Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
File: 9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa (raw, json)
Hash identifier: bWEnyq5Qr+NbfdCamvh36+w43uK6OBwlTBJy1K/YMEc=
Subject key identifier: C7:8D:69:B2:D8:11:A5:47:C9:5B:35:88:BE:DE:A4:CA:02:CC:9A:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22B4B941D30659EB92D0057AACB3440DD03BE055
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
Signing time: Tue 19 Aug 2025 17:01:15 +0000
ROA not before: Tue 19 Aug 2025 17:01:15 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:b4:b9:41:d3:06:59:eb:92:d0:05:7a:ac:b3:44:0d:d0:3b:e0:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:01:15 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=abf01d438ebf522a411208a715bdcae6788a9236a04b1d865d3088b3da49732b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:3c:bc:ef:a7:97:de:f5:ad:5d:4f:ad:82:7b:
1e:40:d5:e7:e5:93:69:00:f3:76:f3:52:ba:9d:90:
6c:cb:fa:12:95:fd:2b:f1:7f:09:5b:ca:6f:26:96:
79:30:0f:91:23:d0:f5:3e:04:78:f7:09:18:31:f9:
59:dc:d0:a3:1f:32:c1:8b:82:e9:d2:af:4f:0c:ff:
a6:72:0e:f7:18:d1:35:a3:de:bf:82:08:51:b0:e1:
71:18:6a:ae:bf:22:a3:85:13:af:24:db:67:ee:69:
4e:cf:40:d4:03:26:21:42:7c:08:fc:6e:e1:20:76:
71:48:cb:b9:7a:95:72:ec:54:fe:c8:62:ee:80:c4:
02:15:cb:be:1f:a7:02:44:6d:d2:56:79:a0:1b:70:
53:64:b1:52:9b:0e:60:f6:43:bb:bf:83:88:31:f0:
a2:89:4f:a0:3f:e5:19:bd:59:9e:84:fd:3c:02:9e:
bd:e0:e0:67:9f:0a:94:b5:74:5f:d4:00:92:76:18:
d5:79:2a:4c:02:1c:fe:72:53:59:88:2a:ca:a4:87:
1d:db:c0:8e:b3:13:e5:60:68:cc:1d:f1:de:af:9d:
b8:c5:1a:c1:0a:64:93:c1:8c:72:0f:8a:56:07:4a:
b4:a6:b0:be:1d:88:ff:f8:e6:76:ee:a7:55:09:e8:
d6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8D:69:B2:D8:11:A5:47:C9:5B:35:88:BE:DE:A4:CA:02:CC:9A:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/21
Signature Algorithm: sha256WithRSAEncryption
c7:2c:2c:d3:4d:d3:a4:95:df:3c:df:d8:1c:b4:32:3d:a5:0b:
25:ea:0f:13:dc:8d:80:25:5c:bd:9f:3c:7d:4c:72:1e:59:74:
b3:10:fd:31:7f:72:88:eb:66:9b:60:51:e8:b4:00:32:18:d1:
6c:59:5b:62:bd:93:b2:5d:97:c8:93:ff:35:8b:88:69:d4:c5:
15:43:de:a0:61:7f:34:26:e0:6e:db:5f:ec:60:5e:dc:42:1f:
d9:8e:3f:3f:cd:5a:c9:f2:b9:aa:b8:c8:1c:b4:2e:af:9c:43:
09:e7:1b:da:93:b1:13:3b:99:63:5e:3b:03:9d:52:a3:a7:a4:
59:3c:92:78:9d:7b:f7:2a:7e:fb:1c:f2:2d:52:ad:71:eb:0b:
ca:8d:1b:10:88:8f:2d:f8:41:6a:e9:c8:a3:a5:00:a1:7d:06:
00:34:54:a5:43:ac:db:bc:06:ba:9d:3d:fd:f7:35:3b:7d:af:
9a:e1:47:d4:cb:17:9a:57:0b:1c:d2:77:db:bb:1f:91:aa:3e:
8b:1d:47:6f:36:f9:4f:b1:da:9e:82:ad:a4:ff:76:58:d7:47:
1c:b9:a1:61:04:b3:c2:61:25:87:ed:67:b5:a9:eb:cf:57:8f:
d1:d0:35:ec:1e:27:e4:3d:32:64:ea:95:df:75:9e:aa:13:ef:
0f:89:15:d4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIrS5QdMGWeuS0AV6rLNEDdA74FUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAxMTVaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiZjAxZDQzOGViZjUyMmE0MTEyMDhhNzE1YmRjYWU2Nzg4YTkyMzZhMDRi
MWQ4NjVkMzA4OGIzZGE0OTczMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO48vO+nl971rV1PrYJ7HkDV5+WTaQDzdvNSup2QbMv6EpX9K/F/CVvKbyaW
eTAPkSPQ9T4EePcJGDH5WdzQox8ywYuC6dKvTwz/pnIO9xjRNaPev4IIUbDhcRhq
rr8io4UTryTbZ+5pTs9A1AMmIUJ8CPxu4SB2cUjLuXqVcuxU/shi7oDEAhXLvh+n
AkRt0lZ5oBtwU2SxUpsOYPZDu7+DiDHwoolPoD/lGb1ZnoT9PAKeveDgZ58KlLV0
X9QAknYY1XkqTAIc/nJTWYgqyqSHHdvAjrMT5WBozB3x3q+duMUawQpkk8GMcg+K
VgdKtKawvh2I//jmdu6nVQno1jMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTHjWmy
2BGlR8lbNYi+3qTKAsyalTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTgzNGExMmEtYTVkOS00Y2FhLWFlMDktYjFlMzMyMzU5NmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAxyws003TpJXfPN/YHLQyPaULJeoPE9yNgCVcvZ88
fUxyHll0sxD9MX9yiOtmm2BR6LQAMhjRbFlbYr2Tsl2XyJP/NYuIadTFFUPeoGF/
NCbgbttf7GBe3EIf2Y4/P81ayfK5qrjIHLQur5xDCecb2pOxEzuZY147A51So6ek
WTySeJ179yp++xzyLVKtcesLyo0bEIiPLfhBaunIo6UAoX0GADRUpUOs27wGup09
/fc1O32vmuFH1MsXmlcLHNJ327sfkao+ix1Hbzb5T7HanoKtpP92WNdHHLmhYQSz
wmElh+1ntanrz1eP0dA17B4n5D0yZOqV33WeqhPvD4kV1A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:38 2025 by rpki-client