Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
File: b1697edb-eb6c-486d-a5cc-c22724b14f96.roa (raw, json)
Hash identifier: sRh7QrXYk1mH6qo14S86c/AYnts090kuIbKHOBdBllc=
Subject key identifier: 71:53:76:BC:0D:BD:C5:5C:EB:57:ED:42:B0:84:01:8B:88:55:7E:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76AF5B01B0A537C5CE592A35017F40BFB0C1E0A2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
Signing time: Tue 19 Aug 2025 16:50:51 +0000
ROA not before: Tue 19 Aug 2025 16:50:51 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:af:5b:01:b0:a5:37:c5:ce:59:2a:35:01:7f:40:bf:b0:c1:e0:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:51 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=b7b55335a106a21b7f63fb7d6668a290b2a2cc84bf8cf8ecc90521efb36278e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:65:6a:3d:ef:50:f8:b0:75:e3:25:22:90:52:
63:36:7f:10:d2:b6:5c:48:5d:e5:be:a5:d9:e5:b7:
bd:66:1f:e5:73:73:39:5c:4d:94:55:b7:2b:61:28:
12:6c:d4:e3:64:96:cc:8e:d1:20:5b:7f:2c:8c:7d:
f0:9d:21:95:e1:e6:9d:c2:1d:d4:8a:dd:c8:76:c7:
11:cf:d4:13:0a:10:d2:27:20:72:1f:61:91:6a:5d:
8b:ab:69:a7:52:e0:32:3e:0c:3f:37:09:83:c1:c3:
86:d7:7c:83:a8:4b:3e:8c:bd:46:35:37:3b:85:52:
b6:67:2c:d8:62:34:d6:26:27:01:e1:b5:e6:6b:97:
c5:0a:57:0b:59:09:01:7e:11:5f:49:0a:98:27:59:
68:cd:6d:7a:55:de:8a:fb:6a:f9:ab:ae:4c:e4:19:
46:88:1e:df:76:02:61:50:1a:29:0e:6a:7b:9b:98:
5a:f8:e9:a0:9c:b0:ba:41:92:8d:3d:72:f1:59:22:
ad:9c:cf:7e:f6:6a:3f:f3:7c:fa:4c:cc:3c:00:11:
e1:89:df:c5:9e:5a:8b:88:8a:b6:2c:d5:90:3e:7b:
67:e0:9f:a5:de:ec:c1:3f:25:25:06:cb:b4:25:7f:
0f:80:cc:50:c3:2a:89:ee:40:a1:7d:0e:09:76:96:
ef:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:53:76:BC:0D:BD:C5:5C:EB:57:ED:42:B0:84:01:8B:88:55:7E:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.170.0/24
Signature Algorithm: sha256WithRSAEncryption
27:83:43:4b:c8:9f:fe:cf:f2:c4:40:1e:37:04:35:bf:55:ff:
0d:68:89:a9:3e:6c:82:c6:f4:85:35:69:63:00:d4:4a:75:56:
81:e3:ca:fd:99:52:7d:c7:a5:59:75:27:d6:b5:44:62:da:e6:
d4:96:52:51:82:13:b9:98:fc:8b:6d:4c:bd:4a:46:07:f7:a2:
c6:94:c7:84:87:e5:9a:d9:a1:59:75:91:c2:69:03:17:c5:ad:
f1:c6:36:cb:ea:7b:32:a3:c2:fd:6f:d9:ae:20:08:4b:2d:c1:
af:8f:69:9c:ae:4c:8e:f1:17:57:d1:a2:ee:6e:00:e5:68:6a:
a3:78:a3:59:01:31:a2:ac:64:75:25:19:07:2f:95:e8:64:ff:
da:50:db:9a:3c:8e:5a:42:cb:93:25:cc:00:d1:af:39:a6:c9:
25:d9:f3:9f:b2:dd:81:b1:35:e3:00:46:74:3d:2b:28:46:ec:
bc:69:65:cc:46:00:ea:b5:c6:da:36:a1:d1:89:28:53:a1:59:
48:37:e4:ae:8c:02:3b:45:ac:b2:d3:99:47:0a:a7:6d:3e:90:
42:bc:97:1a:25:82:ee:9a:e5:1a:aa:f8:ab:5b:d3:4e:93:7b:
7c:5a:b9:3c:26:44:de:bf:72:8b:ec:f9:ad:80:df:20:54:ff:
7d:f2:9f:4c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdq9bAbClN8XOWSo1AX9Av7DB4KIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwNTFaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3YjU1MzM1YTEwNmEyMWI3ZjYzZmI3ZDY2NjhhMjkwYjJhMmNjODRiZjhj
ZjhlY2M5MDUyMWVmYjM2Mjc4ZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFlaj3vUPiwdeMlIpBSYzZ/ENK2XEhd5b6l2eW3vWYf5XNzOVxNlFW3K2Eo
EmzU42SWzI7RIFt/LIx98J0hleHmncId1IrdyHbHEc/UEwoQ0icgch9hkWpdi6tp
p1LgMj4MPzcJg8HDhtd8g6hLPoy9RjU3O4VStmcs2GI01iYnAeG15muXxQpXC1kJ
AX4RX0kKmCdZaM1telXeivtq+auuTOQZRoge33YCYVAaKQ5qe5uYWvjpoJywukGS
jT1y8VkirZzPfvZqP/N8+kzMPAAR4YnfxZ5ai4iKtizVkD57Z+Cfpd7swT8lJQbL
tCV/D4DMUMMqie5AoX0OCXaW79ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRxU3a8
Db3FXOtX7UKwhAGLiFV+qzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE2OTdlZGItZWI2Yy00ODZkLWE1Y2MtYzIyNzI0YjE0Zjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC6JqjAN
BgkqhkiG9w0BAQsFAAOCAQEAJ4NDS8if/s/yxEAeNwQ1v1X/DWiJqT5sgsb0hTVp
YwDUSnVWgePK/ZlSfcelWXUn1rVEYtrm1JZSUYITuZj8i21MvUpGB/eixpTHhIfl
mtmhWXWRwmkDF8Wt8cY2y+p7MqPC/W/ZriAISy3Br49pnK5MjvEXV9Gi7m4A5Whq
o3ijWQExoqxkdSUZBy+V6GT/2lDbmjyOWkLLkyXMANGvOabJJdnzn7LdgbE14wBG
dD0rKEbsvGllzEYA6rXG2jah0YkoU6FZSDfkrowCO0WsstOZRwqnbT6QQryXGiWC
7prlGqr4q1vTTpN7fFq5PCZE3r9yi+z5rYDfIFT/ffKfTA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:55 2025 by rpki-client