Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
File: bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa (raw, json)
Hash identifier: qy2biHvvfRIHYrNB5IOU7FadbWrSE2DV6nFn4dYnUrg=
Subject key identifier: 72:DB:DE:57:CB:69:37:53:F1:F4:80:65:49:33:77:77:90:D4:FC:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A74F8A4BB2117CDECD4DC6C62BA9E3C2EE6EC40
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
Signing time: Fri 25 Jul 2025 17:00:17 +0000
ROA not before: Fri 25 Jul 2025 17:00:17 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:74:f8:a4:bb:21:17:cd:ec:d4:dc:6c:62:ba:9e:3c:2e:e6:ec:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:17 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=12d85bbdfea9ee84cd9428ef09018d81f6f01a21114eac9b48c9153f619d9ade, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b0:b7:7a:7d:cc:dc:34:4b:64:1b:6b:57:fe:
1d:ed:76:f2:db:94:9a:23:07:14:c9:ee:82:2d:a5:
d4:ec:b3:7b:33:3d:82:f5:22:d2:70:75:8b:9c:50:
43:18:05:f7:2c:8c:76:15:e6:b6:06:25:a5:1e:d2:
8e:26:24:98:75:f0:c4:35:0f:25:ef:3d:b9:89:b1:
62:0d:c5:a2:83:32:60:16:f6:95:e7:d2:3a:2b:29:
46:b8:18:55:15:53:32:2c:91:19:4b:52:9c:21:f8:
c1:44:1f:9b:d4:60:ff:6a:f0:e0:a2:6c:49:15:d4:
69:72:99:8e:28:09:2f:f3:e0:1e:a0:9d:93:cc:3d:
5e:ba:24:57:26:16:e8:c5:b5:16:82:70:8e:3a:2c:
72:dc:ee:4a:08:1a:f0:07:6b:50:37:3e:39:ad:63:
f6:dc:0a:a1:93:04:2a:18:4c:ac:48:5f:8a:55:aa:
d1:e5:40:c8:ea:ec:bf:0f:65:8e:31:70:f3:cb:54:
ce:c6:71:ed:4c:ae:16:4e:57:d1:49:14:c2:01:75:
54:a6:b8:1e:68:55:2f:c4:ae:75:44:cd:82:e4:b6:
c2:c8:22:24:86:dc:8d:73:ac:0e:7c:53:08:38:ac:
7a:23:77:2d:ea:0a:b4:45:a0:a7:c3:08:d5:6b:9d:
07:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DB:DE:57:CB:69:37:53:F1:F4:80:65:49:33:77:77:90:D4:FC:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:12:41:de:f3:a4:da:fe:cb:68:89:23:b7:fb:e9:ec:e0:a2:
dd:5e:5d:29:cf:94:7a:ab:7c:0c:34:b1:6b:6e:57:e1:22:a9:
7d:bd:6c:6c:ce:05:a3:91:1d:c3:2f:75:40:fc:d2:0e:20:b9:
ab:6f:8c:b6:2c:f8:cc:fd:b5:18:4d:51:9b:78:ad:2b:89:c7:
98:15:d7:bd:46:a9:de:d5:05:78:f4:54:c9:ed:b2:eb:4d:35:
25:a5:92:61:bb:3c:67:d5:b1:bd:30:32:cd:95:70:16:14:ed:
78:ea:b9:92:7a:06:ca:e3:17:0d:00:f2:fb:49:98:a5:84:18:
97:00:bb:af:fd:c5:59:2d:34:45:81:c7:d0:23:70:38:6c:33:
82:0f:fb:82:73:51:cf:de:5b:e6:4f:8f:dc:9d:07:28:67:d1:
39:26:e7:2d:b0:a9:a3:3f:2b:80:9e:56:e1:c2:2a:0a:c0:ff:
81:cb:48:22:3f:95:5d:1b:df:0d:36:aa:e9:45:a0:16:8e:99:
f4:06:3b:75:a2:65:69:a5:01:96:41:50:bd:9f:94:f3:4f:32:
94:f1:3d:78:90:f0:40:f3:3d:9b:da:98:1a:17:41:19:22:21:
e1:f4:44:d1:5c:00:76:f5:31:a6:e8:f8:a7:fa:a4:1b:67:02:
7a:d9:53:95
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKnT4pLshF83s1NxsYrqePC7m7EAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMTdaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyZDg1YmJkZmVhOWVlODRjZDk0MjhlZjA5MDE4ZDgxZjZmMDFhMjExMTRl
YWM5YjQ4YzkxNTNmNjE5ZDlhZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMewt3p9zNw0S2Qba1f+He128tuUmiMHFMnugi2l1OyzezM9gvUi0nB1i5xQ
QxgF9yyMdhXmtgYlpR7SjiYkmHXwxDUPJe89uYmxYg3FooMyYBb2lefSOispRrgY
VRVTMiyRGUtSnCH4wUQfm9Rg/2rw4KJsSRXUaXKZjigJL/PgHqCdk8w9XrokVyYW
6MW1FoJwjjosctzuSgga8AdrUDc+Oa1j9twKoZMEKhhMrEhfilWq0eVAyOrsvw9l
jjFw88tUzsZx7UyuFk5X0UkUwgF1VKa4HmhVL8SudUTNguS2wsgiJIbcjXOsDnxT
CDiseiN3LeoKtEWgp8MI1WudBysCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRy295X
y2k3U/H0gGVJM3d3kNT8yDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRkZDVkNTItZjA5Ny00YWEwLTlhNzEtYWE3YjY3NTJkY2FhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAC6JMA0G
CSqGSIb3DQEBCwUAA4IBAQAeEkHe86Ta/stoiSO3++ns4KLdXl0pz5R6q3wMNLFr
blfhIql9vWxszgWjkR3DL3VA/NIOILmrb4y2LPjM/bUYTVGbeK0riceYFde9Rqne
1QV49FTJ7bLrTTUlpZJhuzxn1bG9MDLNlXAWFO146rmSegbK4xcNAPL7SZilhBiX
ALuv/cVZLTRFgcfQI3A4bDOCD/uCc1HP3lvmT4/cnQcoZ9E5JuctsKmjPyuAnlbh
wioKwP+By0giP5VdG98NNqrpRaAWjpn0Bjt1omVppQGWQVC9n5TzTzKU8T14kPBA
8z2b2pgaF0EZIiHh9ETRXAB29TGm6Pin+qQbZwJ62VOV
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:13 2025 by rpki-client