Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
File: be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa (raw, json)
Hash identifier: adHYxrICh6NjU2JGpqQ2nfIEsvDwznTz1f4SztJiFVc=
Subject key identifier: 10:12:F2:6E:CE:63:A3:6C:DE:B1:D0:75:30:FC:C3:9C:1C:1D:4B:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13C4438906B4755FEFA1BC6E9D58CF1F2EF44736
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
Signing time: Fri 25 Jul 2025 17:00:23 +0000
ROA not before: Fri 25 Jul 2025 17:00:23 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.96.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:c4:43:89:06:b4:75:5f:ef:a1:bc:6e:9d:58:cf:1f:2e:f4:47:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:23 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=7a723c2e07e8ae2362d522a0577272232a99b7db5d4d5707d7a9d69b1f87a846, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:08:ac:40:78:95:86:f5:02:39:56:fa:9a:c5:
55:d8:65:c3:e1:c5:3e:06:fd:ae:34:f9:4b:c5:ce:
71:7e:51:e0:fd:40:cb:06:04:3c:b3:7a:87:c8:3a:
d2:32:c6:85:39:b5:80:df:11:8d:62:23:fc:3a:ab:
bc:2f:a0:4e:0a:b6:2c:25:63:e6:65:cc:5d:e4:6f:
9e:f5:31:e8:65:f3:2d:bf:5e:f5:2e:c1:83:3c:3a:
fa:0d:30:f7:47:9a:47:f9:d3:80:32:77:15:0c:dc:
82:5b:b1:47:42:e7:74:09:75:dd:2d:d0:44:83:00:
a5:79:27:9e:97:dc:29:8e:a7:b9:14:2f:1a:c2:be:
4f:0d:1b:47:9d:8f:c1:ca:3e:16:55:36:4d:69:b4:
9c:62:b3:92:b9:8e:69:32:e9:c4:bf:84:17:7c:88:
33:e1:b8:8f:9f:06:6f:a8:2a:c6:95:33:e7:54:60:
01:43:a9:43:3a:07:15:e5:cf:a4:35:79:ee:d2:11:
d0:e1:93:c9:97:7d:8c:e7:e4:f6:c2:37:8d:ce:db:
f2:de:88:58:9f:22:af:bf:ca:b4:f6:d1:61:98:aa:
1e:b2:af:10:e5:c0:aa:77:ec:ed:e6:a9:75:89:f9:
c2:f3:f0:9d:ee:56:de:80:f7:10:10:fa:e6:c9:b7:
e9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:12:F2:6E:CE:63:A3:6C:DE:B1:D0:75:30:FC:C3:9C:1C:1D:4B:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.96.0/19
Signature Algorithm: sha256WithRSAEncryption
9b:c9:3d:5f:6c:2f:ce:fa:1d:18:9c:23:45:c7:41:a9:5a:4b:
fd:6c:94:60:e6:a6:cc:5b:7e:c0:02:83:ef:27:31:6e:50:20:
51:e0:9e:f6:ca:e2:f4:05:3f:cb:25:36:55:39:0d:6b:ac:84:
b6:82:e0:22:55:33:f4:29:6d:bf:8c:2f:d1:86:9f:a9:6b:f1:
b6:0b:28:90:d1:40:15:c1:49:6b:03:dd:82:78:32:cc:e6:c9:
dd:ce:49:1c:7f:ce:44:f5:68:57:a0:d9:52:0b:58:9c:1d:b4:
db:51:66:a6:b3:0f:5a:7b:30:16:f3:26:f3:11:86:1c:21:ee:
d8:b5:4b:59:51:0b:8a:69:ef:e5:2d:c3:8f:20:d9:c4:2a:9b:
9a:34:c2:3a:ec:7c:26:9a:0a:ae:4b:ef:87:8d:9d:6b:60:6e:
1d:94:8b:57:48:19:b0:b2:bd:f8:30:9d:08:49:65:c6:e3:a4:
4f:29:11:94:88:b3:ee:5f:2a:0e:ad:b4:df:6e:88:80:6b:ef:
81:20:6c:b9:5e:d1:a7:2f:35:83:cd:90:f4:ec:4e:4e:89:2c:
40:73:76:51:ca:ed:45:0d:08:5c:eb:d9:38:5a:95:16:97:ef:
7c:a7:00:8a:5b:c9:3b:75:58:e8:96:cb:04:61:6b:2f:c7:7f:
90:32:99:d1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUE8RDiQa0dV/vobxunVjPHy70RzYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMjNaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhNzIzYzJlMDdlOGFlMjM2MmQ1MjJhMDU3NzI3MjIzMmE5OWI3ZGI1ZDRk
NTcwN2Q3YTlkNjliMWY4N2E4NDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQIrEB4lYb1AjlW+prFVdhlw+HFPgb9rjT5S8XOcX5R4P1AywYEPLN6h8g6
0jLGhTm1gN8RjWIj/DqrvC+gTgq2LCVj5mXMXeRvnvUx6GXzLb9e9S7Bgzw6+g0w
90eaR/nTgDJ3FQzcgluxR0LndAl13S3QRIMApXknnpfcKY6nuRQvGsK+Tw0bR52P
wco+FlU2TWm0nGKzkrmOaTLpxL+EF3yIM+G4j58Gb6gqxpUz51RgAUOpQzoHFeXP
pDV57tIR0OGTyZd9jOfk9sI3jc7b8t6IWJ8ir7/KtPbRYZiqHrKvEOXAqnfs7eap
dYn5wvPwne5W3oD3EBD65sm36cECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQQEvJu
zmOjbN6x0HUw/MOcHB1LnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2YjdjYjAtM2M1NS00YTY1LWIwMGEtNDViYzEzMTA4NjhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JYDAN
BgkqhkiG9w0BAQsFAAOCAQEAm8k9X2wvzvodGJwjRcdBqVpL/WyUYOamzFt+wAKD
7ycxblAgUeCe9sri9AU/yyU2VTkNa6yEtoLgIlUz9Cltv4wv0YafqWvxtgsokNFA
FcFJawPdgngyzObJ3c5JHH/ORPVoV6DZUgtYnB2021FmprMPWnswFvMm8xGGHCHu
2LVLWVELimnv5S3DjyDZxCqbmjTCOux8JpoKrkvvh42da2BuHZSLV0gZsLK9+DCd
CEllxuOkTykRlIiz7l8qDq20326IgGvvgSBsuV7Rpy81g82Q9OxOToksQHN2Ucrt
RQ0IXOvZOFqVFpfvfKcAilvJO3VY6JbLBGFrL8d/kDKZ0Q==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:34 2025 by rpki-client