Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
File: b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa (raw, json)
Hash identifier: DFH5fVKkhIy8QIIruZLnhY1Hg6BfJLKfN20u1lcv0BY=
Subject key identifier: 39:B2:CD:B2:1B:6C:01:4D:40:84:7F:E0:EC:40:9F:10:36:A0:A7:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D555461789385547738F39F49A8F40D026BC65A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
Signing time: Fri 10 Oct 2025 17:10:17 +0000
ROA not before: Fri 10 Oct 2025 17:10:17 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:55:54:61:78:93:85:54:77:38:f3:9f:49:a8:f4:0d:02:6b:c6:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:10:17 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=6dca4838bcd0ae391a2f0704c04f053b3da87c315800f505c4bf5fcf5e7c25ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:71:24:58:36:8e:85:4e:a4:7e:b4:97:14:eb:
af:8d:66:9b:55:c9:5e:39:a0:65:41:61:6c:b1:0e:
22:ad:88:af:23:c2:7b:3c:63:b1:5d:1e:d8:41:d8:
13:e9:5b:77:d3:1c:bf:a7:e0:9e:53:e4:49:4d:ab:
0b:58:12:0a:ee:4c:7c:68:70:4b:57:11:2f:aa:af:
1e:b7:4a:61:de:52:b2:9e:91:f5:d2:6d:28:ee:14:
06:86:d2:f3:b2:14:ff:23:62:5f:6e:64:a5:9c:72:
c7:69:e9:f8:de:d1:e8:bd:27:35:40:a5:71:cd:8d:
2c:5b:de:c3:52:a9:6f:ff:00:45:7b:80:76:62:9c:
d1:28:2f:7e:28:ac:d1:80:40:29:28:ca:d2:a6:37:
ec:7d:ee:fb:df:0c:b6:05:cb:ec:4c:d4:31:2e:c7:
ed:91:7e:62:c4:79:19:e2:38:54:4d:5a:f7:f0:c4:
e3:21:18:e4:49:99:13:0d:d9:9d:77:30:9d:5c:f9:
a1:8f:a7:ca:de:2b:52:c4:21:2c:6d:fa:b2:a5:06:
67:f0:9e:4f:a6:c7:ac:a2:ad:47:59:68:a7:85:bc:
2c:99:d8:9f:39:54:65:3f:c8:2a:2b:70:7b:e4:67:
0a:2a:1c:d9:a1:a9:73:67:46:74:5e:22:87:19:84:
f3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B2:CD:B2:1B:6C:01:4D:40:84:7F:E0:EC:40:9F:10:36:A0:A7:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.156.0/22
Signature Algorithm: sha256WithRSAEncryption
66:b2:fa:4c:96:43:0a:37:75:db:f6:8f:4b:8b:be:15:72:74:
ff:a9:25:de:6d:68:29:df:2e:ec:33:2c:0b:c6:3b:a6:34:5c:
d9:ef:38:7b:4a:ab:67:79:6b:e0:fd:46:6d:55:5e:d9:b2:02:
06:0d:23:3e:f6:f7:31:5c:8b:d7:15:34:b6:63:69:fe:86:11:
5b:e2:29:c7:5c:b6:a1:66:59:bf:44:ee:cb:d8:01:f7:fd:cf:
e3:fd:30:77:6d:50:ba:03:de:35:b0:b7:b5:3c:88:0c:ee:62:
24:99:cd:dd:0c:25:8b:78:c3:3b:ac:12:86:3e:67:7a:7d:ef:
87:ee:67:89:36:b1:b0:d5:7d:f5:f7:b6:60:ab:ea:75:d9:c7:
17:06:3c:81:64:e3:8a:44:d3:72:eb:33:52:49:dd:3c:d8:70:
e4:5d:bd:ce:76:1d:88:0e:69:58:79:f1:33:f1:c2:38:29:33:
43:4f:06:c1:6a:97:36:90:08:4e:b8:49:04:c8:98:b2:7c:8d:
5b:62:a7:32:08:12:59:13:eb:f5:c2:6e:d5:b3:51:9a:97:7e:
65:dc:07:81:5b:0e:83:0c:30:11:13:40:c2:2c:26:82:72:a2:
99:0d:12:fa:b0:10:09:27:32:a1:24:f9:d6:19:20:c1:bb:14:
b6:2f:b7:e7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDVVUYXiThVR3OPOfSaj0DQJrxlowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzEwMTdaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkY2E0ODM4YmNkMGFlMzkxYTJmMDcwNGMwNGYwNTNiM2RhODdjMzE1ODAw
ZjUwNWM0YmY1ZmNmNWU3YzI1ZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIhxJFg2joVOpH60lxTrr41mm1XJXjmgZUFhbLEOIq2IryPCezxjsV0e2EHY
E+lbd9Mcv6fgnlPkSU2rC1gSCu5MfGhwS1cRL6qvHrdKYd5Ssp6R9dJtKO4UBobS
87IU/yNiX25kpZxyx2np+N7R6L0nNUClcc2NLFvew1Kpb/8ARXuAdmKc0Sgvfiis
0YBAKSjK0qY37H3u+98MtgXL7EzUMS7H7ZF+YsR5GeI4VE1a9/DE4yEY5EmZEw3Z
nXcwnVz5oY+nyt4rUsQhLG36sqUGZ/CeT6bHrKKtR1lop4W8LJnYnzlUZT/IKitw
e+RnCioc2aGpc2dGdF4ihxmE87sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ5ss2y
G2wBTUCEf+DsQJ8QNqCnIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjllODUxNzQtMmZmZC00YjkzLTgzNTctMWUyYmE4NTQ0OWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JnDAN
BgkqhkiG9w0BAQsFAAOCAQEAZrL6TJZDCjd12/aPS4u+FXJ0/6kl3m1oKd8u7DMs
C8Y7pjRc2e84e0qrZ3lr4P1GbVVe2bICBg0jPvb3MVyL1xU0tmNp/oYRW+Ipx1y2
oWZZv0Tuy9gB9/3P4/0wd21QugPeNbC3tTyIDO5iJJnN3Qwli3jDO6wShj5nen3v
h+5niTaxsNV99fe2YKvqddnHFwY8gWTjikTTcuszUkndPNhw5F29znYdiA5pWHnx
M/HCOCkzQ08GwWqXNpAITrhJBMiYsnyNW2KnMggSWRPr9cJu1bNRmpd+ZdwHgVsO
gwwwERNAwiwmgnKimQ0S+rAQCScyoST51hkgwbsUti+35w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:26 2025 by rpki-client