Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa
File: 11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa (raw, json)
Hash identifier: 9QRyOptMOfKQAeM+RxzmvpWUMf4ASvAFeFyTlZe36OE=
Subject key identifier: FC:34:B5:DB:39:25:6F:50:DF:DA:1F:75:02:C4:B8:86:2F:88:51:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D16D6227D2A94F6C34393EDF23351D22F518A59
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa
Signing time: Tue 19 Aug 2025 17:01:21 +0000
ROA not before: Tue 19 Aug 2025 17:01:21 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.64.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:16:d6:22:7d:2a:94:f6:c3:43:93:ed:f2:33:51:d2:2f:51:8a:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:01:21 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=1cbd0c6cd5d0d4eaf62de1384b64a1e62841b122dbbf8f01823d5ef338c543f4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2a:2a:14:c4:71:02:13:5e:68:81:8c:cd:7e:
5f:be:20:b1:32:bb:c6:8e:54:7f:97:37:d6:d3:31:
18:83:e8:90:96:1a:7b:e6:dd:e4:db:72:40:92:fa:
aa:eb:8c:61:81:4c:50:4a:ad:0b:cf:6e:47:a3:a5:
9b:64:3c:b6:1a:51:f8:3e:e5:1b:da:fb:ba:ea:99:
7a:6a:7e:92:15:e7:86:f6:86:ee:88:5e:83:18:a7:
7b:72:45:5c:63:63:9e:d3:48:f4:36:42:17:4c:6a:
b9:0b:4f:63:1b:85:7f:5b:82:08:91:a8:29:e2:4b:
72:d3:3e:6d:05:92:d1:e9:30:67:5d:b1:ec:b1:e6:
98:b6:bc:4b:a3:06:bb:8e:56:4a:e6:0c:5c:a2:e0:
2c:df:a9:d8:8b:66:ba:15:1a:af:73:21:3c:bc:ea:
be:ec:d6:90:bc:c2:1d:3e:06:e8:14:93:57:e1:d0:
1b:3b:7b:c3:fd:bd:f4:e7:88:55:5e:c2:71:b4:33:
a4:f4:48:35:47:99:4a:49:85:27:a7:d0:e6:c7:e3:
f3:cf:1c:20:d8:0b:f8:e3:a7:2c:46:8b:a4:cc:c3:
d3:8b:6a:f2:26:af:57:0c:88:e9:9b:2e:74:63:78:
85:92:ec:df:6f:dd:41:e2:dd:6c:32:b8:7b:03:66:
62:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:34:B5:DB:39:25:6F:50:DF:DA:1F:75:02:C4:B8:86:2F:88:51:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.64.0/21
Signature Algorithm: sha256WithRSAEncryption
80:2c:36:23:3c:5d:47:c3:2e:b7:60:18:24:04:70:43:d0:8f:
5c:c2:11:65:bf:8b:ea:90:e2:c7:a2:ee:8c:e6:f0:c0:78:63:
63:b2:67:ec:d7:63:17:0c:80:1d:36:74:9b:a8:de:e0:85:95:
86:7e:48:33:8a:fd:65:61:12:06:2a:e1:30:ef:59:d5:aa:c7:
e1:70:93:22:70:30:a0:3d:62:e8:ab:72:22:48:47:5d:d5:6c:
b5:15:bf:7c:06:23:0d:83:40:0b:0c:8f:af:16:5f:e4:51:e2:
3c:7f:7f:cb:eb:47:7f:14:b2:d2:a5:32:e3:7b:e9:8b:25:3e:
24:28:89:c6:10:24:d9:06:f2:35:38:ed:43:a0:29:ae:4c:dd:
7f:99:d2:c3:6c:4f:8a:05:89:7d:fa:fd:9e:97:16:46:11:6a:
ec:5b:93:0d:eb:95:60:db:9b:7b:89:19:8b:64:58:75:ef:53:
43:b0:49:fe:25:d8:1e:13:b2:31:fa:3d:b5:d5:f4:ce:fd:c8:
74:16:df:ae:a7:1d:d7:2f:c6:dc:1c:28:bd:65:c9:cf:00:dd:
86:c5:13:0d:2a:af:9f:52:b3:39:34:f5:29:7a:44:71:bf:1b:
36:8b:c5:ca:36:3c:87:05:7c:3b:85:ae:c5:eb:5f:71:d2:8f:
25:bb:68:b7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTRbWIn0qlPbDQ5Pt8jNR0i9RilkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAxMjFaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjYmQwYzZjZDVkMGQ0ZWFmNjJkZTEzODRiNjRhMWU2Mjg0MWIxMjJkYmJm
OGYwMTgyM2Q1ZWYzMzhjNTQzZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOUqKhTEcQITXmiBjM1+X74gsTK7xo5Uf5c31tMxGIPokJYae+bd5NtyQJL6
quuMYYFMUEqtC89uR6Olm2Q8thpR+D7lG9r7uuqZemp+khXnhvaG7ohegxine3JF
XGNjntNI9DZCF0xquQtPYxuFf1uCCJGoKeJLctM+bQWS0ekwZ12x7LHmmLa8S6MG
u45WSuYMXKLgLN+p2ItmuhUar3MhPLzqvuzWkLzCHT4G6BSTV+HQGzt7w/299OeI
VV7CcbQzpPRINUeZSkmFJ6fQ5sfj888cINgL+OOnLEaLpMzD04tq8iavVwyI6Zsu
dGN4hZLs32/dQeLdbDK4ewNmYgsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT8NLXb
OSVvUN/aH3UCxLiGL4hRSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFjOTI0ZTUtYjVhNC00ZTM5LWJkOWItM2FhMDQ2MzQyMTJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JQDAN
BgkqhkiG9w0BAQsFAAOCAQEAgCw2IzxdR8Mut2AYJARwQ9CPXMIRZb+L6pDix6Lu
jObwwHhjY7Jn7NdjFwyAHTZ0m6je4IWVhn5IM4r9ZWESBirhMO9Z1arH4XCTInAw
oD1i6KtyIkhHXdVstRW/fAYjDYNACwyPrxZf5FHiPH9/y+tHfxSy0qUy43vpiyU+
JCiJxhAk2QbyNTjtQ6Aprkzdf5nSw2xPigWJffr9npcWRhFq7FuTDeuVYNube4kZ
i2RYde9TQ7BJ/iXYHhOyMfo9tdX0zv3IdBbfrqcd1y/G3BwovWXJzwDdhsUTDSqv
n1KzOTT1KXpEcb8bNovFyjY8hwV8O4WuxetfcdKPJbtotw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:50:00 2025 by rpki-client