Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
File: a472a17f-cded-45fb-a444-3393023f0b36.roa (raw, json)
Hash identifier: +LZl0gkLc5nOuDmmLZT91oXbMnzaRyugfT5f8JyTrek=
Subject key identifier: FE:72:D8:A9:50:FA:8A:16:7E:A7:86:88:C6:C6:D6:AC:C5:60:39:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DE831AE7BF5E97581B54C98473A9B9E30782605
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
Signing time: Tue 19 Aug 2025 17:00:13 +0000
ROA not before: Tue 19 Aug 2025 17:00:13 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:e8:31:ae:7b:f5:e9:75:81:b5:4c:98:47:3a:9b:9e:30:78:26:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:00:13 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=ecd179826494afcaf02b41d6ecfbb2e8a4d87a5d0cbfef88f8d3d3e13a94cff6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:39:06:8e:18:b3:7f:82:dd:93:1c:56:e9:2c:
80:a0:0a:d4:ab:14:65:bf:7a:6e:30:17:c2:fd:20:
41:02:14:34:f0:68:2e:f4:db:54:ca:67:02:3c:b0:
6d:b5:31:6e:97:78:6a:b1:20:d8:53:4f:f9:d5:04:
9b:4e:4e:d4:9d:52:32:a2:c9:0b:a9:78:2c:b5:df:
de:b4:68:5e:2d:15:dc:ca:1c:9c:c2:68:80:41:2b:
e3:a9:1d:e7:a3:53:24:8a:9a:60:e0:f5:8f:16:63:
78:60:62:6c:a5:b4:5b:33:d2:bc:49:98:d4:19:b2:
e7:65:21:25:f3:8f:f8:96:3e:f7:e0:84:ea:4b:76:
1e:e2:dc:72:9b:72:92:fa:49:25:b0:f7:be:4d:fe:
bb:f9:47:16:30:f5:37:a4:c9:8c:44:a2:3f:3a:5d:
25:4d:cb:c2:a5:37:68:ec:a8:88:7c:f2:ff:08:d4:
5a:d4:9a:a2:80:55:68:d1:5f:21:f3:b8:2f:6a:ef:
3d:a4:9e:35:4c:b6:5e:2b:f3:d1:c5:fd:23:03:58:
20:b8:f3:e8:34:08:ab:49:32:dd:09:61:f5:6d:e7:
fd:9c:12:94:f1:f3:ea:1d:7e:07:fc:58:ff:06:da:
b1:df:fd:5a:b1:1d:da:89:da:72:04:76:a9:ac:b5:
54:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:72:D8:A9:50:FA:8A:16:7E:A7:86:88:C6:C6:D6:AC:C5:60:39:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
23:6b:02:7d:19:11:2e:da:b2:a7:44:ea:5d:54:c2:38:fd:e8:
aa:d5:06:73:32:e0:f9:92:fa:42:7c:b9:c7:53:80:fa:66:59:
0a:29:f8:44:50:18:63:08:e4:0f:16:78:1e:68:3e:31:54:1d:
6d:8e:97:ca:b7:89:c8:9c:b3:91:bc:de:5e:e8:bf:7c:ee:6e:
07:4e:2a:2c:17:71:67:7f:81:57:95:72:c8:2c:4e:23:2e:82:
ce:1f:ff:a0:d7:7f:94:3c:ad:43:2b:bd:27:1b:fd:33:9e:24:
e6:86:ea:b5:43:80:68:b8:75:50:0b:c0:00:53:1c:fe:78:fd:
82:d4:22:36:a0:cf:c4:5d:51:bf:fd:67:49:03:28:8c:3f:cd:
48:fb:93:65:19:35:ef:60:26:f5:8c:e6:fe:e0:1b:65:a9:00:
88:fe:10:e6:dd:50:fb:fb:23:27:64:4c:e9:a4:a4:78:d1:2c:
9e:12:dd:99:eb:e1:43:4d:18:05:8e:15:12:24:95:0f:01:3c:
80:cf:6f:bf:65:60:0b:f8:68:83:b1:e4:f1:2f:53:e2:64:aa:
0c:bb:db:87:b1:fa:1c:6f:b7:da:cf:c6:ad:96:68:20:23:03:
26:45:9b:2b:cc:ef:cb:46:c8:82:48:e0:0e:2a:74:46:02:17:
93:71:bd:a6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPegxrnv16XWBtUyYRzqbnjB4JgUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAwMTNaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjZDE3OTgyNjQ5NGFmY2FmMDJiNDFkNmVjZmJiMmU4YTRkODdhNWQwY2Jm
ZWY4OGY4ZDNkM2UxM2E5NGNmZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALU5Bo4Ys3+C3ZMcVuksgKAK1KsUZb96bjAXwv0gQQIUNPBoLvTbVMpnAjyw
bbUxbpd4arEg2FNP+dUEm05O1J1SMqLJC6l4LLXf3rRoXi0V3MocnMJogEEr46kd
56NTJIqaYOD1jxZjeGBibKW0WzPSvEmY1Bmy52UhJfOP+JY+9+CE6kt2HuLccpty
kvpJJbD3vk3+u/lHFjD1N6TJjESiPzpdJU3LwqU3aOyoiHzy/wjUWtSaooBVaNFf
IfO4L2rvPaSeNUy2Xivz0cX9IwNYILjz6DQIq0ky3Qlh9W3n/ZwSlPHz6h1+B/xY
/wbasd/9WrEd2onacgR2qay1VEUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT+ctip
UPqKFn6nhojGxtasxWA5yDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQ3MmExN2YtY2RlZC00NWZiLWE0NDQtMzM5MzAyM2YwYjM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEAI2sCfRkRLtqyp0TqXVTCOP3oqtUGczLg+ZL6Qny5
x1OA+mZZCin4RFAYYwjkDxZ4Hmg+MVQdbY6XyreJyJyzkbzeXui/fO5uB04qLBdx
Z3+BV5VyyCxOIy6Czh//oNd/lDytQyu9Jxv9M54k5obqtUOAaLh1UAvAAFMc/nj9
gtQiNqDPxF1Rv/1nSQMojD/NSPuTZRk172Am9Yzm/uAbZakAiP4Q5t1Q+/sjJ2RM
6aSkeNEsnhLdmevhQ00YBY4VEiSVDwE8gM9vv2VgC/hog7Hk8S9T4mSqDLvbh7H6
HG+32s/GrZZoICMDJkWbK8zvy0bIgkjgDip0RgIXk3G9pg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:55 2025 by rpki-client