Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
File: ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa (raw, json)
Hash identifier: Bpicrkfb/5uSmXeilSHQMdV0cJARH9pAJtaJJN9e8iE=
Subject key identifier: 77:19:79:88:74:DE:B6:21:79:AA:12:31:99:A9:AD:A4:A2:84:7C:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B2916520A343439ED5B60D54690AD0D7E585F7C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
Signing time: Tue 19 Aug 2025 17:00:13 +0000
ROA not before: Tue 19 Aug 2025 17:00:13 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:29:16:52:0a:34:34:39:ed:5b:60:d5:46:90:ad:0d:7e:58:5f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:00:13 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=f7cbff6713be1b47a5c6fe002cd9786d6fa235b79c6498e5aac2a5f449f5a812, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ba:06:31:65:ab:d2:78:a1:db:08:fb:77:66:
93:91:a8:18:e8:87:5d:1e:80:00:b4:a6:4c:1e:39:
b3:5e:29:f6:45:bf:fa:05:c8:b8:d5:ea:ff:14:f5:
77:8c:9e:d5:c2:4c:12:87:fd:97:46:e8:d9:46:bc:
0f:52:8b:15:8b:82:96:6a:05:4a:af:f2:27:92:59:
7a:64:5f:52:ba:ed:68:40:49:fd:06:3c:db:32:75:
ed:20:41:09:47:a2:f5:75:bc:83:34:ed:ed:75:8c:
86:f2:b7:fa:57:fc:2a:f0:41:93:83:4b:e3:64:52:
1c:92:e0:a1:e9:f3:a4:55:97:bb:0a:41:bd:70:cc:
d8:10:10:c8:0d:69:60:b0:5c:3d:e3:4a:f6:27:86:
7a:bb:62:34:26:85:da:ae:4b:ea:be:9a:31:95:cd:
5e:12:ea:96:07:88:e9:1f:3c:8d:4f:c6:68:e7:5b:
78:ac:a6:a4:78:fd:ae:24:ec:fa:f8:f1:9d:ba:2d:
79:35:52:fa:e8:ab:6e:20:3f:ea:8c:e2:0b:8a:f5:
ad:ab:53:77:be:6c:05:e6:15:7e:1e:76:2c:14:01:
b5:3c:b4:08:8d:66:df:f4:32:57:17:b4:dd:60:80:
9d:f0:0e:af:65:ed:40:87:af:ba:5f:ae:80:a0:0b:
af:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:19:79:88:74:DE:B6:21:79:AA:12:31:99:A9:AD:A4:A2:84:7C:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
01:f5:47:14:15:79:5c:01:82:d9:af:0c:55:22:eb:d1:67:33:
ba:23:ee:8f:cf:9e:e5:0a:5c:ca:3c:d3:30:25:9e:78:9b:ab:
31:09:28:e7:82:90:0d:90:5e:17:7c:f2:be:6d:70:d5:95:0c:
47:34:16:fb:50:06:ad:72:f8:c2:44:db:65:34:6a:3a:bd:40:
02:5e:aa:f0:f3:70:c1:4c:6c:cc:22:16:38:3c:8e:d2:78:6a:
97:6b:c9:34:8d:35:ac:38:1d:12:d6:a0:99:8d:a7:bb:5c:72:
0b:d3:7e:f9:34:fb:33:5a:ca:bd:fe:f0:4b:95:3c:b9:95:ed:
ff:d0:dd:b0:6f:93:41:4d:d7:0a:84:f2:74:20:1a:e2:7e:b2:
74:38:1d:85:3d:18:cf:16:9e:cd:b3:91:b3:5a:9d:72:c1:9c:
77:33:58:df:ef:ff:e0:38:2d:05:67:2f:40:a5:ef:22:b4:72:
51:a3:64:39:e9:6b:43:d4:1f:49:3d:3d:6f:59:c8:29:20:99:
dc:14:49:0c:0f:23:23:a1:e4:2a:f5:35:f2:fc:00:18:91:3f:
0e:22:4f:61:c8:e5:a3:1b:f9:82:7f:3c:6b:35:ef:a9:1c:fb:
b7:32:6b:a8:7b:46:47:13:a7:c7:f0:bc:e3:56:dd:6c:e2:5c:
fc:fd:fe:3f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaykWUgo0NDntW2DVRpCtDX5YX3wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAwMTNaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3Y2JmZjY3MTNiZTFiNDdhNWM2ZmUwMDJjZDk3ODZkNmZhMjM1Yjc5YzY0
OThlNWFhYzJhNWY0NDlmNWE4MTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKK6BjFlq9J4odsI+3dmk5GoGOiHXR6AALSmTB45s14p9kW/+gXIuNXq/xT1
d4ye1cJMEof9l0bo2Ua8D1KLFYuClmoFSq/yJ5JZemRfUrrtaEBJ/QY82zJ17SBB
CUei9XW8gzTt7XWMhvK3+lf8KvBBk4NL42RSHJLgoenzpFWXuwpBvXDM2BAQyA1p
YLBcPeNK9ieGertiNCaF2q5L6r6aMZXNXhLqlgeI6R88jU/GaOdbeKympHj9riTs
+vjxnboteTVS+uirbiA/6oziC4r1ratTd75sBeYVfh52LBQBtTy0CI1m3/QyVxe0
3WCAnfAOr2XtQIevul+ugKALr0sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR3GXmI
dN62IXmqEjGZqa2kooR8/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQxZmExYTQtNDRkNi00YTRlLTgyYzQtZjMyZDMxNTgzMGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEAAfVHFBV5XAGC2a8MVSLr0WczuiPuj8+e5QpcyjzT
MCWeeJurMQko54KQDZBeF3zyvm1w1ZUMRzQW+1AGrXL4wkTbZTRqOr1AAl6q8PNw
wUxszCIWODyO0nhql2vJNI01rDgdEtagmY2nu1xyC9N++TT7M1rKvf7wS5U8uZXt
/9DdsG+TQU3XCoTydCAa4n6ydDgdhT0YzxaezbORs1qdcsGcdzNY3+//4DgtBWcv
QKXvIrRyUaNkOelrQ9QfST09b1nIKSCZ3BRJDA8jI6HkKvU18vwAGJE/DiJPYcjl
oxv5gn88azXvqRz7tzJrqHtGRxOnx/C841bdbOJc/P3+Pw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:27 2025 by rpki-client