Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
File: cda4310a-ca55-4999-9a56-f3175f246324.roa (raw, json)
Hash identifier: J0xMIHcw6vmlGty5k8av4riwfwOgxW6F0f4Zwpo3Gmo=
Subject key identifier: 06:5B:D7:B6:4A:56:BE:CA:59:A6:FA:0B:CE:47:14:F1:7D:8F:2D:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 375F8215E98585A8741205DCA13E90B9F83C03C0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
Signing time: Tue 19 Aug 2025 17:01:11 +0000
ROA not before: Tue 19 Aug 2025 17:01:11 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:5f:82:15:e9:85:85:a8:74:12:05:dc:a1:3e:90:b9:f8:3c:03:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:01:11 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=6e6f8ecd9feeec284846c46128ccbc9ffc82fcbcf2c61c798ccbb8988c574153, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d9:27:d3:12:35:6a:73:d3:b5:9c:87:95:1c:
3f:da:f4:f9:0a:16:8a:7c:c0:9a:12:07:5d:4a:41:
52:aa:18:d3:0e:cf:94:05:91:9a:85:4b:18:f7:6b:
fb:5b:09:01:63:80:0e:55:e1:02:dc:93:e7:58:2f:
f9:fc:a9:64:09:d3:2b:5d:d1:b4:67:a6:ee:94:5d:
4a:cb:e0:2d:f4:9f:97:fc:28:87:07:66:e0:12:6a:
bb:db:26:2e:0c:71:36:de:c1:77:e3:76:b5:53:d6:
08:7f:3a:09:e7:47:bb:4a:d5:95:2b:48:ce:36:ca:
8d:d9:64:5a:d3:f6:d9:52:ca:89:46:fb:92:9f:08:
0c:5f:eb:0a:f6:23:c5:67:04:42:19:2d:9e:98:e3:
0e:0b:fe:bf:11:2f:2f:3f:ed:5f:aa:6a:e2:1c:2e:
c2:75:d3:13:ad:fa:73:be:2d:1a:60:90:5a:2f:fd:
ee:44:60:16:b5:30:cf:7e:00:a6:d6:0a:88:26:6d:
5d:a0:fd:0a:c8:41:1c:53:85:d0:f9:ae:bc:2b:1f:
77:ba:e5:5e:09:d7:e7:63:e2:e0:63:c8:5c:47:c3:
c1:50:67:2d:83:cf:9f:b4:53:77:83:dd:d9:02:ff:
16:9e:23:4b:7e:2d:1e:6b:24:67:eb:fb:6b:c8:d7:
d5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:5B:D7:B6:4A:56:BE:CA:59:A6:FA:0B:CE:47:14:F1:7D:8F:2D:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.152.0/22
Signature Algorithm: sha256WithRSAEncryption
91:fd:c0:b7:a9:b2:3e:56:bd:a8:40:ec:4a:8b:3c:b0:62:14:
e7:21:ee:3a:e2:c8:af:e4:0a:7a:67:1d:e7:02:cd:1a:0f:70:
0a:ef:5e:4c:1e:4f:5c:ae:4a:d6:1e:6b:91:81:a5:a0:6d:24:
a1:93:41:0f:55:bd:16:46:1d:63:09:cf:4b:c0:0a:02:67:95:
cc:42:db:47:3b:9c:cc:38:67:dd:52:64:e6:be:b0:b0:e7:d8:
84:bd:e1:94:2b:27:7f:8b:d1:b8:01:2d:da:fe:79:fd:f7:2a:
ca:29:c8:80:64:e1:43:a0:d6:0a:31:2a:b1:97:a0:5e:2f:2a:
81:46:65:0f:f5:21:b1:98:85:76:53:0a:80:da:d7:9b:e1:3d:
e7:e3:fe:93:e8:fa:c3:8d:2d:b8:ff:70:35:96:ac:87:38:cc:
e1:57:ce:43:65:fb:38:6e:81:9f:a2:9b:85:6f:dd:81:20:a6:
79:5f:31:e5:26:3b:be:53:9f:79:e7:42:ee:fc:6d:85:1b:bc:
9f:7a:be:42:75:5c:d9:88:21:05:87:ed:96:1d:60:da:9a:ef:
f8:a7:87:b4:af:bd:58:b3:8a:c7:7d:a1:d1:89:a1:6b:45:25:
e3:17:69:0b:7f:c0:33:a6:67:8a:85:98:17:1f:27:8a:c5:46:
ac:6e:aa:bb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUN1+CFemFhah0EgXcoT6Qufg8A8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAxMTFaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlNmY4ZWNkOWZlZWVjMjg0ODQ2YzQ2MTI4Y2NiYzlmZmM4MmZjYmNmMmM2
MWM3OThjY2JiODk4OGM1NzQxNTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbZJ9MSNWpz07Wch5UcP9r0+QoWinzAmhIHXUpBUqoY0w7PlAWRmoVLGPdr
+1sJAWOADlXhAtyT51gv+fypZAnTK13RtGem7pRdSsvgLfSfl/wohwdm4BJqu9sm
LgxxNt7Bd+N2tVPWCH86CedHu0rVlStIzjbKjdlkWtP22VLKiUb7kp8IDF/rCvYj
xWcEQhktnpjjDgv+vxEvLz/tX6pq4hwuwnXTE636c74tGmCQWi/97kRgFrUwz34A
ptYKiCZtXaD9CshBHFOF0PmuvCsfd7rlXgnX52Pi4GPIXEfDwVBnLYPPn7RTd4Pd
2QL/Fp4jS34tHmskZ+v7a8jX1c8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQGW9e2
Sla+ylmm+gvORxTxfY8txTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhNDMxMGEtY2E1NS00OTk5LTlhNTYtZjMxNzVmMjQ2MzI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JmDAN
BgkqhkiG9w0BAQsFAAOCAQEAkf3At6myPla9qEDsSos8sGIU5yHuOuLIr+QKemcd
5wLNGg9wCu9eTB5PXK5K1h5rkYGloG0koZNBD1W9FkYdYwnPS8AKAmeVzELbRzuc
zDhn3VJk5r6wsOfYhL3hlCsnf4vRuAEt2v55/fcqyinIgGThQ6DWCjEqsZegXi8q
gUZlD/UhsZiFdlMKgNrXm+E95+P+k+j6w40tuP9wNZashzjM4VfOQ2X7OG6Bn6Kb
hW/dgSCmeV8x5SY7vlOfeedC7vxthRu8n3q+QnVc2YghBYftlh1g2prv+KeHtK+9
WLOKx32h0Ymha0Ul4xdpC3/AM6ZnioWYFx8nisVGrG6quw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:07:28 2025 by rpki-client