Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
File: 9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa (raw, json)
Hash identifier: ag0yNFvMVdGgY6KkYFxN3Nmb12gQNbcpJD71tAjTs3s=
Subject key identifier: 59:CA:C1:E6:6F:0D:E4:72:E2:5E:46:1A:BF:EA:6A:9C:C0:77:74:E9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5471A83F9FAC14529FB48E9ED47F35EBB186C343
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
Signing time: Tue 19 Aug 2025 17:01:09 +0000
ROA not before: Tue 19 Aug 2025 17:01:09 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.216.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:71:a8:3f:9f:ac:14:52:9f:b4:8e:9e:d4:7f:35:eb:b1:86:c3:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:01:09 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=fa6966d85ce5a8c81f211fb364ae14fbefa9f02706f4c4bdb6aa7b628a438f12, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:af:ba:45:c5:a7:54:a1:6e:f1:ad:cf:65:64:
3e:d5:15:ff:9e:49:8c:b7:52:88:c8:08:d9:99:ac:
6d:3e:69:35:9c:09:10:b6:7c:6f:fa:f9:cd:5f:27:
0c:7b:79:2a:be:7d:6b:56:19:13:cf:9c:e5:9e:f8:
f0:6e:60:09:a9:50:67:c4:3f:55:e4:71:b1:ec:b2:
35:73:4f:ed:e3:1b:f6:0f:8e:e2:08:b8:48:f0:c3:
2d:d7:6a:7f:d6:7a:5e:9d:67:2c:3f:c9:9a:7e:11:
2f:7d:b5:09:15:7f:bd:49:3d:33:01:44:cf:a8:6e:
24:7e:1b:3b:ed:33:55:79:94:d8:d9:7a:3d:11:03:
2c:ca:51:d7:23:99:dc:43:2f:ac:ec:bc:2f:2c:0e:
f2:cd:fb:55:4b:7e:12:58:fd:1b:d0:9e:5a:af:43:
c7:a5:f6:b6:00:bc:46:54:a2:28:d2:21:d7:f1:c1:
15:4a:04:c5:05:f6:3f:37:82:2d:b7:6d:3a:e4:d1:
2a:5d:b1:e9:a9:12:2f:31:3f:a9:7e:04:48:db:64:
32:00:ba:e3:19:da:bd:17:1c:56:86:82:15:2a:a0:
e4:af:f6:4b:99:57:1b:38:60:c6:b0:f8:ca:76:26:
78:49:79:65:bc:ef:ba:26:39:66:21:aa:d2:6a:f8:
53:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:CA:C1:E6:6F:0D:E4:72:E2:5E:46:1A:BF:EA:6A:9C:C0:77:74:E9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.216.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:1b:16:09:79:51:64:89:17:ae:d2:ba:e0:da:6f:4e:2a:3f:
aa:e7:4d:d0:7a:2e:88:5e:52:6a:28:de:5c:e3:b7:11:35:aa:
dc:53:ac:ef:e0:56:44:64:59:a3:5a:46:60:cc:60:66:a6:b7:
cb:df:93:c4:0f:d8:7b:9e:2a:1d:d7:ce:55:cd:60:1f:ee:d4:
31:64:3b:a3:a2:ae:06:de:e9:c1:c5:ba:5f:e8:9e:42:48:59:
f6:52:c5:6c:f1:48:ba:fe:70:dd:fb:3b:dc:ba:18:5e:2f:e4:
ce:0c:5e:42:05:bd:c1:ff:49:aa:21:4a:fc:82:27:75:76:1c:
41:39:91:45:66:8d:e0:e2:64:5c:51:9d:8d:c6:9a:16:34:74:
c4:fc:35:98:4d:f2:d6:20:97:5c:63:b0:43:22:5e:91:00:9e:
a3:c0:ad:14:e9:9c:5e:0e:4d:71:e1:ea:fc:25:13:4b:8a:55:
08:b0:fb:90:32:c2:3f:1d:6f:4a:1c:2d:24:b7:08:87:f5:d5:
c2:9b:9c:0c:b0:98:39:61:6f:e9:32:e7:b2:70:3f:4d:44:fe:
63:49:f8:95:7d:9f:8d:ca:09:89:95:d7:9d:ff:61:d2:17:29:
ec:a7:48:a3:06:e5:4a:a4:08:03:62:a7:95:bf:a8:e7:35:04:
7c:de:46:38
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVHGoP5+sFFKftI6e1H8167GGw0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAxMDlaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhNjk2NmQ4NWNlNWE4YzgxZjIxMWZiMzY0YWUxNGZiZWZhOWYwMjcwNmY0
YzRiZGI2YWE3YjYyOGE0MzhmMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCvukXFp1ShbvGtz2VkPtUV/55JjLdSiMgI2ZmsbT5pNZwJELZ8b/r5zV8n
DHt5Kr59a1YZE8+c5Z748G5gCalQZ8Q/VeRxseyyNXNP7eMb9g+O4gi4SPDDLddq
f9Z6Xp1nLD/Jmn4RL321CRV/vUk9MwFEz6huJH4bO+0zVXmU2Nl6PREDLMpR1yOZ
3EMvrOy8LywO8s37VUt+Elj9G9CeWq9Dx6X2tgC8RlSiKNIh1/HBFUoExQX2PzeC
LbdtOuTRKl2x6akSLzE/qX4ESNtkMgC64xnavRccVoaCFSqg5K/2S5lXGzhgxrD4
ynYmeEl5ZbzvuiY5ZiGq0mr4UwcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRZysHm
bw3kcuJeRhq/6mqcwHd06TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWI2ZWEyYzMtYzI1Yi00OTJjLTk1NDctN2M1ZGRiNzVkMTVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6J2DAN
BgkqhkiG9w0BAQsFAAOCAQEAPxsWCXlRZIkXrtK64NpvTio/qudN0HouiF5Saije
XOO3ETWq3FOs7+BWRGRZo1pGYMxgZqa3y9+TxA/Ye54qHdfOVc1gH+7UMWQ7o6Ku
Bt7pwcW6X+ieQkhZ9lLFbPFIuv5w3fs73LoYXi/kzgxeQgW9wf9JqiFK/IIndXYc
QTmRRWaN4OJkXFGdjcaaFjR0xPw1mE3y1iCXXGOwQyJekQCeo8CtFOmcXg5NceHq
/CUTS4pVCLD7kDLCPx1vShwtJLcIh/XVwpucDLCYOWFv6TLnsnA/TUT+Y0n4lX2f
jcoJiZXXnf9h0hcp7KdIowblSqQIA2Knlb+o5zUEfN5GOA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:21 2025 by rpki-client