Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
File: 062e9317-b5ab-4d01-a462-4dc8d164e17c.roa (raw, json)
Hash identifier: t5qR+l7Wo+yn0+jhArBYkGAKXx6q4a91+xit27SD+9U=
Subject key identifier: EC:6B:28:16:D9:88:3B:03:10:86:0A:F1:A8:4F:46:BE:5D:57:AA:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A0A366261FAE5E87CA7D6FA2A80F7D6C2ED550A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
Signing time: Tue 19 Aug 2025 17:01:13 +0000
ROA not before: Tue 19 Aug 2025 17:01:13 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:0a:36:62:61:fa:e5:e8:7c:a7:d6:fa:2a:80:f7:d6:c2:ed:55:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:01:13 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=22364a28c25aa943ea62d475e2f00ae951a1c854cf10d5bfbfdced1a7e47d78d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0e:b9:a0:97:ed:f1:f8:a5:1f:34:97:30:81:
d4:3b:82:4b:80:1c:e2:b0:cc:32:e0:10:e7:31:5a:
11:14:ec:6b:6c:aa:8c:95:94:fd:db:be:99:76:ac:
39:8f:0e:ca:f2:43:3e:4e:16:06:54:f6:65:ab:53:
98:d6:c6:ed:ae:66:78:23:1b:29:f1:12:f9:ae:cb:
29:e9:8f:09:57:a1:5d:27:fb:f5:14:1c:70:05:bd:
4b:70:3f:7e:7b:f7:11:71:da:cf:15:41:f6:e9:bc:
db:9a:81:4c:c3:95:cb:00:d6:9f:75:f4:a8:7c:eb:
34:e5:bd:5d:57:05:a7:fb:b0:e4:66:ee:e4:67:24:
23:24:de:c0:1c:da:87:a1:92:83:ce:74:bf:ca:55:
47:81:2c:26:31:1d:0d:26:13:51:05:1e:a4:28:e7:
6e:fb:b8:7a:d7:86:c2:40:b9:e1:14:c4:b5:f3:8e:
cc:e9:8c:67:b9:fb:8e:a9:ad:e6:4a:32:64:03:0c:
75:6e:c7:b0:81:d9:1e:6d:c5:15:1e:f3:8e:eb:0a:
21:4b:c1:23:de:60:09:22:2a:db:32:c1:d5:a9:17:
39:43:f2:16:4b:55:33:48:78:c2:72:2d:6c:5a:f4:
7e:7c:b4:6a:15:24:5c:21:34:8a:e3:db:1f:f5:0c:
44:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:6B:28:16:D9:88:3B:03:10:86:0A:F1:A8:4F:46:BE:5D:57:AA:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.172.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:76:c4:14:a9:16:cd:49:f4:df:b3:24:88:32:48:fd:9a:53:
d9:d1:44:24:b9:ce:7c:6a:ff:94:7a:d4:4c:c6:26:17:1f:41:
5b:42:00:27:c4:cd:9a:80:86:a8:2f:96:5b:95:26:d3:c4:40:
4b:57:b0:fa:09:6f:41:b0:13:f0:84:4d:c0:0a:b1:a5:a6:ff:
b6:95:14:b3:1a:4a:2f:e8:8a:0d:c5:f0:0f:57:3a:ea:11:15:
d4:7c:d4:c8:89:89:07:45:21:c1:82:56:b4:1c:51:7e:60:8f:
aa:63:e5:ba:0e:9a:00:95:0e:b8:1a:1a:a0:02:4d:b3:2a:b2:
09:66:01:e8:98:64:44:33:dc:11:50:9e:f6:50:51:44:7d:e6:
e9:6f:6b:00:71:20:08:27:e5:b7:01:94:e1:da:3d:a3:13:aa:
15:91:9a:dd:df:4c:07:ae:94:40:cd:29:2c:d3:18:4c:4e:f4:
ac:90:a1:55:2b:70:e3:fd:b5:0c:e1:bd:c4:6a:97:eb:09:e7:
a5:ba:5d:67:1a:5a:5c:62:4a:1c:95:e6:ab:dd:6f:ad:92:90:
f9:25:bd:af:be:16:3b:01:b1:53:84:5a:23:64:d3:ff:04:45:
26:1e:50:24:16:5b:72:54:7b:ca:cc:d3:fd:af:ba:2d:e6:f9:
39:57:bf:e7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKgo2YmH65eh8p9b6KoD31sLtVQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAxMTNaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyMzY0YTI4YzI1YWE5NDNlYTYyZDQ3NWUyZjAwYWU5NTFhMWM4NTRjZjEw
ZDViZmJmZGNlZDFhN2U0N2Q3OGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIOuaCX7fH4pR80lzCB1DuCS4Ac4rDMMuAQ5zFaERTsa2yqjJWU/du+mXas
OY8OyvJDPk4WBlT2ZatTmNbG7a5meCMbKfES+a7LKemPCVehXSf79RQccAW9S3A/
fnv3EXHazxVB9um825qBTMOVywDWn3X0qHzrNOW9XVcFp/uw5Gbu5GckIyTewBza
h6GSg850v8pVR4EsJjEdDSYTUQUepCjnbvu4eteGwkC54RTEtfOOzOmMZ7n7jqmt
5koyZAMMdW7HsIHZHm3FFR7zjusKIUvBI95gCSIq2zLB1akXOUPyFktVM0h4wnIt
bFr0fny0ahUkXCE0iuPbH/UMRM8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTsaygW
2Yg7AxCGCvGoT0a+XVeqTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDYyZTkzMTctYjVhYi00ZDAxLWE0NjItNGRjOGQxNjRlMTdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JrDAN
BgkqhkiG9w0BAQsFAAOCAQEArnbEFKkWzUn037MkiDJI/ZpT2dFEJLnOfGr/lHrU
TMYmFx9BW0IAJ8TNmoCGqC+WW5Um08RAS1ew+glvQbAT8IRNwAqxpab/tpUUsxpK
L+iKDcXwD1c66hEV1HzUyImJB0UhwYJWtBxRfmCPqmPlug6aAJUOuBoaoAJNsyqy
CWYB6JhkRDPcEVCe9lBRRH3m6W9rAHEgCCfltwGU4do9oxOqFZGa3d9MB66UQM0p
LNMYTE70rJChVStw4/21DOG9xGqX6wnnpbpdZxpaXGJKHJXmq91vrZKQ+SW9r74W
OwGxU4RaI2TT/wRFJh5QJBZbclR7yszT/a+6Leb5OVe/5w==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:42 2025 by rpki-client