Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
File: 07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa (raw, json)
Hash identifier: oE8Yd2uISGpNOPVvi/FpkAhSnvEXoI2lCq719YhD5VQ=
Subject key identifier: 1D:20:DD:23:2B:69:14:C7:D3:E0:B0:C7:2C:7A:A5:97:14:44:46:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 368A713E2F088B10B8C074782162789FC5228370
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
Signing time: Fri 10 Oct 2025 17:10:36 +0000
ROA not before: Fri 10 Oct 2025 17:10:36 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:8a:71:3e:2f:08:8b:10:b8:c0:74:78:21:62:78:9f:c5:22:83:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:10:36 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=74ddc7fb7e1ba99614384ac25592ceccd66102bef48d519baa9ef74a45244f5d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8e:6d:7d:03:27:7e:2a:01:ea:30:b4:2b:3b:
1a:09:db:d3:93:b3:f5:b9:ff:a5:3b:0d:77:31:66:
3b:70:33:8d:f1:1e:e6:50:dd:89:05:f2:87:be:c4:
62:65:77:d8:dd:3a:7c:d7:35:bf:8b:bf:34:dc:04:
90:23:90:f5:0e:c9:70:b9:36:1e:23:39:06:64:9f:
0b:c0:ed:a7:d1:67:50:2a:c4:e5:d4:d6:11:a0:02:
49:97:3e:cc:38:cf:2e:2c:c7:0b:d9:75:c3:5f:a1:
3f:ca:2b:35:10:28:47:c3:47:9f:c8:28:c1:44:88:
ec:bb:58:31:77:b0:07:88:9b:e8:0d:d0:21:76:d9:
d9:83:e7:c1:40:f2:e2:38:e2:0f:47:b0:0d:5a:e8:
5e:cb:db:f6:9e:58:08:dc:d3:23:13:9a:db:00:c3:
11:5f:de:0c:19:ab:da:97:8a:73:98:5a:d7:4c:1e:
44:d5:5d:c7:b1:22:99:42:7d:6d:4d:c4:98:aa:a9:
d7:27:67:92:d2:1b:4f:7c:2f:73:40:6a:67:12:53:
65:09:87:ed:52:66:97:1f:5d:61:27:a2:57:bc:8a:
4e:9d:ef:e8:a8:b6:19:c0:b0:7a:4b:57:8c:e0:cc:
e9:8c:5f:ed:f3:99:df:f7:b7:2c:74:fb:d0:2e:57:
91:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:20:DD:23:2B:69:14:C7:D3:E0:B0:C7:2C:7A:A5:97:14:44:46:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.176.0/20
Signature Algorithm: sha256WithRSAEncryption
64:17:77:68:ca:b7:71:2f:92:41:57:d6:01:7e:4c:7e:2a:20:
df:48:fd:4a:0c:68:03:06:e0:69:67:59:fb:0e:54:f1:f9:b2:
c2:4d:30:51:ec:03:be:87:5e:97:5e:79:21:05:29:ba:15:78:
5d:ca:27:1e:21:d4:ae:08:26:db:84:7d:47:6f:22:39:30:2f:
0e:fb:7d:34:80:e1:fb:f0:c8:10:ce:22:78:b7:a2:e4:bc:1f:
f6:40:90:2d:97:05:3b:b1:ff:b2:a7:66:02:1d:47:65:41:72:
46:15:95:60:64:f6:e1:2d:bd:2d:8c:b7:39:0c:f2:61:22:98:
f9:b2:c1:03:0c:97:13:39:a2:81:97:33:41:c3:69:08:11:04:
d8:05:9b:bb:01:f2:5f:e5:39:b2:86:5e:e5:32:71:9a:61:be:
69:a6:43:e3:fc:ea:b1:c6:c5:a1:b4:35:88:cc:34:72:c3:07:
d3:9a:52:34:12:6c:c3:c9:fd:ba:70:0a:76:40:6c:79:73:25:
7b:50:ee:38:ee:ec:ca:0f:1f:8f:29:13:12:54:89:b1:bd:65:
a4:b6:12:d7:13:fc:0f:9e:a0:b6:09:9b:96:68:f9:15:27:fe:
1e:34:48:b7:96:f5:9c:66:cd:3f:4d:79:50:b5:99:1b:51:f1:
cc:23:38:77
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNopxPi8IixC4wHR4IWJ4n8Uig3AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzEwMzZaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0ZGRjN2ZiN2UxYmE5OTYxNDM4NGFjMjU1OTJjZWNjZDY2MTAyYmVmNDhk
NTE5YmFhOWVmNzRhNDUyNDRmNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+ObX0DJ34qAeowtCs7Ggnb05Oz9bn/pTsNdzFmO3AzjfEe5lDdiQXyh77E
YmV32N06fNc1v4u/NNwEkCOQ9Q7JcLk2HiM5BmSfC8Dtp9FnUCrE5dTWEaACSZc+
zDjPLizHC9l1w1+hP8orNRAoR8NHn8gowUSI7LtYMXewB4ib6A3QIXbZ2YPnwUDy
4jjiD0ewDVroXsvb9p5YCNzTIxOa2wDDEV/eDBmr2peKc5ha10weRNVdx7EimUJ9
bU3EmKqp1ydnktIbT3wvc0BqZxJTZQmH7VJmlx9dYSeiV7yKTp3v6Ki2GcCwektX
jODM6Yxf7fOZ3/e3LHT70C5XkW0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQdIN0j
K2kUx9PgsMcseqWXFERGljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDcxNDRmMzgtZWQ0Ni00MGJjLWEzZWQtMzA3ODVjMGNjM2UyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JsDAN
BgkqhkiG9w0BAQsFAAOCAQEAZBd3aMq3cS+SQVfWAX5Mfiog30j9SgxoAwbgaWdZ
+w5U8fmywk0wUewDvodel155IQUpuhV4XconHiHUrggm24R9R28iOTAvDvt9NIDh
+/DIEM4ieLei5Lwf9kCQLZcFO7H/sqdmAh1HZUFyRhWVYGT24S29LYy3OQzyYSKY
+bLBAwyXEzmigZczQcNpCBEE2AWbuwHyX+U5soZe5TJxmmG+aaZD4/zqscbFobQ1
iMw0csMH05pSNBJsw8n9unAKdkBseXMle1DuOO7syg8fjykTElSJsb1lpLYS1xP8
D56gtgmblmj5FSf+HjRIt5b1nGbNP015ULWZG1HxzCM4dw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:57 2025 by rpki-client