Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
File: bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa (raw, json)
Hash identifier: mvAA4ysYGmpf9VGnoJh/Jewl6j1Uc9K/Z41XRL2oehM=
Subject key identifier: 5A:2C:78:49:9D:67:13:6B:C5:90:D0:37:75:7D:80:E0:0B:F2:31:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34E78EDCD2563D7AA83569C4D461189E307E936D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
Signing time: Tue 19 Aug 2025 17:01:02 +0000
ROA not before: Tue 19 Aug 2025 17:01:02 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:e7:8e:dc:d2:56:3d:7a:a8:35:69:c4:d4:61:18:9e:30:7e:93:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:01:02 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=6597ea832abf092bd163c4e9ce3b8c39d670329ab1557ae5f48006c7de433f9e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:15:63:15:6f:f4:d7:2c:69:09:19:20:11:1a:
cd:20:43:6b:ae:9f:70:a7:da:9d:9c:32:a1:9e:19:
81:62:10:22:86:b6:eb:79:c2:38:9e:85:97:74:4e:
94:55:c3:bd:6a:22:94:89:a0:dd:b7:22:5c:55:07:
4d:41:52:f3:fb:74:60:38:6e:7d:78:0d:39:bf:1a:
16:c1:32:03:8e:68:57:55:ab:61:2b:b1:b4:f4:2c:
b1:03:2d:3b:9e:e8:db:fe:4d:6f:1b:c5:96:82:bf:
75:db:06:8f:69:b4:c6:a9:4d:f2:16:ac:38:d8:5c:
74:f0:48:4b:19:99:3d:df:84:5d:8e:d7:1b:5d:71:
bc:e8:f9:8f:2f:c3:6a:1e:4f:9b:2f:37:2c:ab:f9:
a7:03:28:27:92:c0:bf:70:31:25:e0:b1:a2:24:bd:
a8:c8:5b:db:7b:53:17:cd:a1:86:d1:19:7f:46:78:
7a:38:a6:7e:b9:ee:8b:b1:6f:5d:59:6f:d4:7e:d4:
f7:01:f9:5f:cf:5d:b1:7e:f2:34:48:bd:c7:8e:6a:
45:7b:a5:61:ff:c7:f2:bf:cb:3a:83:ee:e6:b5:e0:
53:60:bb:3a:fb:2d:47:79:13:d2:1e:f3:ed:46:6f:
f5:eb:0e:c5:83:4d:f6:64:fd:06:96:68:e2:db:cc:
06:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:2C:78:49:9D:67:13:6B:C5:90:D0:37:75:7D:80:E0:0B:F2:31:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c6:56:51:a0:62:75:84:51:db:88:a1:2c:e8:46:38:cd:61:23:
ec:a3:11:1e:bb:4a:19:89:0d:2f:19:43:57:a1:26:b4:ba:5a:
16:fd:59:25:f1:47:ca:2b:63:c3:c8:21:d4:1b:cc:32:4a:6f:
b5:5d:ae:52:5f:47:88:94:32:f9:5c:a8:59:78:63:16:3a:dd:
c5:42:0d:11:65:77:d8:4a:d1:ba:52:03:90:7a:d4:da:96:f8:
1c:fb:cd:83:80:d4:6b:44:d7:4e:fd:26:ca:79:b6:ed:2b:45:
47:a0:42:4f:d5:86:28:09:17:3c:6c:a9:76:cc:0b:ee:55:16:
74:50:b6:c1:a4:e9:5a:9c:7e:09:e0:c7:ac:22:46:ec:3e:91:
00:38:2b:eb:3d:8d:7d:a8:c9:30:56:4f:75:78:75:f0:eb:ba:
cd:7d:08:65:b3:96:ca:c2:eb:29:fb:95:dc:af:8a:0e:8c:7c:
b4:be:97:6b:b5:02:6f:c0:a3:f9:9d:4b:60:70:c8:cf:bc:1c:
94:64:43:02:9c:87:18:d7:15:e7:9b:e5:8f:40:dd:f3:ec:f5:
88:72:f1:07:c0:68:93:a8:aa:90:ad:07:d4:68:58:4e:b6:80:
bf:4c:c1:c9:7d:48:39:68:b1:a0:ac:8d:21:b4:3d:60:4f:6f:
42:58:6c:71
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNOeO3NJWPXqoNWnE1GEYnjB+k20wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAxMDJaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1OTdlYTgzMmFiZjA5MmJkMTYzYzRlOWNlM2I4YzM5ZDY3MDMyOWFiMTU1
N2FlNWY0ODAwNmM3ZGU0MzNmOWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMVYxVv9NcsaQkZIBEazSBDa66fcKfanZwyoZ4ZgWIQIoa263nCOJ6Fl3RO
lFXDvWoilImg3bciXFUHTUFS8/t0YDhufXgNOb8aFsEyA45oV1WrYSuxtPQssQMt
O57o2/5NbxvFloK/ddsGj2m0xqlN8hasONhcdPBISxmZPd+EXY7XG11xvOj5jy/D
ah5Pmy83LKv5pwMoJ5LAv3AxJeCxoiS9qMhb23tTF82hhtEZf0Z4ejimfrnui7Fv
XVlv1H7U9wH5X89dsX7yNEi9x45qRXulYf/H8r/LOoPu5rXgU2C7OvstR3kT0h7z
7UZv9esOxYNN9mT9BpZo4tvMBl8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRaLHhJ
nWcTa8WQ0Dd1fYDgC/Ix/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRkZDVkNTItZjA5Ny00YWEwLTlhNzEtYWE3YjY3NTJkY2FhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAC6JMA0G
CSqGSIb3DQEBCwUAA4IBAQDGVlGgYnWEUduIoSzoRjjNYSPsoxEeu0oZiQ0vGUNX
oSa0uloW/Vkl8UfKK2PDyCHUG8wySm+1Xa5SX0eIlDL5XKhZeGMWOt3FQg0RZXfY
StG6UgOQetTalvgc+82DgNRrRNdO/SbKebbtK0VHoEJP1YYoCRc8bKl2zAvuVRZ0
ULbBpOlanH4J4MesIkbsPpEAOCvrPY19qMkwVk91eHXw67rNfQhls5bKwusp+5Xc
r4oOjHy0vpdrtQJvwKP5nUtgcMjPvByUZEMCnIcY1xXnm+WPQN3z7PWIcvEHwGiT
qKqQrQfUaFhOtoC/TMHJfUg5aLGgrI0htD1gT29CWGxx
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:28 2025 by rpki-client