Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
File: 332d3a7e-56bb-435c-b479-a81f23cb0414.roa (raw, json)
Hash identifier: dBRujoRLSE0+6zSdo3vxgbgucqBzV+QVjC6ytBZOh8A=
Subject key identifier: 0B:13:72:01:C4:A6:B3:4A:E9:FC:19:4C:31:7D:46:4D:66:DF:BA:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A9BD9F5F78B8A6F1BDBB2E8475C2347A3955C59
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
Signing time: Fri 26 Sep 2025 20:10:59 +0000
ROA not before: Fri 26 Sep 2025 20:10:59 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:9b:d9:f5:f7:8b:8a:6f:1b:db:b2:e8:47:5c:23:47:a3:95:5c:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:10:59 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=4000339d915e11024cec285eacc6784618ef148ec0af1be5e93438d885c77388, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:95:75:43:93:15:91:8d:0e:03:88:81:c5:5b:
9c:31:c7:a9:e0:8e:24:88:79:a9:fd:ba:af:65:b7:
eb:73:4f:89:ef:a4:52:ad:81:7c:25:2a:97:31:93:
2d:34:f0:10:a2:bd:89:86:33:4b:b0:cc:a4:9b:74:
30:a6:d2:c0:08:d1:29:9e:1f:f1:10:23:b5:c2:1c:
26:1d:5a:2a:80:fb:88:bd:b3:e8:ff:8b:0a:d8:27:
9d:c6:ef:64:f5:69:d0:0a:4a:29:2c:48:1a:8d:ae:
e0:83:77:77:b7:08:9a:a3:85:bd:6d:d7:9b:cf:92:
c8:7e:a8:04:79:67:12:43:f3:41:89:60:82:bb:58:
05:4c:f7:c0:48:09:53:75:a0:8c:d0:1d:7e:84:f6:
83:45:4b:b7:17:a4:a4:ea:ae:f4:98:1d:89:11:88:
59:44:f3:50:a8:62:f4:2a:15:8a:4b:4e:82:0d:5d:
e9:15:27:dd:1b:32:77:7b:30:5a:e9:85:03:a4:c5:
45:e9:a9:8b:ff:57:2f:5d:94:16:29:a4:cd:64:1b:
d8:ae:f5:a6:7e:4f:b9:8f:42:c8:e4:3e:b2:9a:3b:
4f:51:6d:e1:af:5f:aa:4f:10:03:a8:fa:c6:47:ea:
fe:12:fd:ea:e4:51:05:60:d5:45:72:73:f1:56:0b:
c8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:13:72:01:C4:A6:B3:4A:E9:FC:19:4C:31:7D:46:4D:66:DF:BA:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.28.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:25:53:3d:ac:4c:54:bc:13:38:0e:2b:97:c2:0f:b4:d2:12:
4b:b1:8b:7a:54:f5:1c:5e:06:c0:b2:7d:85:f6:a2:78:4d:29:
72:70:b3:5a:7a:4b:1a:d5:a6:d0:40:56:de:1d:de:96:de:d4:
f0:99:7f:a4:58:c2:51:bf:a0:a4:5f:76:f9:c8:e7:2d:05:d6:
93:ef:3b:cc:af:5c:bd:e7:df:8e:4e:2e:19:e5:12:e4:db:6b:
79:e6:06:08:ab:55:0e:f9:7d:07:0b:e2:fe:ca:3a:a4:a7:8a:
34:2e:a4:0c:d7:e0:c5:d7:99:a4:b0:3d:e7:f7:73:5e:07:a5:
e8:cf:a1:b9:e8:18:63:90:32:ae:ab:9b:86:61:eb:a3:f8:aa:
b3:e8:77:9c:4a:ae:92:dc:d2:81:3e:f7:b0:fc:b0:00:d1:c1:
8a:20:42:bf:e3:38:06:e4:22:61:47:bc:c8:57:38:7e:3b:1b:
05:43:64:21:f1:05:96:02:c5:4e:7c:33:d4:85:09:d6:66:6b:
c2:f5:eb:12:de:4d:db:a1:3a:0e:04:80:3c:97:2e:30:4b:cd:
16:f3:d2:2b:00:ed:5d:a9:50:8f:e5:bc:96:e0:c0:96:20:a3:
c6:68:a0:dd:a4:08:0e:9f:d8:7f:7a:ce:0f:6b:60:ab:55:17:
14:43:92:2c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUapvZ9feLim8b27LoR1wjR6OVXFkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDEwNTlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwMDAzMzlkOTE1ZTExMDI0Y2VjMjg1ZWFjYzY3ODQ2MThlZjE0OGVjMGFm
MWJlNWU5MzQzOGQ4ODVjNzczODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+VdUOTFZGNDgOIgcVbnDHHqeCOJIh5qf26r2W363NPie+kUq2BfCUqlzGT
LTTwEKK9iYYzS7DMpJt0MKbSwAjRKZ4f8RAjtcIcJh1aKoD7iL2z6P+LCtgnncbv
ZPVp0ApKKSxIGo2u4IN3d7cImqOFvW3Xm8+SyH6oBHlnEkPzQYlggrtYBUz3wEgJ
U3WgjNAdfoT2g0VLtxekpOqu9JgdiRGIWUTzUKhi9CoViktOgg1d6RUn3Rsyd3sw
WumFA6TFRempi/9XL12UFimkzWQb2K71pn5PuY9CyOQ+spo7T1Ft4a9fqk8QA6j6
xkfq/hL96uRRBWDVRXJz8VYLyEECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQLE3IB
xKazSun8GUwxfUZNZt+6LzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzMyZDNhN2UtNTZiYi00MzVjLWI0NzktYTgxZjIzY2IwNDE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99HDAN
BgkqhkiG9w0BAQsFAAOCAQEAbSVTPaxMVLwTOA4rl8IPtNISS7GLelT1HF4GwLJ9
hfaieE0pcnCzWnpLGtWm0EBW3h3elt7U8Jl/pFjCUb+gpF92+cjnLQXWk+87zK9c
veffjk4uGeUS5NtreeYGCKtVDvl9Bwvi/so6pKeKNC6kDNfgxdeZpLA95/dzXgel
6M+huegYY5AyrqubhmHro/iqs+h3nEquktzSgT73sPywANHBiiBCv+M4BuQiYUe8
yFc4fjsbBUNkIfEFlgLFTnwz1IUJ1mZrwvXrEt5N26E6DgSAPJcuMEvNFvPSKwDt
XalQj+W8luDAliCjxmig3aQIDp/Yf3rOD2tgq1UXFEOSLA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:18 2025 by rpki-client