Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
File: e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa (raw, json)
Hash identifier: HTgFj66Cg+4ajaJMJJ1qNRjc07cr1ypO1E8x/FKYmak=
Subject key identifier: 09:52:4F:4D:E6:6B:AA:7D:09:35:5B:7F:87:3B:41:86:45:0C:76:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BF115EE7A62E7C316E6134B5460AC5E1E652B69
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
Signing time: Fri 25 Jul 2025 16:51:17 +0000
ROA not before: Fri 25 Jul 2025 16:51:17 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:f1:15:ee:7a:62:e7:c3:16:e6:13:4b:54:60:ac:5e:1e:65:2b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:17 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=2ec0c824c2ef022b949fb3c09d1fc08ba77f4626991d37dfce37141ec0ffaa4d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f6:1b:24:2a:2b:92:93:84:c8:f8:b3:37:ae:
6f:07:75:67:b8:05:b2:c2:2a:d3:e3:67:a9:ed:3e:
53:73:eb:09:9c:af:d7:a9:62:7f:e4:0b:32:18:61:
56:8c:b4:3f:9e:83:f6:27:66:b8:ca:2f:8a:6a:3a:
0b:6a:09:ea:5c:51:81:a0:e3:b3:e1:23:9e:31:7c:
56:32:49:7f:3c:2e:b9:51:36:8f:a6:2e:ae:da:26:
10:8f:8e:00:74:65:62:40:50:16:6f:49:e6:cb:21:
dc:67:de:3c:0e:43:f5:19:9e:9e:f4:a2:83:1e:82:
14:03:5b:f6:3f:04:3f:2e:48:cd:cc:f6:ae:b2:58:
f8:1a:b7:a5:81:68:82:13:e1:de:57:5d:c7:86:e9:
02:d1:31:e5:83:1e:1b:2e:8c:c3:94:3a:b2:2f:17:
63:39:00:06:c0:cc:1a:2d:4f:11:14:27:0f:8d:0a:
70:69:e0:e0:f2:b6:74:6a:b1:57:68:72:bd:4b:3e:
88:4a:09:ac:65:8c:ea:59:ad:23:f1:a2:ad:39:e0:
e7:fc:9f:e6:ca:a9:58:d4:67:28:66:1e:8b:9b:dc:
e0:48:6d:1d:2f:68:f3:60:94:41:c9:27:63:42:37:
74:6e:a2:3d:22:c1:44:3b:85:01:12:0a:a1:38:2b:
ef:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:52:4F:4D:E6:6B:AA:7D:09:35:5B:7F:87:3B:41:86:45:0C:76:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.160.0/21
Signature Algorithm: sha256WithRSAEncryption
24:55:eb:d0:2d:5e:23:9d:53:2b:2b:c9:fc:31:66:51:01:35:
f5:84:f7:e1:dc:a4:fd:a1:7c:93:90:b7:65:57:ac:84:df:30:
10:73:1f:a0:36:98:26:c4:dd:f1:9d:a1:b4:7d:9a:47:e6:30:
a7:61:b7:a0:57:04:ee:83:3b:d9:b5:77:ec:45:c8:16:e0:a6:
da:a8:8d:fd:96:80:37:49:d9:4b:db:46:ba:60:4f:72:7e:cb:
4d:97:a2:fe:57:2c:f7:f5:92:d8:f0:6d:ee:e9:59:66:39:1a:
cd:fd:fe:db:83:2b:29:f8:87:33:a5:09:40:90:50:c9:68:10:
3e:70:77:b7:3f:53:54:7e:2c:ab:f9:16:3f:1f:2a:8f:46:ba:
35:40:5e:d8:d8:7f:db:80:fd:86:52:0f:14:e4:61:ba:6d:45:
81:56:29:08:44:68:eb:e0:d0:25:e8:a5:06:03:bc:82:06:ba:
db:68:f3:25:d9:78:4b:69:aa:ef:28:6e:bc:29:f2:1c:08:2a:
bd:28:47:31:a0:ee:9a:fb:9c:ab:cb:41:e3:6c:b6:4f:36:fe:
f3:4e:a9:29:ce:31:0d:80:71:32:80:0b:cf:e7:72:44:87:d4:
74:aa:19:f5:31:48:ca:04:56:ab:fa:cb:3f:11:c9:0d:33:7d:
11:ad:96:18
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUS/EV7npi58MW5hNLVGCsXh5lK2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMTdaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlYzBjODI0YzJlZjAyMmI5NDlmYjNjMDlkMWZjMDhiYTc3ZjQ2MjY5OTFk
MzdkZmNlMzcxNDFlYzBmZmFhNGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/2GyQqK5KThMj4szeubwd1Z7gFssIq0+Nnqe0+U3PrCZyv16lif+QLMhhh
Voy0P56D9idmuMovimo6C2oJ6lxRgaDjs+EjnjF8VjJJfzwuuVE2j6YurtomEI+O
AHRlYkBQFm9J5ssh3GfePA5D9RmenvSigx6CFANb9j8EPy5Izcz2rrJY+Bq3pYFo
ghPh3lddx4bpAtEx5YMeGy6Mw5Q6si8XYzkABsDMGi1PERQnD40KcGng4PK2dGqx
V2hyvUs+iEoJrGWM6lmtI/GirTng5/yf5sqpWNRnKGYei5vc4EhtHS9o82CUQckn
Y0I3dG6iPSLBRDuFARIKoTgr75cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQJUk9N
5muqfQk1W3+HO0GGRQx2DDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTkxYjYyYTktMjg4NS00NTA0LTg0YTQtYmEyY2MyZjJhYzgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JoDAN
BgkqhkiG9w0BAQsFAAOCAQEAJFXr0C1eI51TKyvJ/DFmUQE19YT34dyk/aF8k5C3
ZVeshN8wEHMfoDaYJsTd8Z2htH2aR+Ywp2G3oFcE7oM72bV37EXIFuCm2qiN/ZaA
N0nZS9tGumBPcn7LTZei/lcs9/WS2PBt7ulZZjkazf3+24MrKfiHM6UJQJBQyWgQ
PnB3tz9TVH4sq/kWPx8qj0a6NUBe2Nh/24D9hlIPFORhum1FgVYpCERo6+DQJeil
BgO8gga622jzJdl4S2mq7yhuvCnyHAgqvShHMaDumvucq8tB42y2Tzb+806pKc4x
DYBxMoALz+dyRIfUdKoZ9TFIygRWq/rLPxHJDTN9Ea2WGA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:54 2025 by rpki-client