Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
File: bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa (raw, json)
Hash identifier: 11yDpp6CfBM2F2OJUy6/3gQUTqFCbhxv/lNB80d4j8o=
Subject key identifier: CA:21:A4:C0:24:8B:BA:B0:51:F9:B7:62:D6:4C:37:0D:B2:93:1F:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38EB81A7CD4468C7181AF23F0935004C96E461A9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
Signing time: Fri 10 Oct 2025 17:10:36 +0000
ROA not before: Fri 10 Oct 2025 17:10:36 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:eb:81:a7:cd:44:68:c7:18:1a:f2:3f:09:35:00:4c:96:e4:61:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:10:36 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=99c2f716a41defc8345d44f36c9b4442cff03f3636828ae194d34bcc0c8647b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2f:34:9d:93:ac:7a:cd:9b:13:46:30:1d:e1:
69:d4:b7:86:61:ce:2e:ab:9d:31:5a:70:3e:4d:ab:
b6:02:18:9f:f3:1f:fc:c5:ba:0d:02:e6:9a:da:d9:
d3:41:9d:ce:82:0d:81:d4:89:bb:df:b4:34:6f:69:
e8:a9:92:35:97:9c:58:18:e3:9a:85:9a:d7:4c:52:
cf:f3:5e:e4:61:c2:90:5a:4d:ad:68:7d:60:ff:4d:
a0:de:24:4d:41:86:b0:53:bb:b8:29:9b:af:62:ae:
bc:ff:b9:53:82:5c:76:e9:91:6d:fe:b3:1b:fb:ee:
9d:f5:be:65:14:ef:5b:f7:bf:e6:ff:64:1d:60:1c:
9d:a3:6d:30:29:bd:42:ec:c1:55:15:89:a6:c2:56:
a7:af:36:c9:eb:0e:52:c6:7f:58:a8:9e:d6:0e:a1:
95:b9:43:b0:71:7f:70:74:c3:eb:c0:53:7f:bd:e6:
8e:fb:1f:da:8e:8c:41:90:f1:a1:6d:81:5c:05:33:
54:af:b2:c7:7d:52:cb:61:e9:49:b8:db:7a:dc:ae:
f3:54:1c:19:3e:66:7d:ab:04:7f:51:05:e8:aa:d0:
ee:9a:be:70:ee:2f:d1:4f:9f:6e:1f:39:e3:35:28:
4b:76:ec:62:49:53:d6:d0:f0:56:bc:73:28:4c:10:
a8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:21:A4:C0:24:8B:BA:B0:51:F9:B7:62:D6:4C:37:0D:B2:93:1F:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a5:59:bd:c8:f5:3a:1a:41:29:af:5c:be:a0:01:0a:ce:59:13:
74:52:ec:c5:18:3f:2f:e6:ef:cf:3e:90:51:78:6a:95:92:66:
3e:45:6b:3a:15:6c:07:5c:b8:7e:89:4d:bc:3b:9a:b3:07:03:
90:f2:10:3e:5d:30:70:72:1d:a9:89:2b:4d:b2:cd:16:14:b5:
2b:60:39:30:62:27:5d:fd:0d:6d:8d:20:c0:91:67:bf:7c:61:
5e:89:aa:cf:8b:fa:7a:0e:40:24:96:f6:b9:62:c4:dd:db:5e:
01:b7:93:f5:9a:6d:1d:e8:6b:e2:f7:5c:8c:ca:49:b9:1a:30:
9f:b8:07:da:61:e6:86:0b:60:2d:28:59:20:f8:64:e9:5e:ec:
69:85:19:83:48:55:9b:38:61:01:8f:04:d8:1b:24:7f:53:6d:
3d:a0:11:0d:14:74:3a:d0:08:31:ea:fb:98:55:84:71:40:38:
10:6c:e5:d7:be:8a:af:1d:1b:fa:3c:7a:ba:ec:49:bc:cc:87:
f3:98:db:18:61:52:00:f0:02:f5:1d:c7:31:38:69:f8:d6:51:
48:e2:5d:20:b3:28:cd:a5:05:44:10:f7:73:dc:47:5d:0b:79:
37:9f:ac:f1:49:f2:f6:23:b3:64:9e:ff:82:1a:24:c9:f0:36:
88:1a:27:e8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOOuBp81EaMcYGvI/CTUATJbkYakwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzEwMzZaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5YzJmNzE2YTQxZGVmYzgzNDVkNDRmMzZjOWI0NDQyY2ZmMDNmMzYzNjgy
OGFlMTk0ZDM0YmNjMGM4NjQ3YjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEvNJ2TrHrNmxNGMB3hadS3hmHOLqudMVpwPk2rtgIYn/Mf/MW6DQLmmtrZ
00GdzoINgdSJu9+0NG9p6KmSNZecWBjjmoWa10xSz/Ne5GHCkFpNrWh9YP9NoN4k
TUGGsFO7uCmbr2KuvP+5U4JcdumRbf6zG/vunfW+ZRTvW/e/5v9kHWAcnaNtMCm9
QuzBVRWJpsJWp682yesOUsZ/WKie1g6hlblDsHF/cHTD68BTf73mjvsf2o6MQZDx
oW2BXAUzVK+yx31Sy2HpSbjbetyu81QcGT5mfasEf1EF6KrQ7pq+cO4v0U+fbh85
4zUoS3bsYklT1tDwVrxzKEwQqM8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTKIaTA
JIu6sFH5t2LWTDcNspMf7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRkZDVkNTItZjA5Ny00YWEwLTlhNzEtYWE3YjY3NTJkY2FhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAC6JMA0G
CSqGSIb3DQEBCwUAA4IBAQClWb3I9ToaQSmvXL6gAQrOWRN0UuzFGD8v5u/PPpBR
eGqVkmY+RWs6FWwHXLh+iU28O5qzBwOQ8hA+XTBwch2piStNss0WFLUrYDkwYidd
/Q1tjSDAkWe/fGFeiarPi/p6DkAklva5YsTd214Bt5P1mm0d6Gvi91yMykm5GjCf
uAfaYeaGC2AtKFkg+GTpXuxphRmDSFWbOGEBjwTYGyR/U209oBENFHQ60Agx6vuY
VYRxQDgQbOXXvoqvHRv6PHq67Em8zIfzmNsYYVIA8AL1HccxOGn41lFI4l0gsyjN
pQVEEPdz3EddC3k3n6zxSfL2I7Nknv+CGiTJ8DaIGifo
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:22 2025 by rpki-client