Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
File: fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa (raw, json)
Hash identifier: P/qQh5eHB1u4A3+wEstmUpJ5ZIwr67KaSAvlMPaI+Zg=
Subject key identifier: EE:50:F6:01:D8:2C:51:96:78:4D:C4:A5:BC:39:94:E4:DE:12:D9:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6489A0CF3F5E9C53F4836BE1B4F4056CED2E189C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
Signing time: Fri 25 Jul 2025 17:00:23 +0000
ROA not before: Fri 25 Jul 2025 17:00:23 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:89:a0:cf:3f:5e:9c:53:f4:83:6b:e1:b4:f4:05:6c:ed:2e:18:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:23 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=7c22f1ee1129d132b24baa6ce7262189b252d300dced40cfaceec92e95a0135b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:73:ab:db:a8:20:38:1d:cc:75:ea:4c:f8:23:
c8:f4:b5:ef:c0:40:d9:53:e4:df:69:d8:1d:53:78:
3e:4f:16:4f:da:f9:7c:a9:71:50:f3:cb:45:ba:0a:
83:16:98:63:8d:d2:ec:7a:ed:7d:cd:da:f6:f2:1f:
71:94:3c:d8:fa:22:a5:ed:4d:57:ba:69:5b:f7:a1:
83:56:1d:3f:26:ff:2d:86:f5:b9:67:19:c4:ec:bb:
d4:50:72:8f:d5:b7:06:ff:87:e0:31:6a:77:93:6f:
d4:a1:a6:fb:91:cb:72:f1:ac:91:fb:73:ce:f6:d5:
0d:ce:51:8d:ba:b7:e3:b9:95:fd:79:ec:7b:cf:cb:
38:93:01:2e:33:cf:ce:5e:79:b9:19:7f:b3:84:93:
9f:40:63:e8:22:4c:ab:49:b0:5b:7e:9e:33:19:d7:
75:8c:11:52:72:7f:cb:45:98:7c:a7:ab:f1:08:44:
b8:59:90:6b:bd:13:05:73:7e:d9:9d:45:6a:d4:26:
07:5f:1a:a0:9a:92:ea:72:4b:04:13:46:ac:55:60:
3c:e6:1b:ca:aa:44:25:f2:aa:de:aa:0b:0f:9e:e3:
aa:93:4b:5c:8f:33:02:a9:ce:6f:48:4d:98:5d:2e:
e8:1f:01:8c:41:36:f8:4a:1a:67:5c:52:06:cd:5e:
26:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:50:F6:01:D8:2C:51:96:78:4D:C4:A5:BC:39:94:E4:DE:12:D9:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/20
Signature Algorithm: sha256WithRSAEncryption
39:c6:df:72:cd:86:67:ae:d8:06:9e:bc:62:ae:d9:b4:7e:ae:
68:22:1c:e8:7f:47:06:eb:ab:4c:d2:ba:ff:b6:3b:d0:b0:62:
3a:94:75:79:ae:83:ac:be:27:f4:82:16:48:92:23:d3:41:a7:
7e:af:69:6d:a0:06:97:90:39:dc:48:af:66:7f:24:1c:b4:59:
b2:d4:9d:5d:c4:75:93:74:b0:0e:04:a0:69:e7:6d:d7:8d:62:
8f:7b:7e:17:3a:14:2c:a7:63:11:41:9b:98:2a:fd:61:51:cf:
1c:86:c3:66:e4:50:61:10:0c:13:82:20:cc:23:36:ad:11:e0:
f1:dd:91:1c:b9:8f:b1:db:2a:65:3c:67:df:96:9d:8b:15:27:
8f:69:41:d2:ba:64:b0:6b:b0:08:a2:9e:bb:a1:b0:d5:8a:d3:
a9:96:b6:c0:c1:04:fc:88:46:f1:50:83:1d:80:40:d8:79:0a:
77:04:a9:74:8d:af:2b:1b:84:36:1a:f9:58:eb:85:f4:62:9f:
05:2d:c1:e1:9e:d0:d1:d0:e6:ac:ac:50:51:ab:41:cf:c2:56:
9e:1d:e6:34:0a:63:aa:3d:8f:a1:77:ca:39:df:4a:38:9a:90:
8e:4e:6e:03:04:86:03:0e:d9:1f:cf:3a:b6:36:45:e4:0d:a3:
20:8b:3d:3f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZImgzz9enFP0g2vhtPQFbO0uGJwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMjNaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjMjJmMWVlMTEyOWQxMzJiMjRiYWE2Y2U3MjYyMTg5YjI1MmQzMDBkY2Vk
NDBjZmFjZWVjOTJlOTVhMDEzNWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIVzq9uoIDgdzHXqTPgjyPS178BA2VPk32nYHVN4Pk8WT9r5fKlxUPPLRboK
gxaYY43S7Hrtfc3a9vIfcZQ82Poipe1NV7ppW/ehg1YdPyb/LYb1uWcZxOy71FBy
j9W3Bv+H4DFqd5Nv1KGm+5HLcvGskftzzvbVDc5Rjbq347mV/Xnse8/LOJMBLjPP
zl55uRl/s4STn0Bj6CJMq0mwW36eMxnXdYwRUnJ/y0WYfKer8QhEuFmQa70TBXN+
2Z1FatQmB18aoJqS6nJLBBNGrFVgPOYbyqpEJfKq3qoLD57jqpNLXI8zAqnOb0hN
mF0u6B8BjEE2+EoaZ1xSBs1eJskCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTuUPYB
2CxRlnhNxKW8OZTk3hLZkjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNlZTY1Y2EtOWM2Ny00OTI1LWI0NmYtNjBlYzJlZWNiN2EzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEAOcbfcs2GZ67YBp68Yq7ZtH6uaCIc6H9HBuurTNK6
/7Y70LBiOpR1ea6DrL4n9IIWSJIj00Gnfq9pbaAGl5A53EivZn8kHLRZstSdXcR1
k3SwDgSgaedt141ij3t+FzoULKdjEUGbmCr9YVHPHIbDZuRQYRAME4IgzCM2rRHg
8d2RHLmPsdsqZTxn35adixUnj2lB0rpksGuwCKKeu6Gw1YrTqZa2wMEE/IhG8VCD
HYBA2HkKdwSpdI2vKxuENhr5WOuF9GKfBS3B4Z7Q0dDmrKxQUatBz8JWnh3mNApj
qj2PoXfKOd9KOJqQjk5uAwSGAw7ZH886tjZF5A2jIIs9Pw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:37 2025 by rpki-client