Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
File: d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa (raw, json)
Hash identifier: q6uuvaBCgDElRPxRZWgm7+MpRdPzbexfUi9awbJLym0=
Subject key identifier: A5:58:B1:E2:3B:76:1E:89:FB:9F:F2:16:2C:E1:ED:2C:A3:A0:21:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C8A6CB3FFB4FB2B8E7EEFA9A44177E6440236C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
Signing time: Tue 04 Nov 2025 02:51:06 +0000
ROA not before: Tue 04 Nov 2025 02:51:06 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.224.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:8a:6c:b3:ff:b4:fb:2b:8e:7e:ef:a9:a4:41:77:e6:44:02:36:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 4 02:51:06 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=7ea166f7553ddf4c4750ae691df04ff068d7988e51728d01be874b0c0801549b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1f:03:3c:43:bf:b2:4c:82:1b:86:0c:b1:ca:
c7:29:50:b2:e3:da:e3:30:ca:ee:a1:9d:df:ca:09:
4b:fe:29:ea:4f:34:79:c4:d8:c5:a7:69:b3:36:8e:
ec:7a:03:1d:21:2b:90:da:b0:63:cd:71:e1:9d:49:
74:fc:6e:d3:d8:8a:d6:fa:fd:77:04:d3:8a:de:73:
09:1a:aa:81:87:6b:0d:bd:42:e8:97:c2:3e:c9:9b:
4e:fd:7d:6d:30:8d:7f:bf:9a:6f:23:87:a4:f4:ec:
c9:0e:1d:0b:a1:20:2d:b6:7f:a5:88:0b:50:87:65:
47:ad:c2:30:ac:df:8b:fa:c6:e7:06:c6:b3:e9:ef:
09:f4:8d:c1:1f:c5:52:67:20:f5:72:86:12:31:22:
a3:e9:6f:6e:75:47:ef:b1:50:0e:ef:28:0a:2f:79:
87:94:eb:6e:75:d1:55:4c:10:5a:ed:f1:29:6e:48:
d7:b9:8a:1b:32:c9:55:eb:93:1b:69:e0:89:03:8f:
f9:c8:f1:01:11:dd:d0:20:06:9d:14:43:a1:b6:d9:
5e:a2:1d:f6:f6:7a:e9:67:8e:5c:bb:29:ba:30:c1:
79:82:20:c8:6b:ea:1c:cd:71:bf:8f:ca:2a:e6:5a:
ab:e3:fa:76:da:d3:b4:83:33:91:b9:15:2a:0f:60:
71:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:58:B1:E2:3B:76:1E:89:FB:9F:F2:16:2C:E1:ED:2C:A3:A0:21:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.224.0/20
Signature Algorithm: sha256WithRSAEncryption
78:21:d0:b6:8c:c8:29:97:76:09:73:43:73:8c:27:ec:f8:5f:
f2:44:82:cb:3e:5d:f6:18:35:44:9d:cd:41:a6:f1:0a:f9:46:
f4:60:db:53:4b:9e:67:65:32:98:a9:9b:fe:0d:ba:c2:45:35:
66:3d:95:2e:d8:75:36:f3:fd:93:29:6c:ba:0c:92:2c:eb:e0:
bd:2e:7f:60:c4:4b:ea:55:26:ba:2f:26:fe:11:eb:8f:81:6e:
a7:f4:df:4d:d1:87:ac:af:a3:f7:20:8c:52:99:c3:73:87:f1:
0e:3f:cb:84:3a:d2:90:be:7c:58:40:2c:c1:69:c1:a8:38:25:
9a:b6:32:dd:04:1a:8d:7a:0d:86:85:5f:07:25:d3:30:42:26:
fd:2f:ff:00:57:c7:fc:36:fc:fa:86:76:74:ef:c0:76:df:e5:
e9:4b:aa:7c:85:dd:ae:01:0a:26:6a:b5:17:7c:51:73:55:5a:
c1:35:90:b7:46:11:67:91:38:e0:57:fd:a4:ee:d4:63:41:b8:
c0:82:84:c8:96:7b:82:c4:fe:6b:c3:9d:65:a1:cb:91:4f:3c:
d1:c9:4f:b6:bf:ae:cc:f8:6c:eb:a5:71:11:47:6d:a3:6b:07:
29:8e:bb:c4:3d:32:3c:8f:f5:ff:da:83:6d:ee:bd:8c:e8:15:
c4:85:d6:ab
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTIpss/+0+yuOfu+ppEF35kQCNskwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTExMDQwMjUxMDZaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlYTE2NmY3NTUzZGRmNGM0NzUwYWU2OTFkZjA0ZmYwNjhkNzk4OGU1MTcy
OGQwMWJlODc0YjBjMDgwMTU0OWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIfAzxDv7JMghuGDLHKxylQsuPa4zDK7qGd38oJS/4p6k80ecTYxadpszaO
7HoDHSErkNqwY81x4Z1JdPxu09iK1vr9dwTTit5zCRqqgYdrDb1C6JfCPsmbTv19
bTCNf7+abyOHpPTsyQ4dC6EgLbZ/pYgLUIdlR63CMKzfi/rG5wbGs+nvCfSNwR/F
Umcg9XKGEjEio+lvbnVH77FQDu8oCi95h5TrbnXRVUwQWu3xKW5I17mKGzLJVeuT
G2ngiQOP+cjxARHd0CAGnRRDobbZXqId9vZ66WeOXLspujDBeYIgyGvqHM1xv4/K
KuZaq+P6dtrTtIMzkbkVKg9gcVkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSlWLHi
O3Yeifuf8hYs4e0so6AhKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDgzNjRjMDYtYjc1ZS00ZDg1LThjOGMtYWZhZDRkZjdjZDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6J4DAN
BgkqhkiG9w0BAQsFAAOCAQEAeCHQtozIKZd2CXNDc4wn7Phf8kSCyz5d9hg1RJ3N
QabxCvlG9GDbU0ueZ2UymKmb/g26wkU1Zj2VLth1NvP9kylsugySLOvgvS5/YMRL
6lUmui8m/hHrj4Fup/TfTdGHrK+j9yCMUpnDc4fxDj/LhDrSkL58WEAswWnBqDgl
mrYy3QQajXoNhoVfByXTMEIm/S//AFfH/Db8+oZ2dO/Adt/l6UuqfIXdrgEKJmq1
F3xRc1VawTWQt0YRZ5E44Ff9pO7UY0G4wIKEyJZ7gsT+a8OdZaHLkU880clPtr+u
zPhs66VxEUdto2sHKY67xD0yPI/1/9qDbe69jOgVxIXWqw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:28:44 2025 by rpki-client