Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2eab4c42-5a06-4b45-b0cf-92f23ba278f9.roa
File: 2eab4c42-5a06-4b45-b0cf-92f23ba278f9.roa (raw, json)
Hash identifier: EIzj0CojZpfzGlfSwvQrjNm03Awn/K2I1YVr+6kRrf8=
Subject key identifier: 95:D0:EB:6D:14:DA:B7:19:34:24:11:F7:54:AB:CF:0B:F2:57:FC:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14EAC1FDB566E6DDA17EDB14EEABAB68A8534292
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2eab4c42-5a06-4b45-b0cf-92f23ba278f9.roa
Signing time: Tue 19 Aug 2025 17:00:38 +0000
ROA not before: Tue 19 Aug 2025 17:00:38 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.224.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:ea:c1:fd:b5:66:e6:dd:a1:7e:db:14:ee:ab:ab:68:a8:53:42:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:00:38 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=acf05ae6f975088976ff2db6158d74e132e39c370078f692d7a784f1dc80ef91, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d5:17:9e:3e:25:a6:b2:40:cc:59:a1:c6:12:
cb:ea:99:e8:f5:6a:4f:87:bf:c1:93:ee:5e:82:24:
41:61:f0:34:b4:0b:28:22:26:1b:97:63:dd:74:f3:
b1:44:7b:0f:78:94:39:5a:76:1c:72:8b:52:f1:31:
4a:19:2b:36:eb:f5:00:05:64:6a:d5:fe:40:82:45:
af:fd:45:b2:76:90:5c:a1:32:cf:0a:18:e8:ab:d1:
be:9f:c1:04:00:6c:06:66:94:e3:47:38:b9:5b:ac:
89:04:64:b8:69:e4:d7:88:2b:c4:60:78:08:e3:6b:
53:38:48:a2:02:ad:03:a0:a2:0c:3d:2a:08:fa:c3:
0c:19:51:f4:d6:ea:2e:18:a9:2b:e1:f7:53:c5:ca:
09:a0:6b:d0:9e:44:69:f3:b1:4a:d1:1c:6c:e4:7e:
43:48:4f:4c:b9:30:3e:6a:2e:70:ce:34:75:77:3d:
c7:c4:66:72:bc:85:d0:88:0b:55:48:84:a6:d2:01:
31:23:88:21:b3:19:72:a4:ed:e8:9a:01:4d:5d:04:
6d:f6:55:f3:bf:57:41:85:7c:0c:5c:f3:aa:5e:bd:
72:b4:56:98:3e:bb:69:6f:b4:4d:6a:3c:eb:f4:0f:
d3:da:b9:36:19:aa:77:5a:1e:b1:15:4f:88:01:57:
c7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D0:EB:6D:14:DA:B7:19:34:24:11:F7:54:AB:CF:0B:F2:57:FC:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2eab4c42-5a06-4b45-b0cf-92f23ba278f9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.224.0/20
Signature Algorithm: sha256WithRSAEncryption
55:c8:83:7b:0f:fa:33:4b:9d:2e:c0:c1:c4:cc:d9:5a:4e:15:
17:af:ed:5b:00:f7:cf:96:36:67:5f:76:e2:c7:35:c2:82:1c:
e8:d8:2b:25:d6:9b:25:77:b9:2f:f0:d3:60:8b:07:17:f3:c3:
df:25:01:93:77:b0:d0:03:cf:96:17:4d:a9:68:de:1f:2d:da:
7c:fc:ab:43:64:be:27:96:46:f6:17:13:c7:52:2b:73:3f:bf:
12:3d:93:6e:6a:eb:94:86:37:03:d8:c3:30:f1:b3:8d:a3:5d:
0c:07:19:fc:e4:96:21:2e:a4:15:7c:81:94:93:40:4a:e1:65:
74:fc:eb:c4:1a:f9:b2:04:25:35:3f:d0:37:2c:84:d2:d8:d1:
59:96:ff:f3:0a:48:e9:a6:20:42:e9:84:4d:4d:d5:15:36:32:
ed:0f:77:b1:99:6e:d2:ba:a2:cb:0d:fe:f6:9e:02:17:9e:de:
03:84:87:14:b4:0f:2a:9f:d7:40:43:88:56:e3:5f:e7:6e:20:
db:8b:3e:04:88:e3:d6:46:63:d3:42:55:06:ac:43:a8:26:12:
3c:35:58:5f:c5:53:87:ea:28:28:ee:dd:98:fe:ef:cc:75:d2:
ee:9f:17:fe:3d:02:6d:01:fd:a0:4a:ad:32:b9:19:76:e3:e1:
aa:69:e7:7e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFOrB/bVm5t2hftsU7quraKhTQpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAwMzhaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjZjA1YWU2Zjk3NTA4ODk3NmZmMmRiNjE1OGQ3NGUxMzJlMzljMzcwMDc4
ZjY5MmQ3YTc4NGYxZGM4MGVmOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIbVF54+JaayQMxZocYSy+qZ6PVqT4e/wZPuXoIkQWHwNLQLKCImG5dj3XTz
sUR7D3iUOVp2HHKLUvExShkrNuv1AAVkatX+QIJFr/1FsnaQXKEyzwoY6KvRvp/B
BABsBmaU40c4uVusiQRkuGnk14grxGB4CONrUzhIogKtA6CiDD0qCPrDDBlR9Nbq
LhipK+H3U8XKCaBr0J5EafOxStEcbOR+Q0hPTLkwPmoucM40dXc9x8RmcryF0IgL
VUiEptIBMSOIIbMZcqTt6JoBTV0EbfZV879XQYV8DFzzql69crRWmD67aW+0TWo8
6/QP09q5Nhmqd1oesRVPiAFXx9MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSV0Ott
FNq3GTQkEfdUq88L8lf8AzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmVhYjRjNDItNWEwNi00YjQ1LWIwY2YtOTJmMjNiYTI3OGY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4z4DAN
BgkqhkiG9w0BAQsFAAOCAQEAVciDew/6M0udLsDBxMzZWk4VF6/tWwD3z5Y2Z192
4sc1woIc6NgrJdabJXe5L/DTYIsHF/PD3yUBk3ew0APPlhdNqWjeHy3afPyrQ2S+
J5ZG9hcTx1Ircz+/Ej2TbmrrlIY3A9jDMPGzjaNdDAcZ/OSWIS6kFXyBlJNASuFl
dPzrxBr5sgQlNT/QNyyE0tjRWZb/8wpI6aYgQumETU3VFTYy7Q93sZlu0rqiyw3+
9p4CF57eA4SHFLQPKp/XQEOIVuNf524g24s+BIjj1kZj00JVBqxDqCYSPDVYX8VT
h+ooKO7dmP7vzHXS7p8X/j0CbQH9oEqtMrkZduPhqmnnfg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:54 2025 by rpki-client