Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
File: b1697edb-eb6c-486d-a5cc-c22724b14f96.roa (raw, json)
Hash identifier: GeVwbCq5wlSvgtdCREIH3yI7Vv/pDsePNWYAifWG/8Y=
Subject key identifier: 2D:B0:19:F4:35:72:00:49:71:2D:54:78:87:36:7B:D8:21:A4:33:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17C9746C930678E36D93C1EBB2CF3FDCF60F7FBA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
Signing time: Fri 10 Oct 2025 17:04:25 +0000
ROA not before: Fri 10 Oct 2025 17:04:25 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:c9:74:6c:93:06:78:e3:6d:93:c1:eb:b2:cf:3f:dc:f6:0f:7f:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:04:25 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=4b9dc27e59ccf1c83eb11d8dc2e80bf200fdd62955e5688ce01155f4dd0fdfbc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d2:0b:a9:43:89:c4:de:2f:86:b8:bf:04:10:
20:ac:f7:d7:79:a2:da:a8:a5:ae:aa:7c:0d:cd:b6:
8f:0b:2f:d1:75:58:0d:e3:60:d9:2d:0a:29:ef:1c:
d8:2b:41:2c:1e:1f:22:9c:92:da:7b:6c:0c:08:37:
64:a3:6c:ab:fd:1f:e4:91:bc:d4:23:db:fe:e8:1d:
b8:8e:8e:79:88:4d:79:cf:1f:d4:f3:99:01:2f:67:
b5:f2:8f:ce:4e:00:93:77:14:5e:4a:14:a7:60:a3:
d3:7c:40:4b:48:5f:05:85:05:9f:42:7c:fe:d1:1f:
9c:8f:ca:2a:72:e3:18:2a:a1:d2:4a:5b:5b:17:b4:
52:8f:34:c6:5f:e1:b8:0d:72:07:5f:12:91:93:49:
de:46:4e:00:0b:4f:56:de:38:95:15:cf:4a:de:8e:
43:b3:f0:d3:f2:1f:d7:d7:89:97:18:31:32:a1:21:
4e:a3:89:09:00:f7:d7:9e:97:58:df:31:4e:6d:f9:
5c:6b:b2:34:4f:58:04:b1:18:0b:92:b2:b5:a3:92:
b6:f6:1d:1a:8c:3b:f9:e7:a2:f0:71:42:1d:a6:ed:
ef:a9:23:c9:43:20:e9:92:79:a5:74:2b:19:ed:99:
ed:9a:14:60:4e:6c:8a:4c:ce:77:92:92:9b:1a:6f:
df:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B0:19:F4:35:72:00:49:71:2D:54:78:87:36:7B:D8:21:A4:33:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.170.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:8e:0c:d4:9f:eb:ec:45:f4:af:22:29:db:75:c2:ba:49:2c:
24:41:b1:4d:b5:3a:3f:7d:0d:e9:2c:77:11:1b:b1:09:a8:c6:
b3:77:73:c5:c4:83:9e:5f:20:22:13:67:9d:37:5c:4f:3e:ca:
83:db:8d:1e:4e:58:a7:4f:85:5f:8d:40:22:2b:7a:52:dd:ca:
a3:d0:47:32:ca:d0:12:c3:75:b5:b1:ba:43:f4:b5:b8:98:4c:
05:17:e6:83:94:5f:e7:9e:9e:45:1e:20:33:10:f9:9d:e6:94:
b8:7e:81:b0:ad:70:48:d1:96:0a:ce:03:6d:6f:89:71:33:b4:
56:f2:14:9f:7f:c9:78:cb:d3:33:11:a0:c2:d5:39:4d:85:0a:
4e:fb:6a:ea:3b:4f:73:75:cc:95:49:9e:5c:b2:6d:d1:ce:6e:
98:e4:c2:52:34:5d:ec:12:8a:b2:4e:59:7f:6f:b6:5e:bb:86:
76:e1:cb:c4:0a:e6:3b:4f:af:57:fb:89:fc:17:39:c4:1a:06:
b6:75:69:ad:58:70:76:26:f4:ea:b3:1d:2f:ad:20:68:d8:2b:
b7:85:de:41:20:5e:9e:30:1f:9f:21:e6:60:73:ae:8e:8c:f3:
17:51:6a:a2:ba:d2:c6:f2:20:90:11:e1:d3:f5:00:98:61:46:
50:bd:72:d6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUF8l0bJMGeONtk8Hrss8/3PYPf7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzA0MjVaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiOWRjMjdlNTljY2YxYzgzZWIxMWQ4ZGMyZTgwYmYyMDBmZGQ2Mjk1NWU1
Njg4Y2UwMTE1NWY0ZGQwZmRmYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnSC6lDicTeL4a4vwQQIKz313mi2qilrqp8Dc22jwsv0XVYDeNg2S0KKe8c
2CtBLB4fIpyS2ntsDAg3ZKNsq/0f5JG81CPb/ugduI6OeYhNec8f1POZAS9ntfKP
zk4Ak3cUXkoUp2Cj03xAS0hfBYUFn0J8/tEfnI/KKnLjGCqh0kpbWxe0Uo80xl/h
uA1yB18SkZNJ3kZOAAtPVt44lRXPSt6OQ7Pw0/If19eJlxgxMqEhTqOJCQD3156X
WN8xTm35XGuyNE9YBLEYC5KytaOStvYdGow7+eei8HFCHabt76kjyUMg6ZJ5pXQr
Ge2Z7ZoUYE5sikzOd5KSmxpv3zsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQtsBn0
NXIASXEtVHiHNnvYIaQz0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE2OTdlZGItZWI2Yy00ODZkLWE1Y2MtYzIyNzI0YjE0Zjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC6JqjAN
BgkqhkiG9w0BAQsFAAOCAQEAPo4M1J/r7EX0ryIp23XCukksJEGxTbU6P30N6Sx3
ERuxCajGs3dzxcSDnl8gIhNnnTdcTz7Kg9uNHk5Yp0+FX41AIit6Ut3Ko9BHMsrQ
EsN1tbG6Q/S1uJhMBRfmg5Rf556eRR4gMxD5neaUuH6BsK1wSNGWCs4DbW+JcTO0
VvIUn3/JeMvTMxGgwtU5TYUKTvtq6jtPc3XMlUmeXLJt0c5umOTCUjRd7BKKsk5Z
f2+2XruGduHLxArmO0+vV/uJ/Bc5xBoGtnVprVhwdib06rMdL60gaNgrt4XeQSBe
njAfnyHmYHOujozzF1FqorrSxvIgkBHh0/UAmGFGUL1y1g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:16 2025 by rpki-client