Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
File: 968c7897-1d8d-4c3a-b38e-6602ae947f34.roa (raw, json)
Hash identifier: uJrkyRJCe1gm/qNLz7XaXmICTyNW8VQ5ygm+5SykWTA=
Subject key identifier: 74:4E:72:6F:25:74:A1:0A:FB:9F:8C:83:FE:51:71:05:3F:2F:6C:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54C040F777A3FEB0D2742D368E091DD0D0128756
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
Signing time: Tue 19 Aug 2025 17:01:20 +0000
ROA not before: Tue 19 Aug 2025 17:01:20 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.208.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:c0:40:f7:77:a3:fe:b0:d2:74:2d:36:8e:09:1d:d0:d0:12:87:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:01:20 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=d23741aa9acd8812d26bcf00f2361d3f49c782f3c1f69e91d486b0b3beae7c95, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d4:0b:c3:5b:af:f0:55:43:09:ce:cb:d4:b6:
71:6c:cc:eb:b9:05:32:8c:51:d9:6e:a6:f6:7e:86:
8a:6f:5a:17:c8:aa:a6:f1:8f:8a:af:72:91:64:dc:
c5:42:73:09:9f:6e:a4:ad:89:c6:5c:e0:1a:18:a3:
ad:b9:12:bd:38:d5:58:80:42:17:53:4a:ae:41:0f:
bc:88:05:37:36:36:2c:60:52:11:ce:61:fb:fe:70:
28:e6:45:f0:e4:72:36:59:c9:d6:f4:ff:e8:86:d8:
5e:43:2a:89:78:0a:3b:92:ad:a4:d2:08:e8:8f:81:
a7:7f:4a:0f:a5:bb:e1:08:79:b7:ee:2f:87:78:90:
8f:f4:c6:f7:49:1a:cc:95:db:9e:2a:a0:5c:99:22:
0f:74:24:3a:b1:a1:bb:0a:26:e2:70:58:20:9f:20:
8e:62:d7:08:2b:16:65:58:d7:0b:ce:48:90:04:a8:
16:d3:2a:47:16:eb:fb:e8:b9:5f:b0:81:35:60:9a:
2e:69:1c:3f:c3:8f:45:7a:5a:46:19:81:b8:e3:8e:
b5:ce:d5:00:0a:44:13:c4:57:55:d3:fe:f1:92:b3:
6e:f8:11:fa:03:82:3b:b7:37:8f:98:85:54:0b:a4:
1e:70:63:e8:a8:6c:11:ac:aa:69:f8:a4:14:e0:b3:
1c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:4E:72:6F:25:74:A1:0A:FB:9F:8C:83:FE:51:71:05:3F:2F:6C:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.208.0/21
Signature Algorithm: sha256WithRSAEncryption
34:05:f9:15:49:61:3c:d2:71:4f:4c:f6:d1:9b:96:43:43:00:
98:5a:b5:d8:59:0b:22:a7:8e:90:bd:c6:e2:7d:05:dc:b1:6b:
8d:ed:a0:2b:3e:97:f9:af:30:99:68:0d:6d:c9:94:bf:b3:97:
fa:70:e9:80:05:d2:db:97:dc:e8:f3:25:a7:17:61:64:e7:fb:
e1:70:d4:fc:c1:e8:39:a0:14:a8:a7:f7:af:2b:75:f5:6f:5b:
7a:c4:58:5f:93:2d:85:9c:bc:d7:7d:dc:75:e7:30:59:52:03:
11:77:9b:ca:b0:54:83:7a:e7:f6:10:ab:94:29:7c:db:ec:33:
49:bc:02:fd:d2:a4:70:50:9c:e8:3c:4e:3a:19:1c:ba:f6:66:
79:f6:9c:76:98:81:ee:eb:42:5f:d6:fe:f7:55:6e:54:e1:5d:
d7:07:85:35:4f:3c:a1:bd:0a:73:e9:62:b3:f7:c7:04:63:3a:
8a:78:9a:ff:fd:e9:af:d6:3a:b6:74:2f:cf:e0:0f:59:dd:1d:
db:e3:45:3e:aa:ca:6c:d7:16:71:e0:22:7a:ba:82:1d:f9:21:
7f:d5:89:21:7a:d2:a7:4f:6a:3b:36:86:30:92:44:7f:14:f5:
9a:e2:75:a9:42:07:ac:63:b7:68:16:bf:63:e7:04:a7:6c:ad:
b9:09:19:6e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVMBA93ej/rDSdC02jgkd0NASh1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAxMjBaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyMzc0MWFhOWFjZDg4MTJkMjZiY2YwMGYyMzYxZDNmNDljNzgyZjNjMWY2
OWU5MWQ0ODZiMGIzYmVhZTdjOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvUC8Nbr/BVQwnOy9S2cWzM67kFMoxR2W6m9n6Gim9aF8iqpvGPiq9ykWTc
xUJzCZ9upK2JxlzgGhijrbkSvTjVWIBCF1NKrkEPvIgFNzY2LGBSEc5h+/5wKOZF
8ORyNlnJ1vT/6IbYXkMqiXgKO5KtpNII6I+Bp39KD6W74Qh5t+4vh3iQj/TG90ka
zJXbniqgXJkiD3QkOrGhuwom4nBYIJ8gjmLXCCsWZVjXC85IkASoFtMqRxbr++i5
X7CBNWCaLmkcP8OPRXpaRhmBuOOOtc7VAApEE8RXVdP+8ZKzbvgR+gOCO7c3j5iF
VAukHnBj6KhsEayqafikFOCzHKcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR0TnJv
JXShCvufjIP+UXEFPy9sKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTY4Yzc4OTctMWQ4ZC00YzNhLWIzOGUtNjYwMmFlOTQ3ZjM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6J0DAN
BgkqhkiG9w0BAQsFAAOCAQEANAX5FUlhPNJxT0z20ZuWQ0MAmFq12FkLIqeOkL3G
4n0F3LFrje2gKz6X+a8wmWgNbcmUv7OX+nDpgAXS25fc6PMlpxdhZOf74XDU/MHo
OaAUqKf3ryt19W9besRYX5MthZy8133cdecwWVIDEXebyrBUg3rn9hCrlCl82+wz
SbwC/dKkcFCc6DxOOhkcuvZmefacdpiB7utCX9b+91VuVOFd1weFNU88ob0Kc+li
s/fHBGM6inia//3pr9Y6tnQvz+APWd0d2+NFPqrKbNcWceAierqCHfkhf9WJIXrS
p09qOzaGMJJEfxT1muJ1qUIHrGO3aBa/Y+cEp2ytuQkZbg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:31 2025 by rpki-client