Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
File: 07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa (raw, json)
Hash identifier: C+t+/wnE7sj0INjlv6dPT6EU8wcF9F0gU1UUz48fseE=
Subject key identifier: 31:CC:44:80:23:06:6E:7D:49:DC:20:9D:15:B2:F7:D6:93:4E:0C:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FD6F01E01ABD14B0530E6676FC4B44526042AD9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
Signing time: Tue 19 Aug 2025 17:00:02 +0000
ROA not before: Tue 19 Aug 2025 17:00:02 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:d6:f0:1e:01:ab:d1:4b:05:30:e6:67:6f:c4:b4:45:26:04:2a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:00:02 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=c9e720a73c2ea924c3bb0b59f12bb2c5b24102cc0522bda1fe0402301f644484, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:31:c5:2b:d0:3b:b9:c8:6e:67:1d:ce:90:1e:
1f:20:cd:7b:74:ed:b0:99:1d:ae:8d:47:c4:f6:7f:
bc:16:7c:2e:27:d3:3a:11:62:2d:7b:ea:3e:17:fa:
10:f6:39:cd:cc:14:c9:ee:02:83:90:bd:b9:73:b8:
42:79:21:b4:3f:1b:01:31:60:91:a9:5e:e7:dc:90:
21:3e:80:32:ff:b1:0c:52:af:37:87:57:30:be:f7:
3e:d8:b4:40:e5:b6:7c:dc:65:91:70:07:be:db:c6:
cb:56:94:f6:c1:8c:4b:56:2f:c2:a2:39:b9:ac:27:
c7:ab:2e:1a:81:39:bd:fd:54:56:b1:77:f0:95:0a:
c2:59:6d:64:50:f6:de:bb:0e:4a:6d:6a:e9:fa:e3:
2c:2c:df:83:f6:30:85:3c:a4:c2:eb:b5:b9:5f:b0:
7d:0f:3e:09:50:4a:d0:7a:86:d8:7b:11:34:b7:a5:
94:2d:dd:b8:e7:06:94:b5:aa:a3:21:4c:a3:0c:fc:
db:4e:99:6c:19:5d:89:7b:3d:df:09:cd:9a:b8:de:
c2:41:ca:46:49:55:8b:cb:61:be:38:13:42:77:65:
62:6c:2c:9a:10:cf:8a:fe:3c:0d:04:a7:94:42:d3:
2d:f4:16:7b:55:8e:d0:bd:ab:f4:42:b1:09:d4:2a:
0b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:CC:44:80:23:06:6E:7D:49:DC:20:9D:15:B2:F7:D6:93:4E:0C:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.176.0/20
Signature Algorithm: sha256WithRSAEncryption
4c:32:f0:84:26:90:87:b8:44:32:e8:0f:c7:c0:05:ab:f4:a0:
49:f9:58:27:e3:35:02:92:bc:34:67:bb:60:22:d4:5f:39:23:
21:ae:ce:ba:ad:c4:5e:13:c5:55:6d:95:3c:35:dc:81:f3:50:
08:1a:aa:15:ec:6f:6f:ec:7d:22:70:74:cf:ab:ba:98:1d:95:
f5:a8:6f:a9:d0:23:47:68:43:18:21:6e:2f:43:31:84:0a:1c:
5d:8d:fc:90:42:23:e7:6e:5f:6a:dc:61:29:bc:c1:c7:6e:6f:
79:97:7b:0d:86:d1:ab:51:93:ce:a5:74:30:a2:20:08:0d:f6:
aa:b9:d5:4f:0c:65:cd:ea:be:5a:f5:33:3a:b9:f7:c9:bb:c0:
ce:a6:d5:87:df:06:83:de:cd:b6:0c:dc:a4:74:2c:84:35:25:
11:d2:9d:49:83:d3:79:c0:26:48:01:eb:cf:26:ac:75:68:80:
90:57:f3:9d:3d:4d:d9:50:77:0f:48:04:05:84:ac:b2:d2:04:
76:f1:5d:78:6f:0a:e3:aa:ed:a2:a4:03:19:51:08:57:d0:0d:
93:2e:02:83:39:1d:0e:c5:ad:62:5e:6c:27:25:82:58:a1:ab:
2d:af:4d:63:2c:a6:29:03:0d:80:ad:ab:47:12:4f:8c:39:11:
33:fc:b5:bc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUD9bwHgGr0UsFMOZnb8S0RSYEKtkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAwMDJaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5ZTcyMGE3M2MyZWE5MjRjM2JiMGI1OWYxMmJiMmM1YjI0MTAyY2MwNTIy
YmRhMWZlMDQwMjMwMWY2NDQ0ODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0xxSvQO7nIbmcdzpAeHyDNe3TtsJkdro1HxPZ/vBZ8LifTOhFiLXvqPhf6
EPY5zcwUye4Cg5C9uXO4QnkhtD8bATFgkale59yQIT6AMv+xDFKvN4dXML73Pti0
QOW2fNxlkXAHvtvGy1aU9sGMS1YvwqI5uawnx6suGoE5vf1UVrF38JUKwlltZFD2
3rsOSm1q6frjLCzfg/YwhTykwuu1uV+wfQ8+CVBK0HqG2HsRNLellC3duOcGlLWq
oyFMowz8206ZbBldiXs93wnNmrjewkHKRklVi8thvjgTQndlYmwsmhDPiv48DQSn
lELTLfQWe1WO0L2r9EKxCdQqCyUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQxzESA
IwZufUncIJ0VsvfWk04MuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDcxNDRmMzgtZWQ0Ni00MGJjLWEzZWQtMzA3ODVjMGNjM2UyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JsDAN
BgkqhkiG9w0BAQsFAAOCAQEATDLwhCaQh7hEMugPx8AFq/SgSflYJ+M1ApK8NGe7
YCLUXzkjIa7Ouq3EXhPFVW2VPDXcgfNQCBqqFexvb+x9InB0z6u6mB2V9ahvqdAj
R2hDGCFuL0MxhAocXY38kEIj525fatxhKbzBx25veZd7DYbRq1GTzqV0MKIgCA32
qrnVTwxlzeq+WvUzOrn3ybvAzqbVh98Gg97NtgzcpHQshDUlEdKdSYPTecAmSAHr
zyasdWiAkFfznT1N2VB3D0gEBYSsstIEdvFdeG8K46rtoqQDGVEIV9ANky4Cgzkd
DsWtYl5sJyWCWKGrLa9NYyymKQMNgK2rRxJPjDkRM/y1vA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:13 2025 by rpki-client