Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
File: cda4310a-ca55-4999-9a56-f3175f246324.roa (raw, json)
Hash identifier: 2ZuySUB9EEZXHoMJqqsbJOb8GelPcFFzpTipprof7fc=
Subject key identifier: 93:72:C7:04:B3:EC:0C:55:C4:D7:ED:02:6B:47:A9:6F:FF:F0:9F:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7631BD23F4B08FD45C1BD3BDBC91A79B63512837
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
Signing time: Tue 04 Nov 2025 02:50:05 +0000
ROA not before: Tue 04 Nov 2025 02:50:05 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:31:bd:23:f4:b0:8f:d4:5c:1b:d3:bd:bc:91:a7:9b:63:51:28:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:50:05 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=a5bea4cd833431828d02f15ce70d1bc189848d689a06b979814427ff79bf7760, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ec:e2:59:fb:79:1e:cd:a0:0a:31:c6:4f:11:
82:fd:6d:86:65:43:c6:24:08:a5:cb:8e:33:a7:ae:
67:1b:a1:9c:b8:62:c1:47:7c:71:5d:a3:5c:e7:e3:
1f:9b:3f:09:65:1c:88:0d:e5:a1:78:d0:e5:79:d3:
07:7f:27:19:05:dc:0e:7b:56:07:fc:6e:dd:e0:21:
56:19:dc:5b:e7:67:46:33:c0:33:97:a0:a2:f4:e7:
1c:c6:c0:a7:e3:d3:ba:05:c8:69:33:31:77:92:aa:
1d:e0:2e:3c:64:56:e9:2a:83:78:1a:62:1b:2a:9b:
6a:0d:81:68:a0:ca:49:37:fe:0c:d7:9a:bd:ee:e7:
58:ae:64:68:d6:87:eb:d7:98:e7:2c:a3:10:62:96:
05:0e:9a:47:b9:22:28:fb:4d:27:c8:36:bf:c2:bc:
31:60:6d:2b:f2:0b:b6:ef:66:a1:1a:d6:db:a2:fb:
a9:de:20:ed:00:a9:60:87:77:73:a5:a8:e7:47:9b:
32:d5:67:f4:a3:da:9d:31:24:f5:60:ed:19:bd:69:
0b:75:f9:66:65:6c:72:d1:1b:5b:e2:91:1b:33:2d:
b1:dd:4b:75:2d:ab:90:a6:7e:cb:41:cf:80:68:6c:
29:89:ad:0c:f5:d6:ed:0e:97:c9:42:0a:19:09:6a:
ea:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:72:C7:04:B3:EC:0C:55:C4:D7:ED:02:6B:47:A9:6F:FF:F0:9F:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.152.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:b9:79:77:27:9d:26:ef:30:00:2f:a6:95:ca:04:e6:b1:10:
5f:c8:0b:54:62:57:17:6b:76:db:70:87:c7:ff:b4:6f:3b:03:
46:a3:9e:5a:a5:43:e0:ee:77:c9:b5:ee:b3:d7:20:bd:a2:59:
6f:89:32:00:fa:01:c0:50:57:a9:de:7b:68:f9:29:90:b4:ed:
12:71:a0:59:af:71:5b:89:81:d0:54:ba:c4:bd:cc:b8:db:3c:
ba:21:f3:a5:06:92:c4:59:a5:e6:3f:9a:5e:e9:56:12:9f:24:
1d:37:7c:3d:1a:af:24:64:00:5c:dd:4b:be:9c:6e:ed:78:d1:
d0:15:5e:55:e4:bc:04:46:59:18:ee:f6:ff:ef:fa:77:47:b7:
c6:19:90:5d:e3:3e:f4:a7:88:21:57:e8:fd:56:0a:e3:ce:ca:
99:1e:da:f7:64:af:7d:91:4a:a3:18:f7:d0:e2:94:fa:61:c8:
73:c0:4a:39:e6:aa:54:37:59:f7:6f:fd:cc:1c:69:f0:4d:3c:
87:ac:65:96:14:99:8e:98:98:70:85:ff:85:e3:59:ed:56:d0:
1f:bf:ba:71:58:ab:6a:00:d5:32:a7:31:a6:aa:36:33:aa:27:
83:d7:a6:7e:13:e2:d3:9a:a9:12:0f:37:fc:df:42:79:b0:13:
dd:2d:87:63
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdjG9I/Swj9RcG9O9vJGnm2NRKDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUwMDVaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1YmVhNGNkODMzNDMxODI4ZDAyZjE1Y2U3MGQxYmMxODk4NDhkNjg5YTA2
Yjk3OTgxNDQyN2ZmNzliZjc3NjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjs4ln7eR7NoAoxxk8Rgv1thmVDxiQIpcuOM6euZxuhnLhiwUd8cV2jXOfj
H5s/CWUciA3loXjQ5XnTB38nGQXcDntWB/xu3eAhVhncW+dnRjPAM5egovTnHMbA
p+PTugXIaTMxd5KqHeAuPGRW6SqDeBpiGyqbag2BaKDKSTf+DNeave7nWK5kaNaH
69eY5yyjEGKWBQ6aR7kiKPtNJ8g2v8K8MWBtK/ILtu9moRrW26L7qd4g7QCpYId3
c6Wo50ebMtVn9KPanTEk9WDtGb1pC3X5ZmVsctEbW+KRGzMtsd1LdS2rkKZ+y0HP
gGhsKYmtDPXW7Q6XyUIKGQlq6rcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSTcscE
s+wMVcTX7QJrR6lv//CfajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhNDMxMGEtY2E1NS00OTk5LTlhNTYtZjMxNzVmMjQ2MzI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JmDAN
BgkqhkiG9w0BAQsFAAOCAQEAurl5dyedJu8wAC+mlcoE5rEQX8gLVGJXF2t223CH
x/+0bzsDRqOeWqVD4O53ybXus9cgvaJZb4kyAPoBwFBXqd57aPkpkLTtEnGgWa9x
W4mB0FS6xL3MuNs8uiHzpQaSxFml5j+aXulWEp8kHTd8PRqvJGQAXN1Lvpxu7XjR
0BVeVeS8BEZZGO72/+/6d0e3xhmQXeM+9KeIIVfo/VYK487KmR7a92SvfZFKoxj3
0OKU+mHIc8BKOeaqVDdZ92/9zBxp8E08h6xllhSZjpiYcIX/heNZ7VbQH7+6cVir
agDVMqcxpqo2M6ong9emfhPi05qpEg83/N9CebAT3S2HYw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:46:49 2025 by rpki-client