Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
File: e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa (raw, json)
Hash identifier: 9gu7Ulk0g7WZxO3pYFS3TN/46cM+jPMc8rCs5XoM3Ik=
Subject key identifier: 5C:F1:C9:E9:C9:C8:84:FF:69:59:0F:86:69:D4:1A:F7:5F:BA:94:F8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69104BC28B11CEB528BB5B8B69D5140135D6118A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
Signing time: Tue 19 Aug 2025 17:01:15 +0000
ROA not before: Tue 19 Aug 2025 17:01:15 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:10:4b:c2:8b:11:ce:b5:28:bb:5b:8b:69:d5:14:01:35:d6:11:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:01:15 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=9186a16bb280db492853cbd26b472d586e09a5b23a29e2d9d509dbf8608d96d3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f4:2e:ec:dd:eb:82:3c:d8:ef:db:d1:18:c3:
dd:42:1a:7f:6e:82:3a:ab:f7:6d:50:16:5c:4f:28:
1c:74:ff:8e:03:f1:c9:54:e1:f9:11:de:9f:0c:fd:
3c:f9:96:f5:a2:2a:03:ae:41:f9:46:74:5e:08:8f:
02:85:ea:a2:93:f9:3e:ea:1d:72:c1:93:c5:79:da:
fc:53:00:41:6a:e3:54:1d:98:e0:12:09:7c:ac:2c:
f5:3d:6f:8c:6e:76:59:17:cb:fa:b0:d8:27:0e:a7:
81:a0:5f:e2:6e:00:d4:2f:6c:83:ef:bb:72:1f:e1:
91:ee:b4:42:d2:42:ef:af:60:58:65:ec:b7:49:f8:
6c:b8:be:ec:c4:c3:a0:67:7b:bb:c7:18:9f:de:8b:
37:7f:c0:44:7a:36:3d:ec:eb:1b:d1:e1:a1:6b:8c:
33:62:ad:34:9a:48:f0:45:83:8c:28:60:d6:06:37:
c3:29:41:89:4d:78:61:81:e5:72:cc:05:b1:c7:57:
58:3b:91:56:e6:74:f2:90:de:44:03:7b:7c:38:6b:
2b:99:6f:f5:53:17:20:b7:af:45:dd:42:c4:59:ee:
36:90:7b:e3:e2:bd:6d:a5:3d:01:02:2d:b9:01:82:
31:1b:47:08:bd:2d:48:97:99:c5:54:06:7d:97:4d:
33:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F1:C9:E9:C9:C8:84:FF:69:59:0F:86:69:D4:1A:F7:5F:BA:94:F8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.160.0/21
Signature Algorithm: sha256WithRSAEncryption
4b:02:46:30:b4:fe:79:44:4a:b6:21:53:b2:20:31:1f:d4:59:
51:b5:14:4e:f0:d0:1a:69:e6:ad:07:23:65:53:4d:ac:f7:90:
db:c6:95:43:41:e1:9e:05:d5:90:10:82:3b:f2:23:11:a3:c3:
ec:3e:0a:5e:87:97:10:9d:3b:67:43:1d:e3:58:38:72:8d:24:
d1:fe:e7:c3:9e:1c:e6:66:12:fe:ba:9a:eb:f8:fc:3e:04:5b:
14:37:1b:86:72:4b:64:ac:f4:23:b9:f1:f2:ca:f5:e0:0d:03:
36:69:f2:d1:85:d0:8b:5c:ba:10:d9:05:1c:26:07:e3:59:ee:
89:48:7d:d5:f9:62:1c:d7:03:70:28:ff:ac:ba:f2:fe:c1:aa:
8d:5e:af:78:25:d1:cb:f9:cb:f2:3a:17:30:af:70:5b:b1:96:
9d:d5:01:1a:e0:be:a0:99:5d:c0:96:0b:3c:bf:ad:84:5f:27:
d6:4d:4b:d6:16:e8:10:d7:04:ef:19:23:a0:d5:56:9a:9e:47:
22:9a:ab:c8:0d:46:24:33:05:02:85:69:ed:3d:85:ff:6f:cc:
b9:b4:e7:82:33:42:28:7e:a3:d4:a0:e7:ac:cf:79:cb:e5:70:
d1:d4:7f:ce:99:5f:42:ff:36:31:b1:fb:65:bd:8b:c7:4d:fc:
3f:2d:4d:db
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaRBLwosRzrUou1uLadUUATXWEYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAxMTVaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxODZhMTZiYjI4MGRiNDkyODUzY2JkMjZiNDcyZDU4NmUwOWE1YjIzYTI5
ZTJkOWQ1MDlkYmY4NjA4ZDk2ZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALz0Luzd64I82O/b0RjD3UIaf26COqv3bVAWXE8oHHT/jgPxyVTh+RHenwz9
PPmW9aIqA65B+UZ0XgiPAoXqopP5PuodcsGTxXna/FMAQWrjVB2Y4BIJfKws9T1v
jG52WRfL+rDYJw6ngaBf4m4A1C9sg++7ch/hke60QtJC769gWGXst0n4bLi+7MTD
oGd7u8cYn96LN3/ARHo2PezrG9HhoWuMM2KtNJpI8EWDjChg1gY3wylBiU14YYHl
cswFscdXWDuRVuZ08pDeRAN7fDhrK5lv9VMXILevRd1CxFnuNpB74+K9baU9AQIt
uQGCMRtHCL0tSJeZxVQGfZdNM08CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRc8cnp
yciE/2lZD4Zp1Br3X7qU+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTkxYjYyYTktMjg4NS00NTA0LTg0YTQtYmEyY2MyZjJhYzgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JoDAN
BgkqhkiG9w0BAQsFAAOCAQEASwJGMLT+eURKtiFTsiAxH9RZUbUUTvDQGmnmrQcj
ZVNNrPeQ28aVQ0HhngXVkBCCO/IjEaPD7D4KXoeXEJ07Z0Md41g4co0k0f7nw54c
5mYS/rqa6/j8PgRbFDcbhnJLZKz0I7nx8sr14A0DNmny0YXQi1y6ENkFHCYH41nu
iUh91fliHNcDcCj/rLry/sGqjV6veCXRy/nL8joXMK9wW7GWndUBGuC+oJldwJYL
PL+thF8n1k1L1hboENcE7xkjoNVWmp5HIpqryA1GJDMFAoVp7T2F/2/MubTngjNC
KH6j1KDnrM95y+Vw0dR/zplfQv82MbH7Zb2Lx038Py1N2w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:10 2025 by rpki-client