Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
File: 46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa (raw, json)
Hash identifier: bZkYmjo3nxaVc3cjIXL3sHwzn/QrmVHxRNGpEv7NV5g=
Subject key identifier: 80:4A:DB:C2:D0:7A:02:D5:E8:38:94:80:5A:0D:90:3F:ED:7F:E4:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A3725EFBCAFCFC23D1869763CB224A5320182D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
Signing time: Tue 19 Aug 2025 17:01:24 +0000
ROA not before: Tue 19 Aug 2025 17:01:24 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:37:25:ef:bc:af:cf:c2:3d:18:69:76:3c:b2:24:a5:32:01:82:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:01:24 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=b56e5b50db0c53fb7798f2579f8935fbfd21327dcafe17821645ee39db8e1b97, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e7:a9:5a:33:97:2a:5f:dd:84:d5:1c:13:ad:
f9:98:90:77:be:b1:a5:f3:45:00:ec:4e:ca:18:4f:
c8:86:e2:34:d4:77:d9:9a:09:78:dc:36:eb:c2:4e:
1f:cf:95:fe:68:9e:34:1c:f3:52:78:81:50:c1:1c:
44:4f:ef:14:52:15:b5:e9:37:3f:18:17:53:49:f0:
5d:a3:3b:ac:36:de:78:06:c7:f9:06:cb:bf:63:fc:
d1:75:4f:95:59:d8:45:82:bf:c3:2f:ef:a8:da:00:
81:55:55:f9:cd:7f:2f:8d:d8:2d:7f:55:04:95:d0:
77:b6:70:b4:a8:08:cd:f0:ab:3a:30:b0:01:ae:e5:
86:9a:9c:50:bd:4a:0b:91:a8:4f:a4:86:8f:38:95:
3d:37:2f:e5:1a:80:ae:f0:54:ad:72:03:2e:26:0e:
bf:30:33:f3:6b:d1:72:48:61:51:46:f9:c6:ca:83:
f4:06:99:f5:b6:08:04:46:d3:67:68:b8:30:a1:d3:
41:79:8e:2a:0b:ff:00:5b:e0:18:65:88:24:b2:92:
30:52:3f:7a:b2:00:51:00:61:d4:37:4b:a3:30:8f:
09:68:fc:1d:63:37:1a:d6:3a:f7:bf:ca:82:48:e5:
64:74:06:06:3b:1f:b0:4f:17:eb:2f:76:4a:7d:fd:
07:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:4A:DB:C2:D0:7A:02:D5:E8:38:94:80:5A:0D:90:3F:ED:7F:E4:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.224.0/19
Signature Algorithm: sha256WithRSAEncryption
1b:42:92:8f:1f:a3:d0:6f:b2:cb:03:ee:86:21:93:d0:1e:b0:
e6:09:e9:77:da:51:36:85:2d:53:b7:cc:f1:26:93:6d:d4:18:
7a:ac:ab:af:05:55:cf:d2:5c:c9:2a:0a:0b:49:1d:7c:e1:b6:
cf:64:96:74:3d:c3:dd:0a:d3:d1:1a:97:c4:93:00:a3:4c:28:
58:f4:e8:cf:09:ab:17:e0:9d:d9:76:83:32:6c:cd:23:37:01:
df:0d:a2:23:f5:84:61:ce:d3:67:9d:95:f4:f0:20:64:a5:0d:
ee:35:7d:d5:c1:7f:fd:43:e0:5d:68:09:02:29:e0:e1:c2:a7:
cc:53:ee:f4:1d:d3:35:42:a0:09:d5:4f:06:ed:fa:67:75:6e:
80:01:4b:1a:90:2b:73:49:80:8a:3d:1e:dd:e7:de:7d:fd:f2:
45:d9:55:0d:67:18:77:bd:28:fa:37:e0:8e:bc:d9:1b:93:50:
33:3b:bf:7b:eb:db:56:25:bc:74:c9:ca:10:dc:a7:0e:e4:76:
5b:80:53:dc:82:e2:10:d1:81:3d:b7:63:ab:2c:d7:84:0b:ae:
09:7a:f3:52:3e:98:66:27:37:a5:d2:da:1b:32:11:d1:bc:09:
1d:01:50:af:84:d2:30:2f:7f:8f:cc:b1:2c:2a:4c:58:54:18:
87:97:dd:99
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCjcl77yvz8I9GGl2PLIkpTIBgtMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAxMjRaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1NmU1YjUwZGIwYzUzZmI3Nzk4ZjI1NzlmODkzNWZiZmQyMTMyN2RjYWZl
MTc4MjE2NDVlZTM5ZGI4ZTFiOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7nqVozlypf3YTVHBOt+ZiQd76xpfNFAOxOyhhPyIbiNNR32ZoJeNw268JO
H8+V/mieNBzzUniBUMEcRE/vFFIVtek3PxgXU0nwXaM7rDbeeAbH+QbLv2P80XVP
lVnYRYK/wy/vqNoAgVVV+c1/L43YLX9VBJXQd7ZwtKgIzfCrOjCwAa7lhpqcUL1K
C5GoT6SGjziVPTcv5RqArvBUrXIDLiYOvzAz82vRckhhUUb5xsqD9AaZ9bYIBEbT
Z2i4MKHTQXmOKgv/AFvgGGWIJLKSMFI/erIAUQBh1DdLozCPCWj8HWM3GtY697/K
gkjlZHQGBjsfsE8X6y92Sn39B+0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSAStvC
0HoC1eg4lIBaDZA/7X/k8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDZhMjFmZjgtNGRlYS00ZGE0LWEyNzYtNmI0MjRkNGUzYmVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6J4DAN
BgkqhkiG9w0BAQsFAAOCAQEAG0KSjx+j0G+yywPuhiGT0B6w5gnpd9pRNoUtU7fM
8SaTbdQYeqyrrwVVz9JcySoKC0kdfOG2z2SWdD3D3QrT0RqXxJMAo0woWPTozwmr
F+Cd2XaDMmzNIzcB3w2iI/WEYc7TZ52V9PAgZKUN7jV91cF//UPgXWgJAing4cKn
zFPu9B3TNUKgCdVPBu36Z3VugAFLGpArc0mAij0e3efeff3yRdlVDWcYd70o+jfg
jrzZG5NQMzu/e+vbViW8dMnKENynDuR2W4BT3ILiENGBPbdjqyzXhAuuCXrzUj6Y
Zic3pdLaGzIR0bwJHQFQr4TSMC9/j8yxLCpMWFQYh5fdmQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:13 2025 by rpki-client