Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
File: 042e82d3-e08f-4fca-9e40-387fde51dfd5.roa (raw, json)
Hash identifier: v93AP3FoHa2Xysi/jTNhw2AGGgWZmr3IjYnxLEuL84w=
Subject key identifier: B0:44:7C:F7:AB:88:AA:AE:D2:46:A0:CC:21:33:33:BB:20:59:33:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5AC3ED42341C00868C291CDE1BC374535214756F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
Signing time: Fri 26 Sep 2025 20:11:02 +0000
ROA not before: Fri 26 Sep 2025 20:11:02 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:c3:ed:42:34:1c:00:86:8c:29:1c:de:1b:c3:74:53:52:14:75:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:11:02 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=1569af71800e32cea9c117d6ea1868aa3d9f2eed29fe3b8d19d53fd5647bd5b2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f2:8b:ec:56:74:a3:fc:5d:2d:64:87:9a:56:
72:ff:22:73:32:27:b3:84:d3:cb:c1:0b:74:94:b2:
5e:fe:f5:7d:b9:05:8d:46:f3:4c:7b:b6:a9:23:91:
4e:ba:df:25:0b:ba:eb:eb:d6:e0:81:d0:e7:6c:da:
ee:e8:0c:20:8a:fd:c2:9b:0a:af:57:6b:14:98:e0:
94:70:a2:23:46:5b:a2:c1:ed:56:6a:9b:98:57:43:
0e:f7:c9:cb:89:d8:f3:8f:4a:4a:77:b7:e4:f6:c3:
ca:63:a8:c6:49:50:4a:40:83:0c:36:47:d4:3d:74:
e7:b8:ba:1d:11:c0:fc:a6:44:2d:ab:d1:7f:41:22:
72:04:e5:33:e1:64:fd:34:12:d2:21:21:77:aa:e2:
bc:aa:8c:c4:bd:1f:ae:d8:35:31:9c:4a:11:13:bb:
6c:9a:ef:13:f6:eb:92:9f:c7:51:4b:94:e9:57:f0:
28:80:eb:80:1a:70:c5:85:b6:11:4d:90:08:d0:13:
a0:58:da:00:45:dc:c6:34:7e:e0:90:ae:2e:a0:cd:
2b:b8:08:f4:6f:93:8b:a8:ba:d5:d6:ed:40:0b:b3:
6b:f6:55:f6:ba:e4:dd:4f:5a:0b:eb:90:88:9f:1f:
2a:70:64:76:6a:0d:33:ba:ff:24:6f:b5:e4:0d:3f:
9c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:44:7C:F7:AB:88:AA:AE:D2:46:A0:CC:21:33:33:BB:20:59:33:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.104.0/21
Signature Algorithm: sha256WithRSAEncryption
b4:c4:0b:ec:dd:2a:2b:91:41:0f:54:8b:4a:d9:4d:43:41:65:
7a:52:29:6d:a6:7a:3f:18:92:61:05:5e:46:12:32:df:d0:54:
18:81:19:38:c5:13:9e:36:f8:5a:a8:04:36:85:4e:4f:95:5f:
6d:a0:04:d8:0e:e6:7c:2c:6c:4c:6d:b2:b8:c9:5e:5e:da:d7:
64:b3:0c:ea:f4:4a:a0:59:7b:4e:e9:33:56:77:e3:bd:ce:02:
90:82:a0:97:10:3e:b5:96:05:43:57:60:9d:b9:19:1f:34:27:
d9:19:96:2c:8b:39:0e:d2:67:39:0f:25:25:68:44:22:c2:de:
b1:8a:37:cc:79:1c:01:41:f5:43:b2:ee:4e:38:be:e1:22:b5:
3c:b1:68:31:a4:f8:50:49:93:42:73:e9:b0:f2:bd:23:b4:5b:
8d:3e:e2:94:5f:7b:5a:13:4b:55:7a:eb:21:93:77:44:37:83:
65:98:e5:95:31:40:ec:03:25:31:d1:96:ff:4b:39:a9:e7:b8:
a6:40:9f:84:e8:83:99:36:b1:12:2e:59:af:31:d4:50:40:68:
8d:db:8d:28:68:6f:ac:a5:50:92:51:83:9f:31:30:f4:79:d8:
3b:65:bc:87:c1:78:1e:5b:92:56:96:d7:1a:b4:79:9f:19:33:
7f:d8:a2:02
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWsPtQjQcAIaMKRzeG8N0U1IUdW8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDExMDJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1NjlhZjcxODAwZTMyY2VhOWMxMTdkNmVhMTg2OGFhM2Q5ZjJlZWQyOWZl
M2I4ZDE5ZDUzZmQ1NjQ3YmQ1YjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOvyi+xWdKP8XS1kh5pWcv8iczIns4TTy8ELdJSyXv71fbkFjUbzTHu2qSOR
TrrfJQu66+vW4IHQ52za7ugMIIr9wpsKr1drFJjglHCiI0ZbosHtVmqbmFdDDvfJ
y4nY849KSne35PbDymOoxklQSkCDDDZH1D1057i6HRHA/KZELavRf0EicgTlM+Fk
/TQS0iEhd6rivKqMxL0frtg1MZxKERO7bJrvE/brkp/HUUuU6VfwKIDrgBpwxYW2
EU2QCNAToFjaAEXcxjR+4JCuLqDNK7gI9G+Ti6i61dbtQAuza/ZV9rrk3U9aC+uQ
iJ8fKnBkdmoNM7r/JG+15A0/nC0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSwRHz3
q4iqrtJGoMwhMzO7IFkzFDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQyZTgyZDMtZTA4Zi00ZmNhLTllNDAtMzg3ZmRlNTFkZmQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099aDAN
BgkqhkiG9w0BAQsFAAOCAQEAtMQL7N0qK5FBD1SLStlNQ0FlelIpbaZ6PxiSYQVe
RhIy39BUGIEZOMUTnjb4WqgENoVOT5VfbaAE2A7mfCxsTG2yuMleXtrXZLMM6vRK
oFl7TukzVnfjvc4CkIKglxA+tZYFQ1dgnbkZHzQn2RmWLIs5DtJnOQ8lJWhEIsLe
sYo3zHkcAUH1Q7LuTji+4SK1PLFoMaT4UEmTQnPpsPK9I7RbjT7ilF97WhNLVXrr
IZN3RDeDZZjllTFA7AMlMdGW/0s5qee4pkCfhOiDmTaxEi5ZrzHUUEBojduNKGhv
rKVQklGDnzEw9HnYO2W8h8F4HluSVpbXGrR5nxkzf9iiAg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:19 2025 by rpki-client