Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
File: bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa (raw, json)
Hash identifier: F60JrL5PGoF07g7d2WFrmrMznT895d3BvQRBItef0gE=
Subject key identifier: 57:B9:B2:27:24:5B:0E:B3:1F:9B:50:B3:17:BB:9A:22:55:C3:A0:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5CB7CAB6C0B78C6818BD8390FE38410AB94AFE18
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
Signing time: Tue 04 Nov 2025 02:51:04 +0000
ROA not before: Tue 04 Nov 2025 02:51:04 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:b7:ca:b6:c0:b7:8c:68:18:bd:83:90:fe:38:41:0a:b9:4a:fe:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:51:04 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=af7f2b28c78ab7e3c645580c272d68d5cad0c9524a9781f103588c453277ab8d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:7b:4f:62:c6:90:5d:c7:2c:86:b9:43:f5:b3:
8b:a0:45:91:65:fd:fa:5a:84:cb:03:ca:4d:c6:35:
60:a9:d5:70:3d:ba:66:c4:ac:a4:74:2a:2b:74:06:
44:df:8e:bd:84:b9:4e:d5:b8:d3:3f:b0:56:a7:97:
50:fd:70:7a:7c:0d:19:c3:1e:c9:c5:9e:2f:86:a1:
73:e5:1f:c6:d1:88:96:b3:83:03:09:5e:e3:96:d9:
e4:e3:af:80:61:78:c8:13:98:89:68:de:27:4c:f9:
32:48:c9:68:99:ef:db:ac:85:73:b1:5c:37:f4:41:
c8:13:16:c9:12:ab:9a:90:0f:d8:15:ff:b8:1a:50:
c7:f5:3a:a7:f8:39:0d:27:91:3c:a8:17:57:c3:67:
0d:85:36:23:56:a6:12:34:b2:30:4c:23:b3:48:3d:
77:73:79:cf:3b:4e:8b:7c:74:13:59:5e:2b:41:9f:
9d:38:f1:64:44:ca:f7:f1:fc:f4:6a:12:5e:08:82:
ee:88:1f:6d:15:90:32:b1:08:d1:25:b5:3c:8a:a9:
2f:c2:02:b4:0f:37:5b:42:d4:15:ec:cf:20:d2:c3:
50:e6:90:61:4d:6b:4c:db:ee:b3:ae:ae:c5:4b:b3:
17:ff:d0:fa:69:40:01:67:e2:ed:fe:a0:3a:5e:f0:
9e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:B9:B2:27:24:5B:0E:B3:1F:9B:50:B3:17:BB:9A:22:55:C3:A0:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:7a:61:ac:e2:6c:d4:33:c6:81:81:d0:29:b2:ab:0b:41:e4:
7a:1c:3e:f5:2d:a5:89:65:1f:ce:cc:69:88:59:8a:bb:ee:c5:
87:cf:6f:c1:46:67:1e:c7:06:cb:94:f0:22:71:4a:48:9b:02:
7b:15:ca:eb:25:c1:2a:4f:f9:96:86:27:6a:59:e2:24:8d:40:
d3:87:e2:f4:b0:7c:e2:4a:26:57:f4:90:43:70:e4:29:9e:ed:
a0:10:b6:77:0e:d9:fd:40:91:3a:52:fb:e9:48:c9:17:10:50:
dc:c9:d8:3b:ab:5f:74:49:84:05:17:36:06:dd:3f:37:82:49:
3c:aa:be:88:82:75:37:7a:65:0e:34:bc:4c:f2:51:f4:64:ab:
3e:5e:fd:79:87:71:f8:8d:83:22:ba:4d:9c:ca:86:dc:de:c6:
39:fb:a8:80:a1:0d:cc:31:a5:ef:3f:57:3c:15:ff:1a:d6:4c:
fd:c5:3e:8f:ca:c6:f6:43:0c:70:f8:d0:3e:05:78:3f:db:da:
c6:f8:25:e2:03:c5:0a:25:61:2f:6f:ab:a2:80:af:57:9e:42:
a1:ff:49:4a:4d:81:9e:89:51:da:e7:69:b6:db:ca:70:35:56:
59:43:a0:54:96:f7:cd:f8:c3:8d:ca:46:e8:b9:38:3a:7d:ed:
ef:eb:d0:83
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXLfKtsC3jGgYvYOQ/jhBCrlK/hgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUxMDRaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmN2YyYjI4Yzc4YWI3ZTNjNjQ1NTgwYzI3MmQ2OGQ1Y2FkMGM5NTI0YTk3
ODFmMTAzNTg4YzQ1MzI3N2FiOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOV7T2LGkF3HLIa5Q/Wzi6BFkWX9+lqEywPKTcY1YKnVcD26ZsSspHQqK3QG
RN+OvYS5TtW40z+wVqeXUP1wenwNGcMeycWeL4ahc+UfxtGIlrODAwle45bZ5OOv
gGF4yBOYiWjeJ0z5MkjJaJnv26yFc7FcN/RByBMWyRKrmpAP2BX/uBpQx/U6p/g5
DSeRPKgXV8NnDYU2I1amEjSyMEwjs0g9d3N5zztOi3x0E1leK0GfnTjxZETK9/H8
9GoSXgiC7ogfbRWQMrEI0SW1PIqpL8ICtA83W0LUFezPINLDUOaQYU1rTNvus66u
xUuzF//Q+mlAAWfi7f6gOl7wngsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRXubIn
JFsOsx+bULMXu5oiVcOgBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRkZDVkNTItZjA5Ny00YWEwLTlhNzEtYWE3YjY3NTJkY2FhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAC6JMA0G
CSqGSIb3DQEBCwUAA4IBAQB2emGs4mzUM8aBgdApsqsLQeR6HD71LaWJZR/OzGmI
WYq77sWHz2/BRmcexwbLlPAicUpImwJ7FcrrJcEqT/mWhidqWeIkjUDTh+L0sHzi
SiZX9JBDcOQpnu2gELZ3Dtn9QJE6UvvpSMkXEFDcydg7q190SYQFFzYG3T83gkk8
qr6IgnU3emUONLxM8lH0ZKs+Xv15h3H4jYMiuk2cyobc3sY5+6iAoQ3MMaXvP1c8
Ff8a1kz9xT6Pysb2Qwxw+NA+BXg/29rG+CXiA8UKJWEvb6uigK9XnkKh/0lKTYGe
iVHa52m228pwNVZZQ6BUlvfN+MONykbouTg6fe3v69CD
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:43:59 2025 by rpki-client