Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
File: 19bd833c-9eac-4b19-b264-a191d9c1b939.roa (raw, json)
Hash identifier: tNnzVXQ+G0ti0Oog/HtUG08lN6gLucSn1Mkf7ztLqAQ=
Subject key identifier: 0F:39:AF:21:0E:20:D9:B3:D4:67:55:F3:62:EC:57:8F:27:7A:7B:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D210F4387B877F1B955746C02696F3B84F74D00
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
Signing time: Fri 10 Oct 2025 17:10:45 +0000
ROA not before: Fri 10 Oct 2025 17:10:45 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.216.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:21:0f:43:87:b8:77:f1:b9:55:74:6c:02:69:6f:3b:84:f7:4d:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:10:45 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=5623b954074165d3f2bd2d8be30ea7797f737cbe78e86318503cc24f1dd44797, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f2:6d:47:16:2c:9f:65:0d:e5:f9:cf:18:a2:
a4:4e:0f:0d:a1:a0:57:c8:7c:ec:32:ab:88:a1:b2:
65:0a:cb:9a:87:64:0e:2d:d3:18:8f:16:38:d7:30:
19:3b:02:36:d9:a1:fc:df:39:bd:c2:5e:06:39:b1:
c2:18:2c:93:3f:1b:80:f1:0a:0b:24:4a:98:f7:54:
4c:8a:a9:03:e8:0f:4f:f5:fe:b8:e8:70:ae:29:35:
ef:d7:dc:59:b7:58:f6:ba:9c:93:b7:32:62:00:39:
dc:1d:86:b0:ba:ae:d9:d3:ad:fe:fb:e3:24:99:53:
85:7d:11:e1:4d:2f:a7:89:aa:65:6a:eb:26:26:73:
47:f9:25:0c:b2:87:52:d8:d5:40:8d:92:42:1d:6d:
5b:2f:46:5f:6c:07:60:a6:c0:2a:f6:c1:13:d7:2b:
53:b8:3d:a5:a9:f9:c2:2b:c2:1a:61:99:52:45:03:
79:40:87:28:60:ad:e7:d7:3e:f6:1c:62:e1:d2:56:
51:0d:29:0e:d8:32:fb:48:e2:bd:02:60:d8:e4:ab:
70:53:b8:36:40:c2:ae:a6:bc:c3:15:6a:63:cf:cf:
0e:d6:1a:81:d1:b1:5b:3e:ff:48:24:c3:fa:0d:f2:
12:4b:b6:e3:5f:c6:c8:e8:e4:f0:a8:04:ce:62:b1:
67:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:39:AF:21:0E:20:D9:B3:D4:67:55:F3:62:EC:57:8F:27:7A:7B:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.216.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:20:17:0d:01:63:66:42:e6:e8:cb:41:14:55:ef:61:d2:02:
88:4a:21:e1:2f:a5:d5:4e:bf:67:e1:5f:b3:ba:63:31:85:5a:
4b:77:8a:d4:c7:fc:07:fb:cc:2c:8e:a1:15:ac:b3:5e:e1:7d:
3a:7f:ad:1d:6e:d0:d6:84:94:08:bc:e7:44:d8:d9:45:99:e5:
43:37:e5:a5:cf:f1:99:e0:95:a0:27:b0:91:d5:fe:93:ed:be:
8c:28:64:b6:10:44:a1:a4:df:45:7f:d8:74:7a:7a:2e:fc:17:
7d:8e:b5:a9:f7:a6:98:d5:60:ac:e0:13:5d:66:34:69:85:88:
d6:84:a4:06:c3:e5:4f:6e:cd:a6:ef:28:4a:bc:8a:bf:be:a0:
8f:38:5f:ee:50:64:3e:44:2a:18:bc:7c:94:d6:72:02:77:df:
b7:37:c8:da:f3:93:bf:0c:d3:c5:2b:ee:3a:55:93:7e:97:ad:
56:bb:23:07:56:5a:bc:89:f7:91:3f:cb:60:72:a2:9c:c6:96:
a7:0f:86:4e:4a:fb:b9:b9:c8:35:57:d6:fc:87:5a:af:97:75:
03:a9:bf:2d:29:03:5f:2f:11:6a:1b:88:ec:74:43:a3:15:86:
62:89:1b:a6:01:ef:ee:e9:30:91:5b:38:e1:40:4a:29:37:6b:
44:b3:49:62
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfSEPQ4e4d/G5VXRsAmlvO4T3TQAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzEwNDVaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2MjNiOTU0MDc0MTY1ZDNmMmJkMmQ4YmUzMGVhNzc5N2Y3MzdjYmU3OGU4
NjMxODUwM2NjMjRmMWRkNDQ3OTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3ybUcWLJ9lDeX5zxiipE4PDaGgV8h87DKriKGyZQrLmodkDi3TGI8WONcw
GTsCNtmh/N85vcJeBjmxwhgskz8bgPEKCyRKmPdUTIqpA+gPT/X+uOhwrik179fc
WbdY9rqck7cyYgA53B2GsLqu2dOt/vvjJJlThX0R4U0vp4mqZWrrJiZzR/klDLKH
UtjVQI2SQh1tWy9GX2wHYKbAKvbBE9crU7g9pan5wivCGmGZUkUDeUCHKGCt59c+
9hxi4dJWUQ0pDtgy+0jivQJg2OSrcFO4NkDCrqa8wxVqY8/PDtYagdGxWz7/SCTD
+g3yEku241/GyOjk8KgEzmKxZ40CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQPOa8h
DiDZs9RnVfNi7FePJ3p7RjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTliZDgzM2MtOWVhYy00YjE5LWIyNjQtYTE5MWQ5YzFiOTM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4z2DAN
BgkqhkiG9w0BAQsFAAOCAQEAHCAXDQFjZkLm6MtBFFXvYdICiEoh4S+l1U6/Z+Ff
s7pjMYVaS3eK1Mf8B/vMLI6hFayzXuF9On+tHW7Q1oSUCLznRNjZRZnlQzflpc/x
meCVoCewkdX+k+2+jChkthBEoaTfRX/YdHp6LvwXfY61qfemmNVgrOATXWY0aYWI
1oSkBsPlT27Npu8oSryKv76gjzhf7lBkPkQqGLx8lNZyAnfftzfI2vOTvwzTxSvu
OlWTfpetVrsjB1ZavIn3kT/LYHKinMaWpw+GTkr7ubnINVfW/Idar5d1A6m/LSkD
Xy8RahuI7HRDoxWGYokbpgHv7ukwkVs44UBKKTdrRLNJYg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:12 2025 by rpki-client