Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
File: 9c3be55c-de0f-4901-938e-229a296fa31f.roa (raw, json)
Hash identifier: W6/OJM4O0SnbmcKSR4peWnEl2rO8efZkf6/ETzHbCYo=
Subject key identifier: BC:64:12:DB:26:2D:99:D0:3C:36:95:74:F9:DC:D6:AC:10:31:35:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 102AFD1FD41EEFC12104EBAD31C937F5EF7A6120
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
Signing time: Fri 10 Oct 2025 17:10:15 +0000
ROA not before: Fri 10 Oct 2025 17:10:15 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.168.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:2a:fd:1f:d4:1e:ef:c1:21:04:eb:ad:31:c9:37:f5:ef:7a:61:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:10:15 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=4e2f8441a7a9ef59362c1b52bf7706ee34e2a601ba61e46a69f6d57e6813e0bd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:98:e5:71:7a:17:62:0a:b4:d1:35:91:11:a6:
4e:99:95:79:be:44:3a:1b:4d:bc:8a:c0:c6:ca:a5:
f8:e0:d6:8a:2a:fc:5c:00:19:25:b5:7e:d2:90:1f:
f5:67:01:12:08:e8:0b:2c:8a:dc:37:86:4b:48:8f:
cd:ac:a2:36:66:24:e9:46:9a:0e:5c:0a:7f:df:ea:
f2:1e:17:77:6e:25:5a:c6:bb:b6:83:0e:9e:cf:99:
70:ee:23:14:85:67:20:a7:f1:79:35:dd:de:30:02:
69:64:4a:62:5a:2e:ce:bd:e4:bf:bc:8e:aa:66:37:
4f:47:1e:6e:e2:cf:33:7a:52:84:91:45:76:f8:55:
75:0c:cd:4f:f1:46:4c:7d:95:6e:40:86:72:c1:28:
2c:6e:2d:2f:c6:96:e2:57:02:b8:9a:91:06:40:dc:
43:65:7c:5a:35:f1:b2:e3:f7:40:60:da:d6:c0:2d:
e6:82:0f:4f:9b:2b:46:7a:a4:93:7c:5e:55:c2:55:
c0:79:cc:e7:82:64:2c:7a:ad:14:0c:63:10:d5:56:
da:f2:02:31:0a:9e:94:02:68:e7:d9:86:3f:d9:f7:
e3:ab:b0:ef:51:49:14:68:a5:d4:cf:6c:8b:b7:46:
f6:78:b2:29:45:63:7f:8b:ca:d9:11:a3:0f:42:96:
41:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:64:12:DB:26:2D:99:D0:3C:36:95:74:F9:DC:D6:AC:10:31:35:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.168.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:3d:fe:87:0b:4d:46:d5:0b:fc:ce:5b:56:0c:91:58:00:f4:
7d:34:9b:15:49:03:4d:79:78:b2:15:5b:81:70:51:12:73:16:
57:9e:78:6b:2f:32:ac:0d:bd:56:70:87:e8:ba:9a:01:ec:b0:
26:46:70:07:ce:51:88:51:55:e4:4b:17:3e:5d:86:08:ff:ef:
40:c2:6c:32:fc:81:e6:8e:7a:6a:31:c4:c0:06:82:19:64:95:
5b:ff:4d:96:7e:bd:da:38:79:a4:1c:80:18:b4:b8:90:55:4c:
ab:af:e3:0c:1b:1d:ed:64:cd:c9:57:0c:fa:2a:65:ef:fb:59:
e9:60:40:19:43:a5:51:7e:84:71:b6:56:38:da:1f:43:38:9f:
41:7b:3d:11:16:6e:7a:6a:8d:2e:85:96:fa:9f:1c:85:57:5f:
b3:e1:8f:6e:bc:e1:a8:69:49:00:74:84:0f:b2:f5:09:ab:cb:
96:ba:9b:bf:a8:09:f3:78:2e:b9:ea:28:14:c9:4b:3c:31:9b:
04:0e:80:d7:ce:83:fe:49:31:8c:4c:1b:8f:7d:eb:5f:ca:83:
1f:cc:d5:f4:4d:34:9d:83:6a:db:9c:c6:90:44:ac:7c:f0:16:
4a:8e:49:b1:c0:3c:5e:9e:d8:ae:fc:78:88:34:fb:d5:f7:29:
9c:fc:65:1f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUECr9H9Qe78EhBOutMck39e96YSAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzEwMTVaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlMmY4NDQxYTdhOWVmNTkzNjJjMWI1MmJmNzcwNmVlMzRlMmE2MDFiYTYx
ZTQ2YTY5ZjZkNTdlNjgxM2UwYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJGY5XF6F2IKtNE1kRGmTpmVeb5EOhtNvIrAxsql+ODWiir8XAAZJbV+0pAf
9WcBEgjoCyyK3DeGS0iPzayiNmYk6UaaDlwKf9/q8h4Xd24lWsa7toMOns+ZcO4j
FIVnIKfxeTXd3jACaWRKYlouzr3kv7yOqmY3T0cebuLPM3pShJFFdvhVdQzNT/FG
TH2VbkCGcsEoLG4tL8aW4lcCuJqRBkDcQ2V8WjXxsuP3QGDa1sAt5oIPT5srRnqk
k3xeVcJVwHnM54JkLHqtFAxjENVW2vICMQqelAJo59mGP9n346uw71FJFGil1M9s
i7dG9niyKUVjf4vK2RGjD0KWQbcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS8ZBLb
Ji2Z0Dw2lXT53NasEDE1pjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWMzYmU1NWMtZGUwZi00OTAxLTkzOGUtMjI5YTI5NmZhMzFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS6JqDAN
BgkqhkiG9w0BAQsFAAOCAQEAXj3+hwtNRtUL/M5bVgyRWAD0fTSbFUkDTXl4shVb
gXBREnMWV554ay8yrA29VnCH6LqaAeywJkZwB85RiFFV5EsXPl2GCP/vQMJsMvyB
5o56ajHEwAaCGWSVW/9Nln692jh5pByAGLS4kFVMq6/jDBsd7WTNyVcM+ipl7/tZ
6WBAGUOlUX6EcbZWONofQzifQXs9ERZuemqNLoWW+p8chVdfs+GPbrzhqGlJAHSE
D7L1CavLlrqbv6gJ83guueooFMlLPDGbBA6A186D/kkxjEwbj33rX8qDH8zV9E00
nYNq25zGkESsfPAWSo5JscA8Xp7Yrvx4iDT71fcpnPxlHw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:43 2025 by rpki-client