Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
File: df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa (raw, json)
Hash identifier: yQ8FzDPsiJ7/k4dDI6y4sTIBhSsLo6GwukasgRcwG90=
Subject key identifier: 02:61:7A:7E:7B:0B:41:6A:D3:6B:A0:76:63:5F:60:A1:76:EE:4F:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50520CA863BFCCFB7F98E4FCBA625481528065B0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
Signing time: Fri 25 Jul 2025 16:51:11 +0000
ROA not before: Fri 25 Jul 2025 16:51:11 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.200.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:52:0c:a8:63:bf:cc:fb:7f:98:e4:fc:ba:62:54:81:52:80:65:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:11 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=23c0e94431e89e0903c9265a7d1cd97cc02f45a056461ae754238b80068269ff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:da:dd:7c:50:93:df:2d:2d:20:5e:c7:f5:b8:
85:2a:a7:2e:91:7b:32:52:3d:ea:cf:33:72:7d:0e:
04:70:09:75:58:1a:86:6e:75:98:20:92:83:5d:2d:
8c:c1:d2:1a:39:c6:7d:f9:9d:d2:55:28:0d:9e:5b:
87:1b:23:2e:88:48:07:28:df:cb:f1:cf:62:b4:15:
7d:78:66:f5:6c:46:84:3c:61:d3:1b:fa:d1:f0:4b:
2e:76:36:9e:be:67:b8:cf:6e:b9:3a:49:48:e2:06:
40:be:bb:68:cd:3e:8e:a9:ed:a7:c7:6a:e6:38:c5:
8f:f0:a5:dc:67:af:92:85:6f:56:4f:ad:40:b0:d5:
91:80:76:9a:e4:13:9b:2a:e8:30:4f:e6:d5:c8:41:
9c:0a:90:5e:e4:69:fd:27:07:e2:ae:b6:36:e2:55:
2d:98:bd:2d:29:d5:46:0f:67:c5:fb:7c:ef:7d:63:
6d:aa:fc:5e:ba:b5:1c:92:a5:6a:7f:df:7e:9f:5b:
fa:e6:fe:bb:49:1b:8f:e8:3f:07:36:90:97:25:61:
a3:ab:89:66:94:b3:64:b4:30:06:2d:c9:a2:f2:25:
de:c6:d4:79:ac:68:44:d1:d5:51:7c:ae:b1:32:43:
2b:8e:df:49:f8:48:6b:d3:6a:db:ab:f4:01:73:f1:
5f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:61:7A:7E:7B:0B:41:6A:D3:6B:A0:76:63:5F:60:A1:76:EE:4F:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.200.0/22
Signature Algorithm: sha256WithRSAEncryption
60:c4:56:1f:64:08:15:21:f0:5e:72:c0:e9:0f:36:51:11:5c:
2d:ef:65:30:d5:b1:da:a5:53:bf:a1:e5:74:fe:eb:70:6b:c4:
65:a8:d3:e1:0a:da:45:d0:c6:52:cd:1a:11:ed:c2:b4:a4:06:
45:c3:4f:be:0e:5b:8c:e7:5f:d0:52:75:26:70:d3:30:c4:0c:
30:07:3c:2f:6a:14:31:ba:af:d2:ea:58:0d:ae:42:36:01:b2:
de:57:19:cf:f0:0a:0d:ac:7f:8c:5f:88:97:c5:a4:90:4f:f2:
80:10:83:ac:92:3e:a6:d9:ea:c6:43:b3:5e:fc:12:fd:60:01:
30:bb:e6:18:64:57:b6:7e:cb:d0:c5:9d:0c:36:86:e1:a3:ea:
d6:23:2c:87:ec:ee:6e:24:af:ed:34:e7:65:8e:ff:26:2f:25:
dd:fc:3a:d8:34:1d:cc:09:30:1a:c6:7c:f2:5a:4c:48:fb:fa:
06:49:b3:98:fb:89:dd:7c:3b:50:41:b6:d8:d0:58:63:b3:f9:
48:80:fa:ab:c0:5b:42:72:ad:97:0f:e7:0d:f5:16:63:08:19:
b5:ec:36:60:a3:89:ed:6b:71:ba:ec:7b:1b:0a:28:7e:df:38:
72:1b:70:77:90:f6:76:11:c5:1f:f7:4c:35:29:89:65:70:5e:
bc:c8:17:c9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUFIMqGO/zPt/mOT8umJUgVKAZbAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMTFaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzYzBlOTQ0MzFlODllMDkwM2M5MjY1YTdkMWNkOTdjYzAyZjQ1YTA1NjQ2
MWFlNzU0MjM4YjgwMDY4MjY5ZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMja3XxQk98tLSBex/W4hSqnLpF7MlI96s8zcn0OBHAJdVgahm51mCCSg10t
jMHSGjnGffmd0lUoDZ5bhxsjLohIByjfy/HPYrQVfXhm9WxGhDxh0xv60fBLLnY2
nr5nuM9uuTpJSOIGQL67aM0+jqntp8dq5jjFj/Cl3GevkoVvVk+tQLDVkYB2muQT
myroME/m1chBnAqQXuRp/ScH4q62NuJVLZi9LSnVRg9nxft8731jbar8Xrq1HJKl
an/ffp9b+ub+u0kbj+g/BzaQlyVho6uJZpSzZLQwBi3JovIl3sbUeaxoRNHVUXyu
sTJDK47fSfhIa9Nq26v0AXPxXxsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQCYXp+
ewtBatNroHZjX2Chdu5P8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGY3NDBlMmYtOGNlNS00YjFiLWE5NWUtNjA0ODdkOTM4OGE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JyDAN
BgkqhkiG9w0BAQsFAAOCAQEAYMRWH2QIFSHwXnLA6Q82URFcLe9lMNWx2qVTv6Hl
dP7rcGvEZajT4QraRdDGUs0aEe3CtKQGRcNPvg5bjOdf0FJ1JnDTMMQMMAc8L2oU
Mbqv0upYDa5CNgGy3lcZz/AKDax/jF+Il8WkkE/ygBCDrJI+ptnqxkOzXvwS/WAB
MLvmGGRXtn7L0MWdDDaG4aPq1iMsh+zubiSv7TTnZY7/Ji8l3fw62DQdzAkwGsZ8
8lpMSPv6BkmzmPuJ3Xw7UEG22NBYY7P5SID6q8BbQnKtlw/nDfUWYwgZtew2YKOJ
7Wtxuux7Gwooft84chtwd5D2dhHFH/dMNSmJZXBevMgXyQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:47 2025 by rpki-client