Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
File: 9c3be55c-de0f-4901-938e-229a296fa31f.roa (raw, json)
Hash identifier: oPnsemZVh55pwLIuAnvTvETwLRkmR0JdiKCf8vUnq34=
Subject key identifier: 81:2D:02:BC:81:F2:45:99:C8:39:38:8D:10:82:65:14:FD:B7:C0:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 774AA86FE6ED9EB847EF00B56D4EC7E99B9BF6A1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
Signing time: Tue 19 Aug 2025 17:01:06 +0000
ROA not before: Tue 19 Aug 2025 17:01:06 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.168.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:4a:a8:6f:e6:ed:9e:b8:47:ef:00:b5:6d:4e:c7:e9:9b:9b:f6:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:01:06 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=a20ada218ca6c4b2951b8dc56b661b88d35ad177dc453fc10ea75ced7959020a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:39:36:87:bf:29:68:73:ed:40:00:cf:36:8f:
c1:43:72:d6:b5:b8:f1:d7:a0:cf:06:6a:ae:65:f7:
ac:cf:fe:0a:c3:ea:e4:f7:bd:67:f6:11:f4:21:c7:
69:07:32:6b:02:7a:6c:54:aa:cd:06:8f:af:f0:08:
04:0f:82:90:76:97:6b:fc:ba:b2:39:27:51:2c:dd:
6a:95:29:3a:7d:2b:e8:98:c0:09:89:2b:71:b7:a2:
40:c0:d7:93:67:85:c2:7e:16:95:36:af:3f:d7:26:
79:1e:43:1f:01:04:7f:b8:58:b3:0d:cf:19:fb:8f:
b0:08:c6:97:f6:d2:64:99:b3:07:35:10:14:6d:9b:
47:05:e8:b6:45:62:7c:bb:22:ee:ea:6e:23:65:79:
b5:fa:7d:43:cc:b8:77:4e:04:77:2a:ff:ac:c6:27:
4b:be:c3:a0:ed:01:1f:21:0c:d6:90:e3:d2:08:c6:
a4:25:09:81:08:73:ff:06:65:bd:a0:fb:3e:99:89:
3b:14:45:18:41:30:e9:86:86:83:fc:58:19:d5:6f:
53:5d:a3:73:6c:94:fc:23:a4:0a:49:97:1d:24:24:
fa:83:7b:e5:a2:b6:15:79:76:e4:e5:17:8f:84:2e:
ed:33:3e:70:25:79:69:d5:63:0b:13:21:6e:7c:c0:
b6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:2D:02:BC:81:F2:45:99:C8:39:38:8D:10:82:65:14:FD:B7:C0:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.168.0/23
Signature Algorithm: sha256WithRSAEncryption
74:ae:ee:01:54:09:e8:38:3d:4d:17:a8:71:46:38:fc:03:b1:
f4:76:f4:31:32:f1:ca:bb:6c:2f:4f:73:2e:37:33:e1:02:74:
ac:d8:14:21:34:ed:ec:b5:81:61:a6:b4:ae:99:56:e8:cd:bf:
75:df:5f:c2:26:58:a3:23:ba:b1:f4:ff:ea:ea:aa:a7:68:28:
5e:73:49:61:3b:fb:73:70:6f:eb:13:4f:23:29:97:63:8a:e7:
b7:c7:11:eb:1c:f3:df:56:16:b2:59:ff:1e:0d:66:bc:4e:d0:
4e:e5:f6:ff:b1:f6:82:97:94:b1:25:b4:44:9d:87:aa:69:33:
d5:82:d5:ca:be:f2:f1:c4:06:72:51:42:98:e9:78:5d:4c:6b:
49:25:8e:7c:09:22:f0:ae:2e:1d:21:81:c7:da:d4:49:cb:7b:
d0:27:12:6d:bd:b7:9b:8c:54:3e:c1:98:9c:20:9c:5b:d1:47:
c9:af:bc:84:c7:fb:3e:24:85:e6:f1:48:80:01:bd:a3:b8:fc:
f8:c7:b2:5e:bd:ed:66:82:36:09:df:92:f7:79:0c:8d:57:69:
bb:d8:ca:60:d0:8c:cf:f9:5d:5f:e2:3c:6f:bd:f3:13:27:48:
98:db:24:75:32:15:e2:c5:07:9b:bb:e9:90:8b:c2:a7:28:cb:
95:95:9b:e5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUd0qob+btnrhH7wC1bU7H6Zub9qEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAxMDZaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyMGFkYTIxOGNhNmM0YjI5NTFiOGRjNTZiNjYxYjg4ZDM1YWQxNzdkYzQ1
M2ZjMTBlYTc1Y2VkNzk1OTAyMGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIw5Noe/KWhz7UAAzzaPwUNy1rW48degzwZqrmX3rM/+CsPq5Pe9Z/YR9CHH
aQcyawJ6bFSqzQaPr/AIBA+CkHaXa/y6sjknUSzdapUpOn0r6JjACYkrcbeiQMDX
k2eFwn4WlTavP9cmeR5DHwEEf7hYsw3PGfuPsAjGl/bSZJmzBzUQFG2bRwXotkVi
fLsi7upuI2V5tfp9Q8y4d04Edyr/rMYnS77DoO0BHyEM1pDj0gjGpCUJgQhz/wZl
vaD7PpmJOxRFGEEw6YaGg/xYGdVvU12jc2yU/COkCkmXHSQk+oN75aK2FXl25OUX
j4Qu7TM+cCV5adVjCxMhbnzAtqMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSBLQK8
gfJFmcg5OI0QgmUU/bfAOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWMzYmU1NWMtZGUwZi00OTAxLTkzOGUtMjI5YTI5NmZhMzFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS6JqDAN
BgkqhkiG9w0BAQsFAAOCAQEAdK7uAVQJ6Dg9TReocUY4/AOx9Hb0MTLxyrtsL09z
Ljcz4QJ0rNgUITTt7LWBYaa0rplW6M2/dd9fwiZYoyO6sfT/6uqqp2goXnNJYTv7
c3Bv6xNPIymXY4rnt8cR6xzz31YWsln/Hg1mvE7QTuX2/7H2gpeUsSW0RJ2Hqmkz
1YLVyr7y8cQGclFCmOl4XUxrSSWOfAki8K4uHSGBx9rUSct70CcSbb23m4xUPsGY
nCCcW9FHya+8hMf7PiSF5vFIgAG9o7j8+MeyXr3tZoI2Cd+S93kMjVdpu9jKYNCM
z/ldX+I8b73zEydImNskdTIV4sUHm7vpkIvCpyjLlZWb5Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:58 2025 by rpki-client