Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
File: 01bbf67c-f7ae-457c-80b3-728a951b236a.roa (raw, json)
Hash identifier: 0tOcAvq+KTy+uEW1GW4PCH3fXeNkniuB5WrmZrKysC8=
Subject key identifier: DB:6D:D4:74:C9:62:4C:61:BF:5C:E0:06:DA:0C:90:6D:5D:7E:41:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1840E53F7021C1F1CB4FDA377783FE0E03857E9A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
Signing time: Tue 19 Aug 2025 17:01:07 +0000
ROA not before: Tue 19 Aug 2025 17:01:07 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:40:e5:3f:70:21:c1:f1:cb:4f:da:37:77:83:fe:0e:03:85:7e:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:01:07 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=e9feccc288dd748a1120d428c9761725db7e1c62d7c8698ff2ded4e6f02ae337, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:35:ae:25:e2:78:b0:26:f0:69:7a:e7:d5:49:
90:77:5c:be:02:ce:b7:5e:ff:cb:65:8c:62:03:e7:
84:1c:c7:ed:d1:88:6c:08:98:ef:99:cd:ab:e3:70:
02:4e:9c:c3:2d:b6:0b:95:d6:d8:7b:b4:a5:69:fd:
84:f8:cd:f8:13:0c:19:5f:27:bc:cc:10:76:7e:d1:
62:6b:83:d4:fe:f1:fb:d4:24:37:3e:e0:2b:90:f8:
f2:82:04:c9:6c:a9:49:7d:7a:71:36:9c:c2:d7:ef:
57:2f:e8:2c:6c:2c:89:31:d4:cb:1e:84:9c:f5:31:
21:9e:e8:6b:ee:b0:87:75:62:e5:4b:66:e4:1a:e9:
d9:ad:fb:b2:ee:5d:a3:7f:56:8a:25:9f:b7:ee:0f:
2c:52:37:ec:b3:62:b6:2e:a0:db:9e:e9:2d:3d:8d:
03:3e:48:aa:32:7f:ca:d5:49:0e:39:86:98:cc:6a:
1a:33:9e:c3:81:69:b4:29:f0:1e:7e:cd:d5:c2:5c:
7e:9e:0f:00:f0:c2:6c:8c:78:08:e1:e4:dd:e6:63:
89:ec:4f:8d:b2:c6:f2:79:06:7f:95:77:a3:da:57:
b2:06:13:ff:9b:cd:0f:86:97:b7:52:30:47:d4:42:
83:02:55:9e:f9:2b:a0:cd:ae:f7:37:a8:2d:e0:0b:
85:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:6D:D4:74:C9:62:4C:61:BF:5C:E0:06:DA:0C:90:6D:5D:7E:41:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/18
Signature Algorithm: sha256WithRSAEncryption
15:58:83:5e:9a:28:0d:88:2d:48:3e:d8:f6:c1:a8:bd:b7:88:
e5:5f:e0:ff:52:eb:72:55:39:bc:a4:d5:23:81:ed:2b:95:a9:
bb:6b:34:19:4a:16:de:15:44:cc:e4:9f:0c:3a:6d:e4:ac:13:
5e:21:46:64:2c:0b:e8:38:c1:46:a2:6f:73:8c:52:08:a4:df:
f2:50:7f:36:9b:87:4f:4a:90:d7:26:af:c2:5e:2d:da:7d:9c:
80:61:06:0b:d1:1c:f6:02:6b:ff:60:00:f0:35:66:ec:60:3f:
f2:99:5d:2d:7a:e7:27:db:b9:49:f5:5e:21:b5:75:6a:af:a0:
bd:47:1b:f6:5c:9e:79:5a:b7:a5:66:07:36:a6:45:98:31:ed:
2b:29:5a:06:9a:ea:ae:ea:ea:a8:b2:43:b0:1e:5e:68:6a:69:
9d:d3:6c:90:2b:de:80:59:03:c8:2a:9f:f7:b2:79:a2:30:47:
31:17:c9:d1:c0:80:23:95:48:16:b2:1d:d8:c4:88:61:6c:57:
d4:8e:96:27:d2:ab:df:e6:78:a2:23:1c:40:ab:c7:c0:53:95:
91:c6:ea:c4:27:25:34:7f:2e:5c:4d:97:32:53:21:24:ac:77:
df:c7:37:f5:a1:7a:8f:77:23:d5:4c:99:db:82:4d:09:71:4c:
72:3b:d6:cc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGEDlP3AhwfHLT9o3d4P+DgOFfpowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAxMDdaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5ZmVjY2MyODhkZDc0OGExMTIwZDQyOGM5NzYxNzI1ZGI3ZTFjNjJkN2M4
Njk4ZmYyZGVkNGU2ZjAyYWUzMzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ01riXieLAm8Gl659VJkHdcvgLOt17/y2WMYgPnhBzH7dGIbAiY75nNq+Nw
Ak6cwy22C5XW2Hu0pWn9hPjN+BMMGV8nvMwQdn7RYmuD1P7x+9QkNz7gK5D48oIE
yWypSX16cTacwtfvVy/oLGwsiTHUyx6EnPUxIZ7oa+6wh3Vi5Utm5Brp2a37su5d
o39WiiWft+4PLFI37LNiti6g257pLT2NAz5IqjJ/ytVJDjmGmMxqGjOew4FptCnw
Hn7N1cJcfp4PAPDCbIx4COHk3eZjiexPjbLG8nkGf5V3o9pXsgYT/5vND4aXt1Iw
R9RCgwJVnvkroM2u9zeoLeALhakCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTbbdR0
yWJMYb9c4AbaDJBtXX5BjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDFiYmY2N2MtZjdhZS00NTdjLTgwYjMtNzI4YTk1MWIyMzZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEAFViDXpooDYgtSD7Y9sGovbeI5V/g/1LrclU5vKTV
I4HtK5Wpu2s0GUoW3hVEzOSfDDpt5KwTXiFGZCwL6DjBRqJvc4xSCKTf8lB/NpuH
T0qQ1yavwl4t2n2cgGEGC9Ec9gJr/2AA8DVm7GA/8pldLXrnJ9u5SfVeIbV1aq+g
vUcb9lyeeVq3pWYHNqZFmDHtKylaBprqrurqqLJDsB5eaGppndNskCvegFkDyCqf
97J5ojBHMRfJ0cCAI5VIFrId2MSIYWxX1I6WJ9Kr3+Z4oiMcQKvHwFOVkcbqxCcl
NH8uXE2XMlMhJKx338c39aF6j3cj1UyZ24JNCXFMcjvWzA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:54 2025 by rpki-client