Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
File: bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa (raw, json)
Hash identifier: wnRguijkBmuFq+xduC6xMKtuJXWv1qqj4JAweg0wMJ0=
Subject key identifier: BC:0C:3F:E4:C6:D4:02:48:B5:5A:7F:DC:D8:41:3D:73:77:E1:4B:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4ECC923E78AED8F2C474A79EA26EA416157C6E82
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
Signing time: Fri 25 Jul 2025 16:51:14 +0000
ROA not before: Fri 25 Jul 2025 16:51:14 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:cc:92:3e:78:ae:d8:f2:c4:74:a7:9e:a2:6e:a4:16:15:7c:6e:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:14 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=ea8ac317a827d4a387611aeeaf4e55d5628af1897d23ea36bd69a645b7873d3a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:aa:ba:59:a1:eb:49:6c:2e:78:75:f9:e1:74:
a3:1a:f3:22:c7:e7:1d:ed:ea:7b:5d:bf:1a:b8:ed:
17:9d:47:e4:b7:09:9d:69:8c:b0:4b:b7:a1:cb:13:
87:b2:09:75:98:cd:08:24:68:ce:82:0e:47:c3:09:
30:bf:7c:a3:8f:fd:e9:2c:92:28:69:d8:9c:f2:6d:
a0:e0:dd:df:c7:f9:b9:b9:06:5f:3f:98:bc:76:f7:
36:08:52:aa:9a:15:ab:98:37:c1:0a:41:df:28:66:
25:85:e3:f3:af:8a:01:7c:05:ab:25:73:55:5c:47:
c2:c3:07:5d:8e:2f:7f:1c:f3:b1:d1:b1:18:7a:3b:
81:dd:fc:fd:7a:4a:dd:d5:8d:a1:92:7b:00:1c:31:
85:26:8f:6c:35:7e:84:f8:26:f6:04:21:e3:a3:74:
37:71:16:85:d2:a1:47:6e:49:d2:03:30:6c:a3:b4:
71:9b:66:17:03:71:7e:d1:a0:66:39:48:94:ea:64:
0f:92:b8:46:d7:d1:57:ad:fc:f0:0c:2a:d0:df:1c:
23:ef:f2:12:b2:25:0f:9a:bb:7e:ae:78:7a:d2:bb:
ae:5c:e9:7d:f3:8c:20:c1:4c:79:f1:50:a5:6b:f7:
fe:d6:62:14:b7:9f:7d:ae:26:23:de:76:11:3c:cc:
f7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:0C:3F:E4:C6:D4:02:48:B5:5A:7F:DC:D8:41:3D:73:77:E1:4B:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.204.0/22
Signature Algorithm: sha256WithRSAEncryption
81:1b:7c:b5:de:e6:34:33:55:f9:07:f0:35:2f:2d:c2:f0:1a:
a1:43:da:72:78:04:fd:28:14:c1:76:cd:fa:d9:7f:36:38:b9:
73:25:a2:ba:a4:de:59:c7:fe:b8:52:d4:87:c2:75:a5:90:00:
31:fa:93:4e:b8:f7:9f:eb:a6:25:e2:25:79:ca:8f:07:10:08:
c0:6b:21:8a:de:0e:df:e4:b3:f0:8e:92:58:44:55:0a:9a:df:
1e:d2:de:8b:f9:51:3d:e6:30:7f:80:41:ff:4e:fd:ce:0b:d8:
1c:46:9e:ba:07:a0:2c:8f:ab:d0:a7:bf:11:ae:49:8c:c4:df:
13:08:8b:b4:de:3f:03:73:ee:58:1d:3d:05:8b:c7:0c:df:9f:
a1:00:d7:03:e8:74:83:a4:4f:12:ab:3e:b8:43:c6:2f:f5:61:
06:3a:5c:be:27:93:bd:5a:14:00:34:08:57:3b:13:23:9e:2f:
31:11:84:03:2f:d2:4a:39:53:1a:5c:46:ed:3e:0a:45:af:3e:
0d:a4:46:dc:9b:2c:b8:da:7e:ea:c9:4b:fa:4d:89:65:87:4f:
07:be:b1:a4:eb:fa:cd:ff:ce:2d:0a:37:9e:25:5d:4a:d7:5e:
a1:df:16:09:13:09:59:ea:5c:66:cf:61:7c:5e:b3:fe:93:59:
34:d6:9f:b0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTsySPniu2PLEdKeeom6kFhV8boIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMTRaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhOGFjMzE3YTgyN2Q0YTM4NzYxMWFlZWFmNGU1NWQ1NjI4YWYxODk3ZDIz
ZWEzNmJkNjlhNjQ1Yjc4NzNkM2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWqulmh60lsLnh1+eF0oxrzIsfnHe3qe12/GrjtF51H5LcJnWmMsEu3ocsT
h7IJdZjNCCRozoIOR8MJML98o4/96SySKGnYnPJtoODd38f5ubkGXz+YvHb3NghS
qpoVq5g3wQpB3yhmJYXj86+KAXwFqyVzVVxHwsMHXY4vfxzzsdGxGHo7gd38/XpK
3dWNoZJ7ABwxhSaPbDV+hPgm9gQh46N0N3EWhdKhR25J0gMwbKO0cZtmFwNxftGg
ZjlIlOpkD5K4RtfRV6388Awq0N8cI+/yErIlD5q7fq54etK7rlzpffOMIMFMefFQ
pWv3/tZiFLeffa4mI952ETzM9xECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS8DD/k
xtQCSLVaf9zYQT1zd+FL9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRjODMxZWItMDdjMi00N2JiLWE3M2QtMTc3YWJjOWIxNGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JzDAN
BgkqhkiG9w0BAQsFAAOCAQEAgRt8td7mNDNV+QfwNS8twvAaoUPacngE/SgUwXbN
+tl/Nji5cyWiuqTeWcf+uFLUh8J1pZAAMfqTTrj3n+umJeIlecqPBxAIwGshit4O
3+Sz8I6SWERVCprfHtLei/lRPeYwf4BB/079zgvYHEaeugegLI+r0Ke/Ea5JjMTf
EwiLtN4/A3PuWB09BYvHDN+foQDXA+h0g6RPEqs+uEPGL/VhBjpcvieTvVoUADQI
VzsTI54vMRGEAy/SSjlTGlxG7T4KRa8+DaRG3JssuNp+6slL+k2JZYdPB76xpOv6
zf/OLQo3niVdStdeod8WCRMJWepcZs9hfF6z/pNZNNafsA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:42 2025 by rpki-client