Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
File: 0b022346-638e-4570-8b19-5cf9b4c378c8.roa (raw, json)
Hash identifier: wCCa0lBgWWRdRGe0/s9dY41MMziX42bNgwMUmIzcxgQ=
Subject key identifier: 71:EE:C1:CB:F7:E0:79:CC:62:49:BF:8F:D7:D7:EA:0B:01:25:D4:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FF0224DAA0AF87E4A0B45019DC645FDC4D6C1F4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
Signing time: Fri 26 Sep 2025 20:11:03 +0000
ROA not before: Fri 26 Sep 2025 20:11:03 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:f0:22:4d:aa:0a:f8:7e:4a:0b:45:01:9d:c6:45:fd:c4:d6:c1:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:11:03 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=d4d916781fdaef8448fa0b0f9f0b52ca8f6aca81849868249f2c02521f17c680, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:04:70:6f:b2:5e:a5:b8:ab:1d:77:52:fc:de:
e5:7b:6d:0d:5f:d1:e7:83:a8:64:b1:d3:45:6c:df:
ac:8c:82:b4:d0:ac:93:3e:4d:c4:c6:86:3d:47:ef:
d0:bc:2d:0b:51:56:0a:f5:50:20:a9:c5:22:eb:12:
ef:fd:31:c2:7d:58:b4:8a:67:d7:5e:f3:3e:38:e9:
54:7c:ef:63:77:bf:cf:ea:4c:0c:df:fa:54:0d:67:
b9:3a:e3:30:43:83:0a:7b:c6:ba:d0:ac:02:03:ef:
62:e4:a7:85:5e:f7:39:cd:71:f2:70:dc:f5:83:16:
6e:1d:ad:2a:1d:e1:a1:40:49:40:d8:89:d6:05:c9:
ec:e9:09:8c:13:e0:1b:16:6e:5a:6e:6a:c3:d8:ee:
c2:80:aa:77:11:41:9e:f9:7c:13:9e:33:fe:5f:82:
86:39:7a:f2:f6:b1:28:76:63:b0:51:d3:a7:6a:e8:
65:ac:45:10:09:8b:ab:82:05:59:3c:d8:08:42:1c:
29:51:5e:19:20:0a:82:9a:e1:54:50:2c:8b:37:a0:
86:a2:fd:b3:7f:0e:88:21:e3:85:23:d0:e2:5e:b8:
05:ee:ea:d2:58:8a:5a:1e:92:b7:8a:59:f9:a3:af:
9b:90:13:be:28:9c:57:db:d3:5f:ba:9f:60:04:47:
9b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:EE:C1:CB:F7:E0:79:CC:62:49:BF:8F:D7:D7:EA:0B:01:25:D4:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.96.0/21
Signature Algorithm: sha256WithRSAEncryption
99:b8:3b:e3:2a:a3:68:2b:e8:5a:4f:ce:d5:e7:ea:92:4a:e8:
6b:df:61:e1:08:12:32:99:b9:67:4a:ae:3d:25:26:8d:57:87:
52:fe:46:b3:0c:ba:51:71:57:66:9d:1f:db:1b:15:79:ca:75:
9c:06:41:77:7d:4b:40:cb:3e:7b:cb:cc:5e:89:5b:f3:8a:c8:
62:49:23:de:3b:c0:df:aa:ba:0e:50:b3:c8:3d:43:69:99:2e:
08:1d:01:8c:10:b2:f6:47:2f:4c:fd:88:44:24:0b:b1:b6:72:
41:b9:c3:53:25:7f:5a:c9:26:40:a0:ce:18:a7:8b:33:e1:da:
08:af:e7:a3:29:cf:cf:fb:1e:62:65:95:cb:95:0c:a4:39:a9:
d9:bb:3b:69:e2:a1:21:2f:1d:36:3a:9b:55:87:c1:39:0d:fd:
9e:50:54:ce:43:65:39:e7:d3:4c:2b:06:6f:5d:c8:fc:38:16:
f8:0a:ee:e2:c4:c1:18:38:03:47:fa:a0:70:6f:1f:b8:e8:e0:
87:40:07:fd:3c:f0:04:03:df:f6:fa:d5:87:51:c5:32:38:bf:
4b:67:f8:1c:db:e2:1e:a5:05:1c:22:51:a3:39:28:6f:b4:5f:
d7:f2:05:44:37:dd:04:f9:49:19:a5:e3:8c:06:ca:82:78:f7:
0e:2f:0e:2b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUP/AiTaoK+H5KC0UBncZF/cTWwfQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDExMDNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0ZDkxNjc4MWZkYWVmODQ0OGZhMGIwZjlmMGI1MmNhOGY2YWNhODE4NDk4
NjgyNDlmMmMwMjUyMWYxN2M2ODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI8EcG+yXqW4qx13Uvze5XttDV/R54OoZLHTRWzfrIyCtNCskz5NxMaGPUfv
0LwtC1FWCvVQIKnFIusS7/0xwn1YtIpn117zPjjpVHzvY3e/z+pMDN/6VA1nuTrj
MEODCnvGutCsAgPvYuSnhV73Oc1x8nDc9YMWbh2tKh3hoUBJQNiJ1gXJ7OkJjBPg
GxZuWm5qw9juwoCqdxFBnvl8E54z/l+Chjl68vaxKHZjsFHTp2roZaxFEAmLq4IF
WTzYCEIcKVFeGSAKgprhVFAsizeghqL9s38OiCHjhSPQ4l64Be7q0liKWh6St4pZ
+aOvm5ATviicV9vTX7qfYARHm1sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRx7sHL
9+B5zGJJv4/X1+oLASXUTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIwMjIzNDYtNjM4ZS00NTcwLThiMTktNWNmOWI0YzM3OGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099YDAN
BgkqhkiG9w0BAQsFAAOCAQEAmbg74yqjaCvoWk/O1efqkkroa99h4QgSMpm5Z0qu
PSUmjVeHUv5Gswy6UXFXZp0f2xsVecp1nAZBd31LQMs+e8vMXolb84rIYkkj3jvA
36q6DlCzyD1DaZkuCB0BjBCy9kcvTP2IRCQLsbZyQbnDUyV/WskmQKDOGKeLM+Ha
CK/noynPz/seYmWVy5UMpDmp2bs7aeKhIS8dNjqbVYfBOQ39nlBUzkNlOefTTCsG
b13I/DgW+Aru4sTBGDgDR/qgcG8fuOjgh0AH/TzwBAPf9vrVh1HFMji/S2f4HNvi
HqUFHCJRozkob7Rf1/IFRDfdBPlJGaXjjAbKgnj3Di8OKw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:41 2025 by rpki-client