Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
File: cda4310a-ca55-4999-9a56-f3175f246324.roa (raw, json)
Hash identifier: H82NKgT4S/RTtmPvKdfUc63xVArcNnnqqH6lYYu6fOI=
Subject key identifier: 23:50:AF:D4:96:7B:25:FD:43:4A:32:FB:77:AE:02:C9:FC:D6:7F:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A121C0091E96398D937C6A52F2020C185746835
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
Signing time: Fri 25 Jul 2025 16:51:12 +0000
ROA not before: Fri 25 Jul 2025 16:51:12 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:12:1c:00:91:e9:63:98:d9:37:c6:a5:2f:20:20:c1:85:74:68:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:12 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=0f7612a8f4b80bec9889d3ccdeda18c7c2d07d656c933b8fdfebd2523bbcb86e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:55:92:af:fa:ce:78:58:74:61:f6:77:55:35:
13:e1:f9:b2:bc:0c:b5:e6:f5:11:bb:18:3d:50:4f:
ab:ca:7a:44:c1:5c:22:4f:4c:94:23:14:b9:2b:7b:
0d:3c:8b:89:e2:b5:91:0f:13:36:d5:11:6c:87:f9:
06:2a:39:65:74:91:e2:7b:e7:d9:80:d9:ac:f5:95:
39:a4:d4:93:b1:b9:6f:86:aa:54:e0:b3:fe:c6:d6:
7f:ea:2a:6f:84:be:bd:02:41:33:ac:af:cd:2d:97:
64:54:f6:12:f7:2a:04:93:71:2e:c5:9f:5c:8b:fb:
c2:8b:f3:f7:72:ce:2b:8a:50:50:07:a5:05:aa:cf:
8f:65:ce:ee:70:59:60:df:16:3a:a0:8d:2f:f7:f6:
69:56:c0:e2:e4:d8:7d:2b:1d:c5:07:ad:f4:76:6b:
d8:00:83:8a:5b:07:58:92:24:00:58:9f:5d:a5:6f:
02:07:28:f2:16:c2:49:5e:33:d4:2b:82:03:46:a3:
75:4b:68:e4:eb:e2:4a:9c:fd:d7:f8:ce:ef:50:fb:
8c:f3:e6:c5:71:0e:34:1e:b5:4d:2e:86:80:06:60:
a9:61:90:22:e8:a9:58:74:21:39:26:67:74:68:04:
81:8f:3e:01:c5:10:3b:26:1f:93:86:b7:08:a8:b7:
91:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:50:AF:D4:96:7B:25:FD:43:4A:32:FB:77:AE:02:C9:FC:D6:7F:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.152.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:0a:4f:79:54:06:7b:e4:9f:6b:02:52:31:02:be:23:b7:d8:
36:36:63:65:40:a1:9a:15:5a:2a:00:89:48:16:cb:5f:ba:bb:
73:cd:ca:bf:4b:50:62:0a:d6:a5:05:0d:ae:93:a1:b4:66:a8:
12:33:67:5a:9d:d2:a3:df:45:84:9d:18:7f:0b:c6:6c:c7:17:
b3:91:95:02:ea:c8:ef:e7:4a:77:ad:6a:6f:13:8a:6f:4f:7f:
eb:d9:15:cf:91:eb:c3:6f:b4:b6:09:96:4f:6a:e1:c2:58:59:
9a:94:77:67:8f:a4:f0:b9:17:85:cc:80:b1:e8:11:73:d2:40:
65:12:7d:3f:37:b0:b7:64:bb:0f:79:17:9e:cf:5d:53:e4:66:
28:2c:22:8b:82:2b:09:15:43:85:75:ef:d5:d8:4b:c8:ef:ec:
99:3a:5f:4f:58:4f:45:ad:8a:a1:43:26:bc:7e:1e:9e:3e:de:
6c:9b:5e:5b:16:db:8b:d2:9f:21:93:fd:9f:1f:e2:e5:02:46:
5c:c4:8f:b0:23:22:c9:d1:7f:0b:20:ba:02:ea:27:28:6a:7f:
f3:c6:e3:c3:9d:1b:da:6b:39:b4:fb:12:b3:cb:6d:3a:b2:95:
40:e7:a6:2f:b7:e3:a8:5d:8c:cc:78:91:21:06:e4:00:77:6a:
7b:fc:57:f9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUehIcAJHpY5jZN8alLyAgwYV0aDUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMTJaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNzYxMmE4ZjRiODBiZWM5ODg5ZDNjY2RlZGExOGM3YzJkMDdkNjU2Yzkz
M2I4ZmRmZWJkMjUyM2JiY2I4NmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdVkq/6znhYdGH2d1U1E+H5srwMteb1EbsYPVBPq8p6RMFcIk9MlCMUuSt7
DTyLieK1kQ8TNtURbIf5Bio5ZXSR4nvn2YDZrPWVOaTUk7G5b4aqVOCz/sbWf+oq
b4S+vQJBM6yvzS2XZFT2EvcqBJNxLsWfXIv7wovz93LOK4pQUAelBarPj2XO7nBZ
YN8WOqCNL/f2aVbA4uTYfSsdxQet9HZr2ACDilsHWJIkAFifXaVvAgco8hbCSV4z
1CuCA0ajdUto5OviSpz91/jO71D7jPPmxXEONB61TS6GgAZgqWGQIuipWHQhOSZn
dGgEgY8+AcUQOyYfk4a3CKi3kcsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQjUK/U
lnsl/UNKMvt3rgLJ/NZ/pjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhNDMxMGEtY2E1NS00OTk5LTlhNTYtZjMxNzVmMjQ2MzI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JmDAN
BgkqhkiG9w0BAQsFAAOCAQEAuApPeVQGe+SfawJSMQK+I7fYNjZjZUChmhVaKgCJ
SBbLX7q7c83Kv0tQYgrWpQUNrpOhtGaoEjNnWp3So99FhJ0YfwvGbMcXs5GVAurI
7+dKd61qbxOKb09/69kVz5Hrw2+0tgmWT2rhwlhZmpR3Z4+k8LkXhcyAsegRc9JA
ZRJ9Pzewt2S7D3kXns9dU+RmKCwii4IrCRVDhXXv1dhLyO/smTpfT1hPRa2KoUMm
vH4enj7ebJteWxbbi9KfIZP9nx/i5QJGXMSPsCMiydF/CyC6AuonKGp/88bjw50b
2ms5tPsSs8ttOrKVQOemL7fjqF2MzHiRIQbkAHdqe/xX+Q==
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:03:01 2025 by rpki-client