Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
File: d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa (raw, json)
Hash identifier: 27xgB0FORfhG2bAGPVLRQWVuF9WIOS8Rg5z0SAPArYE=
Subject key identifier: B2:92:FC:57:F0:60:AB:A6:C7:99:A1:CF:81:33:E8:CD:F8:9D:57:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4200F49F949F4D29BFA06B0187557B9B86F70C9E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
Signing time: Fri 25 Jul 2025 17:00:19 +0000
ROA not before: Fri 25 Jul 2025 17:00:19 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.224.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:00:f4:9f:94:9f:4d:29:bf:a0:6b:01:87:55:7b:9b:86:f7:0c:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:19 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=78c3089b4fc391b33dfa3ae331159696aa300ece4c9c990b34a9cdd858465308, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a1:26:3f:28:c2:bd:7c:60:70:85:1b:a8:14:
f3:ab:2f:38:07:a8:ad:9a:e6:e8:74:ec:5c:22:96:
64:44:34:bb:e2:e9:79:4b:db:4b:4e:af:da:ff:89:
db:71:51:6f:f4:d7:19:41:b4:17:17:cb:c4:40:da:
0b:7f:9f:6e:91:59:6e:02:d1:7e:9f:fd:af:c5:69:
f4:2d:08:a3:fd:86:6c:87:92:fc:ca:dd:4c:2c:11:
6f:57:14:85:32:c7:9c:ca:97:70:10:bf:b7:8c:25:
bc:07:f6:0b:f3:5a:d8:c2:6b:3a:3e:cc:06:9c:e6:
e0:43:ff:aa:59:9c:48:05:f9:18:f3:84:d2:0c:c8:
6e:c8:e7:62:17:45:a7:d1:42:c7:f6:9c:09:a2:38:
80:d3:91:d3:32:8d:de:e2:a8:d9:ab:00:a1:9c:e4:
2b:36:01:7f:ae:55:9a:04:41:67:c4:2f:89:58:6e:
72:81:da:41:97:31:ac:5b:39:80:5e:ed:6d:6b:73:
b6:fe:db:7f:69:38:48:71:1e:76:90:bb:98:29:bc:
d8:87:0e:06:df:9d:0c:85:58:73:23:5d:d2:ff:65:
7d:af:63:c3:ed:1f:48:34:1f:5b:e9:3f:dd:a0:17:
38:33:24:4c:45:37:f9:1d:c0:e0:eb:9e:ae:ba:bd:
7b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:92:FC:57:F0:60:AB:A6:C7:99:A1:CF:81:33:E8:CD:F8:9D:57:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.224.0/20
Signature Algorithm: sha256WithRSAEncryption
5a:94:99:98:92:3f:a9:39:00:e7:4a:48:09:6f:26:68:81:42:
47:dd:e6:38:8d:23:c3:2a:06:98:80:51:c4:bb:e0:d1:85:e2:
87:ae:9f:1a:1b:01:cc:97:a1:fa:b7:77:44:26:f4:a2:ed:30:
aa:d8:29:f8:64:c4:a7:ca:a1:e5:96:b9:7a:1e:52:74:11:a1:
d0:99:ca:82:67:2e:6c:01:c9:54:3b:94:19:c1:66:24:94:e3:
bb:50:5c:97:a7:d5:0d:d1:cd:02:7a:94:bb:e5:0f:42:44:53:
09:90:a8:78:7e:bb:83:25:74:39:d7:24:da:1e:d0:62:1e:08:
e5:be:f6:a5:d3:a0:7b:d9:37:27:f1:66:49:95:5d:95:52:4b:
d0:0f:cd:82:d9:e8:1d:39:c3:8d:14:63:08:83:b3:85:a4:62:
05:91:9a:b6:7d:87:55:8a:e4:dc:34:7e:3f:10:09:9f:98:d8:
e7:0a:2d:e5:74:e4:18:da:01:d4:9e:ac:59:74:2b:e7:59:2c:
12:2c:3b:30:64:3a:09:6e:1c:30:52:b8:75:43:de:1a:26:54:
aa:c9:97:5c:85:c6:40:48:ba:69:09:7e:64:35:f7:30:c7:e2:
2e:9d:79:d1:f8:57:36:d2:79:f1:b5:51:83:1e:aa:57:3e:3f:
bb:98:95:3a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQgD0n5SfTSm/oGsBh1V7m4b3DJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMTlaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4YzMwODliNGZjMzkxYjMzZGZhM2FlMzMxMTU5Njk2YWEzMDBlY2U0Yzlj
OTkwYjM0YTljZGQ4NTg0NjUzMDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMahJj8owr18YHCFG6gU86svOAeorZrm6HTsXCKWZEQ0u+LpeUvbS06v2v+J
23FRb/TXGUG0FxfLxEDaC3+fbpFZbgLRfp/9r8Vp9C0Io/2GbIeS/MrdTCwRb1cU
hTLHnMqXcBC/t4wlvAf2C/Na2MJrOj7MBpzm4EP/qlmcSAX5GPOE0gzIbsjnYhdF
p9FCx/acCaI4gNOR0zKN3uKo2asAoZzkKzYBf65VmgRBZ8QviVhucoHaQZcxrFs5
gF7tbWtztv7bf2k4SHEedpC7mCm82IcOBt+dDIVYcyNd0v9lfa9jw+0fSDQfW+k/
3aAXODMkTEU3+R3A4Ouerrq9e0sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSykvxX
8GCrpseZoc+BM+jN+J1XazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDgzNjRjMDYtYjc1ZS00ZDg1LThjOGMtYWZhZDRkZjdjZDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6J4DAN
BgkqhkiG9w0BAQsFAAOCAQEAWpSZmJI/qTkA50pICW8maIFCR93mOI0jwyoGmIBR
xLvg0YXih66fGhsBzJeh+rd3RCb0ou0wqtgp+GTEp8qh5Za5eh5SdBGh0JnKgmcu
bAHJVDuUGcFmJJTju1Bcl6fVDdHNAnqUu+UPQkRTCZCoeH67gyV0Odck2h7QYh4I
5b72pdOge9k3J/FmSZVdlVJL0A/NgtnoHTnDjRRjCIOzhaRiBZGatn2HVYrk3DR+
PxAJn5jY5wot5XTkGNoB1J6sWXQr51ksEiw7MGQ6CW4cMFK4dUPeGiZUqsmXXIXG
QEi6aQl+ZDX3MMfiLp150fhXNtJ58bVRgx6qVz4/u5iVOg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:11 2025 by rpki-client