Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
File: 68677111-f27d-417a-8b43-a65f84482997.roa (raw, json)
Hash identifier: PFzhu6RxLf0OqCN6kVdOezePf9ydSMuCJlVxTLapK4E=
Subject key identifier: 69:58:D9:F6:28:B1:C7:B9:0E:DB:D6:FB:9F:89:6C:52:CB:E9:F7:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EA51DF71768786E01B9574D1CD655418DF5E405
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
Signing time: Tue 19 Aug 2025 17:01:04 +0000
ROA not before: Tue 19 Aug 2025 17:01:04 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:a5:1d:f7:17:68:78:6e:01:b9:57:4d:1c:d6:55:41:8d:f5:e4:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:01:04 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=9298327798cbac1074d4bc52ebf109308610f6826efc110adcd72c3f14b1c801, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5e:e9:a1:85:e9:8c:db:c9:89:bc:0b:c2:34:
47:50:13:7e:0e:d4:c3:a6:b3:45:c4:86:18:6d:6c:
b0:e9:32:77:15:94:57:84:6e:42:26:59:2b:a0:26:
c4:79:f3:59:c3:f6:8b:c2:d6:ce:8a:95:93:ea:95:
c1:6b:eb:5d:9a:fe:55:c1:84:8a:7e:25:82:99:b9:
d3:1e:0f:2e:eb:ff:3a:1d:63:74:6b:db:66:38:c2:
e4:4f:4b:83:ae:a3:e5:78:22:d1:b3:ad:98:92:e6:
98:f3:ca:86:ce:1a:a8:1e:cd:f1:fb:10:b9:1c:ba:
ac:9c:4a:f0:30:b2:c8:7d:34:d5:11:46:a0:71:63:
03:8f:8b:da:32:2d:8c:d7:46:44:65:35:b0:0f:78:
14:0b:ef:97:92:ba:3a:2c:67:12:5e:95:f0:5e:b6:
78:e4:d4:93:33:97:f7:90:e9:a1:21:38:41:71:12:
e1:c3:5f:6d:69:54:12:cc:eb:d8:9c:42:28:71:8a:
0e:3d:32:a5:35:ac:9d:47:c5:89:dc:50:64:85:c6:
f8:43:18:39:1f:83:62:87:dc:12:11:20:fc:5d:e4:
fd:01:77:dc:70:a7:02:79:4d:13:44:ff:61:c3:c7:
f1:99:fc:52:93:16:7c:47:0b:e6:fe:75:be:56:9b:
3f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:58:D9:F6:28:B1:C7:B9:0E:DB:D6:FB:9F:89:6C:52:CB:E9:F7:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/19
Signature Algorithm: sha256WithRSAEncryption
50:6b:5e:a0:29:57:5a:fe:a5:ae:30:30:3a:c4:72:c4:ae:59:
a3:d9:29:9e:fc:dc:7d:03:b9:78:76:03:6c:90:b0:ee:d2:08:
42:01:51:1f:24:f2:f6:68:f7:b0:d7:c1:75:79:95:00:3e:9e:
c1:62:52:e4:1e:cd:25:d7:24:2b:f5:1b:6b:7a:32:10:8a:11:
fb:52:bb:61:73:f1:24:4c:45:33:fa:d9:3b:56:27:ec:ec:67:
1a:8b:cb:de:f9:c7:09:3b:a4:f7:16:18:b1:e5:b5:59:74:da:
d2:1b:aa:01:17:28:ee:83:33:ee:d7:9b:1a:8f:ab:20:c4:1d:
54:dc:a8:72:0c:2e:39:4e:f1:36:c9:38:7d:97:c3:8e:87:3a:
55:e9:de:1f:93:c4:e1:21:29:0d:77:81:56:da:c9:3f:7a:5e:
dc:41:2e:cc:ad:2c:9b:84:8b:03:90:95:2d:86:c9:07:bd:a0:
47:0b:58:65:da:4e:c3:7c:9e:49:26:b0:63:5a:a8:f8:cd:15:
7c:1d:87:6c:cc:39:aa:6a:b0:d5:f5:c8:22:92:c7:55:9b:09:
23:6b:4f:73:a4:49:ac:a2:4f:93:b4:69:5c:fe:d1:7b:24:0e:
d5:d6:1f:28:39:5e:59:a7:38:63:1f:fa:e3:9c:55:8f:2e:99:
3a:df:a4:d7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXqUd9xdoeG4BuVdNHNZVQY315AUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAxMDRaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyOTgzMjc3OThjYmFjMTA3NGQ0YmM1MmViZjEwOTMwODYxMGY2ODI2ZWZj
MTEwYWRjZDcyYzNmMTRiMWM4MDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxe6aGF6YzbyYm8C8I0R1ATfg7Uw6azRcSGGG1ssOkydxWUV4RuQiZZK6Am
xHnzWcP2i8LWzoqVk+qVwWvrXZr+VcGEin4lgpm50x4PLuv/Oh1jdGvbZjjC5E9L
g66j5Xgi0bOtmJLmmPPKhs4aqB7N8fsQuRy6rJxK8DCyyH001RFGoHFjA4+L2jIt
jNdGRGU1sA94FAvvl5K6OixnEl6V8F62eOTUkzOX95DpoSE4QXES4cNfbWlUEszr
2JxCKHGKDj0ypTWsnUfFidxQZIXG+EMYOR+DYofcEhEg/F3k/QF33HCnAnlNE0T/
YcPH8Zn8UpMWfEcL5v51vlabP1sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRpWNn2
KLHHuQ7b1vufiWxSy+n39TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg2NzcxMTEtZjI3ZC00MTdhLThiNDMtYTY1Zjg0NDgyOTk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAUGteoClXWv6lrjAwOsRyxK5Zo9kpnvzcfQO5eHYD
bJCw7tIIQgFRHyTy9mj3sNfBdXmVAD6ewWJS5B7NJdckK/Uba3oyEIoR+1K7YXPx
JExFM/rZO1Yn7OxnGovL3vnHCTuk9xYYseW1WXTa0huqARco7oMz7tebGo+rIMQd
VNyocgwuOU7xNsk4fZfDjoc6VeneH5PE4SEpDXeBVtrJP3pe3EEuzK0sm4SLA5CV
LYbJB72gRwtYZdpOw3yeSSawY1qo+M0VfB2HbMw5qmqw1fXIIpLHVZsJI2tPc6RJ
rKJPk7RpXP7ReyQO1dYfKDleWac4Yx/645xVjy6ZOt+k1w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:06:23 2025 by rpki-client