5:24:DA:70:CC:5B:EB:F7:CE:18:BD:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.204.0/22
Signature Algorithm: sha256WithRSAEncryption
13:ac:4d:90:52:f1:69:e4:8e:24:75:c0:06:43:51:4b:51:fb:
d4:9a:cb:9b:40:b8:de:30:bd:28:7a:0d:2d:7a:70:04:d4:65:
49:c7:f8:d5:a9:bb:46:3e:fc:c8:b9:02:b8:db:8b:e4:8a:e2:
a6:7a:42:de:f0:37:17:e8:ec:b4:27:1e:b9:a7:0b:8f:b5:fb:
9f:88:97:e3:2f:45:b6:eb:81:6f:0b:a7:4f:e7:8b:b9:45:85:
e3:9f:ab:a7:0d:6d:73:73:4c:3d:5a:18:57:b0:bf:df:4d:5b:
0a:69:c1:f1:4e:1e:b3:44:24:6b:6d:90:68:57:f8:b6:ef:0f:
ca:05:21:f0:81:65:33:b4:59:8a:c6:ec:ea:c9:4b:4b:76:9a:
1a:79:6f:35:ec:42:06:95:c2:27:8a:a7:4d:4b:b0:bb:2f:02:
cd:a2:8f:18:95:fd:9c:3e:23:f4:a0:02:03:8f:fb:d0:00:56:
11:94:b3:92:1b:57:76:5d:74:d2:cc:66:64:c8:5a:15:ca:a1:
11:09:6c:97:85:36:e0:dd:c3:a8:8c:44:0e:c2:b3:93:75:45:
0a:cc:19:56:8e:c4:53:02:57:2b:14:e3:be:60:f8:cf:ad:d1:
82:61:d1:8a:20:b6:5f:61:7a:3a:82:19:d8:9d:8d:00:1c:d1:
bb:67:32:25
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNOqOll7uyzK8BNVW0EBif3RLZPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMzAwMDhaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4MTZhYmVjYmZkNzA1MGM1ZDIyNTg0NDJiM2U2Yzg5ZjQxNGM0YmQ5ZjQy
ZGM5MWE0ODBmZmMyZGQ5YjczNTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJg/SI6AEXlZRwrT+iUiWAxkhMsuyPacfQzj/H8gAPh+EtLOj8w0y+1zkln
p/qKQt3DVCIWexLVUeqv1TaN5uA1CPgdVdtyMnax+kYxV7G/CnR4DSZDMolym36U
GvK0B364OiphUXlOwJ1UIDGubtInUGk/4Ho58VVoyNk8wSLXs+XMx+J6vEbWyXe8
+1NBjdMLXE9kmSiVCRy3jtaNaLk29rmGj6T9xB4PMUFtKB2u6qhZIOODSzk4QPwp
bnfw9BCXuQe2xBHQ0pII3an3LfxxeNpXEUdErkvEliI1M9z3veUzkUclZ7oIS5TU
jPRnvmHU5jfdEgCOqnMlVuAqU7MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQZtEaJ
MqpTMuUk2nDMW+v3zhi9MjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRjODMxZWItMDdjMi00N2JiLWE3M2QtMTc3YWJjOWIxNGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JzDAN
BgkqhkiG9w0BAQsFAAOCAQEAE6xNkFLxaeSOJHXABkNRS1H71JrLm0C43jC9KHoN
LXpwBNRlScf41am7Rj78yLkCuNuL5IripnpC3vA3F+jstCceuacLj7X7n4iX4y9F
tuuBbwunT+eLuUWF45+rpw1tc3NMPVoYV7C/301bCmnB8U4es0Qka22QaFf4tu8P
ygUh8IFlM7RZisbs6slLS3aaGnlvNexCBpXCJ4qnTUuwuy8CzaKPGJX9nD4j9KAC
A4/70ABWEZSzkhtXdl100sxmZMhaFcqhEQlsl4U24N3DqIxEDsKzk3VFCswZVo7E
UwJXKxTjvmD4z63RgmHRiiC2X2F6OoIZ2J2NABzRu2cyJQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:43:44 2025 by rpki-client