Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
File: e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa (raw, json)
Hash identifier: Xy0Jbs4USMXQtvl0Vg2N0kt+mAdo0RdfWi1Jpyxg2B8=
Subject key identifier: B0:3D:D2:B5:77:A6:77:F8:50:9C:C4:F4:05:0D:CD:C1:95:C1:42:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F1B6C915AB96045828D79A5262D38DD6C23E7FD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
Signing time: Fri 10 Oct 2025 17:10:19 +0000
ROA not before: Fri 10 Oct 2025 17:10:19 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:1b:6c:91:5a:b9:60:45:82:8d:79:a5:26:2d:38:dd:6c:23:e7:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 10 17:10:19 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=49c74f1e8ae3e04928ee0754db2f3c765a360a8db1ebb51a7aff5c2e72380806, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:37:19:74:a1:25:4c:42:d2:6c:75:65:26:84:
fe:17:a3:74:1d:aa:d3:20:02:16:c7:fa:25:f9:82:
0b:9e:8f:4e:30:b0:1d:3c:f7:dd:44:ac:0f:31:8a:
8f:cd:58:77:98:ba:26:50:08:8a:98:45:b4:d4:e8:
36:60:18:dc:04:c5:72:61:4f:07:fa:57:d3:2b:48:
c2:e7:69:2f:c0:9f:11:08:c6:05:81:48:20:fb:13:
cc:b1:cd:35:73:78:d6:a8:bb:81:b5:52:7f:37:d7:
28:7e:e0:af:2f:20:c3:f6:f5:6d:79:31:a7:c9:b2:
0d:5f:35:02:9b:cf:6b:ba:c9:02:18:b1:d6:ed:da:
fc:bb:20:12:79:64:c1:c9:a4:4d:4c:41:38:f0:1f:
62:12:da:68:6e:ff:37:60:4d:ec:7e:0e:56:c8:72:
91:59:f4:61:f4:5d:3c:2d:dc:12:9e:ce:8b:5f:0b:
56:9b:b7:f1:d7:14:c4:0a:13:fc:62:eb:45:95:5c:
ce:19:6d:0a:8e:c1:aa:20:a2:7a:81:42:fd:ba:15:
6e:b8:72:e7:3f:b2:05:34:85:70:a5:f4:ea:c8:4c:
d0:26:85:21:c0:0a:74:f0:36:54:46:c4:46:cf:3d:
d1:be:11:1e:ce:da:40:82:1d:74:bb:e1:d2:c2:45:
84:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:3D:D2:B5:77:A6:77:F8:50:9C:C4:F4:05:0D:CD:C1:95:C1:42:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.160.0/21
Signature Algorithm: sha256WithRSAEncryption
80:fa:f4:8b:14:42:59:a7:2e:a8:cb:7e:65:8d:e1:fe:84:da:
88:84:44:d9:c4:26:35:b7:7e:b9:95:2b:92:de:06:6f:f4:b0:
84:c3:51:c2:d6:57:f0:5f:73:b6:57:be:f0:aa:94:64:5c:c7:
ce:26:36:b4:e1:10:08:49:91:3a:0a:25:45:5f:75:ae:76:9a:
95:43:6a:ca:e4:f6:15:75:ce:b1:f6:7b:e7:79:6d:bb:ab:2d:
75:50:7e:e5:2d:a6:d9:14:c5:21:8b:8e:25:54:02:5d:f4:1a:
62:b1:c1:c2:1a:d5:17:ef:d6:79:c5:0e:b5:4d:b9:15:48:0b:
c7:09:9a:20:c0:86:e8:a5:9c:87:78:9a:85:01:21:c0:9e:07:
24:f3:e5:79:5e:f0:96:5b:9e:71:86:8d:c0:3e:81:18:54:53:
af:8c:96:6a:40:3c:4c:e9:75:ac:dd:5b:69:08:4e:7f:e3:bc:
34:77:3b:3b:59:9e:21:68:27:17:5f:a9:05:17:24:1c:c8:9b:
6a:9b:52:63:2a:f8:84:64:59:3d:b7:d6:9c:a7:21:17:f2:ab:
e2:be:76:e0:f5:6c:ac:e3:8b:24:cd:f8:09:3e:93:c1:32:6b:
82:15:fb:13:31:e1:6b:0a:7a:aa:c9:c1:eb:09:fb:5c:53:9f:
c2:bc:dd:04
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbxtskVq5YEWCjXmlJi043Wwj5/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTAxNzEwMTlaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5Yzc0ZjFlOGFlM2UwNDkyOGVlMDc1NGRiMmYzYzc2NWEzNjBhOGRiMWVi
YjUxYTdhZmY1YzJlNzIzODA4MDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMo3GXShJUxC0mx1ZSaE/hejdB2q0yACFsf6JfmCC56PTjCwHTz33USsDzGK
j81Yd5i6JlAIiphFtNToNmAY3ATFcmFPB/pX0ytIwudpL8CfEQjGBYFIIPsTzLHN
NXN41qi7gbVSfzfXKH7gry8gw/b1bXkxp8myDV81ApvPa7rJAhix1u3a/LsgEnlk
wcmkTUxBOPAfYhLaaG7/N2BN7H4OVshykVn0YfRdPC3cEp7Oi18LVpu38dcUxAoT
/GLrRZVczhltCo7BqiCieoFC/boVbrhy5z+yBTSFcKX06shM0CaFIcAKdPA2VEbE
Rs890b4RHs7aQIIddLvh0sJFhGECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSwPdK1
d6Z3+FCcxPQFDc3BlcFCtzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTkxYjYyYTktMjg4NS00NTA0LTg0YTQtYmEyY2MyZjJhYzgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JoDAN
BgkqhkiG9w0BAQsFAAOCAQEAgPr0ixRCWacuqMt+ZY3h/oTaiIRE2cQmNbd+uZUr
kt4Gb/SwhMNRwtZX8F9ztle+8KqUZFzHziY2tOEQCEmROgolRV91rnaalUNqyuT2
FXXOsfZ753ltu6stdVB+5S2m2RTFIYuOJVQCXfQaYrHBwhrVF+/WecUOtU25FUgL
xwmaIMCG6KWch3iahQEhwJ4HJPPleV7wlluecYaNwD6BGFRTr4yWakA8TOl1rN1b
aQhOf+O8NHc7O1meIWgnF1+pBRckHMibaptSYyr4hGRZPbfWnKchF/Kr4r524PVs
rOOLJM34CT6TwTJrghX7EzHhawp6qsnB6wn7XFOfwrzdBA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:10 2025 by rpki-client