Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
File: 5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa (raw, json)
Hash identifier: /G3gfJJUzq5dvymf8kZkHdMYqfHXr7pTBo7hV7XRIBM=
Subject key identifier: 11:8D:6C:DC:0E:D8:FC:B1:09:A6:2A:6B:D9:3F:ED:5B:AB:00:AF:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21F65975F448A366408118482D782A6579BB42A5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
Signing time: Fri 26 Sep 2025 20:10:23 +0000
ROA not before: Fri 26 Sep 2025 20:10:23 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:f6:59:75:f4:48:a3:66:40:81:18:48:2d:78:2a:65:79:bb:42:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:10:23 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=031ded6d457591e9cfd306aae76fb9fdfd6b304504e015120e7ac489a9f83a36, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:67:c7:ae:c3:13:ad:50:b0:fb:d6:93:66:7e:
12:cd:66:d7:13:3e:94:c0:07:16:64:c1:35:b9:66:
e4:22:8e:39:8f:17:4b:4b:e3:5f:40:ce:fd:2e:5c:
be:6c:fb:9c:fd:25:29:22:0b:53:35:6e:f3:b8:6f:
53:2d:98:6c:7a:cc:ab:ac:46:7c:e4:86:59:47:60:
0c:9a:df:67:96:5a:ea:fa:7e:bf:d6:54:11:f3:5b:
00:c9:78:6a:5e:89:0a:f2:36:50:2a:63:67:e1:1b:
3b:8f:06:e8:e6:26:48:30:42:06:7c:61:e3:15:ab:
f5:29:8c:29:66:b9:d4:60:ee:27:65:e4:8c:ae:a0:
22:ef:52:a3:70:fc:94:3b:09:36:5b:14:3c:45:19:
82:70:90:59:69:6f:35:83:1b:f3:a7:46:60:e8:2c:
19:05:9b:bd:64:a8:2a:79:f1:56:31:6d:8f:71:ea:
2d:d9:e5:68:c0:3d:f0:e8:30:d9:df:20:06:14:5c:
24:e3:81:12:aa:de:d9:d2:b4:2e:c9:5e:13:aa:aa:
70:7e:d7:0a:c7:fe:23:f0:b0:1b:aa:ae:d1:9b:ec:
be:07:2e:0c:8f:10:9f:3c:84:ca:48:50:a1:96:d7:
d1:df:92:43:ec:a9:8d:e6:b6:5f:30:59:1b:5f:65:
af:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:8D:6C:DC:0E:D8:FC:B1:09:A6:2A:6B:D9:3F:ED:5B:AB:00:AF:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.24.0/22
Signature Algorithm: sha256WithRSAEncryption
20:61:3c:a6:33:4b:30:4e:36:8b:9b:cf:72:a2:7b:82:9f:a0:
23:0a:d6:5d:00:b7:29:83:ab:ce:50:5a:ab:92:68:21:4b:8d:
8b:5d:1c:ae:2c:4e:e0:73:ea:7a:6a:d1:73:56:7d:85:46:d2:
17:9b:f6:4d:38:2f:f9:42:b1:87:53:c0:dc:88:d6:93:74:8f:
99:f5:df:3a:59:99:81:ef:4b:2b:74:28:cf:5b:b6:7d:d4:8a:
c3:23:d0:a2:65:eb:c0:01:19:79:00:35:3a:6a:3a:7f:1f:5c:
64:ea:c9:68:10:f5:1b:c9:f9:ed:50:58:7e:55:a7:b6:d5:62:
6c:19:e3:14:95:90:50:af:49:78:ed:6f:71:3f:da:55:d5:cd:
a9:f6:e5:9d:9d:3a:b0:03:8b:b2:bb:ea:1a:ac:10:73:46:3b:
e3:1e:d1:83:1f:09:0d:26:2e:81:13:f7:f9:43:79:81:06:02:
c1:14:a9:f6:a2:36:6a:4f:9d:86:33:37:79:ed:aa:8c:75:37:
2d:75:d8:de:61:4b:b2:2a:8d:1c:11:3c:ff:9a:70:75:0c:44:
f1:78:29:bd:19:3d:44:e1:86:d1:79:2b:db:60:c3:67:e9:82:
11:35:f8:e5:91:a6:ca:01:09:d3:81:5d:96:13:66:a7:86:51:
f0:c2:f1:18
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIfZZdfRIo2ZAgRhILXgqZXm7QqUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDEwMjNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzMWRlZDZkNDU3NTkxZTljZmQzMDZhYWU3NmZiOWZkZmQ2YjMwNDUwNGUw
MTUxMjBlN2FjNDg5YTlmODNhMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9nx67DE61QsPvWk2Z+Es1m1xM+lMAHFmTBNblm5CKOOY8XS0vjX0DO/S5c
vmz7nP0lKSILUzVu87hvUy2YbHrMq6xGfOSGWUdgDJrfZ5Za6vp+v9ZUEfNbAMl4
al6JCvI2UCpjZ+EbO48G6OYmSDBCBnxh4xWr9SmMKWa51GDuJ2XkjK6gIu9So3D8
lDsJNlsUPEUZgnCQWWlvNYMb86dGYOgsGQWbvWSoKnnxVjFtj3HqLdnlaMA98Ogw
2d8gBhRcJOOBEqre2dK0LsleE6qqcH7XCsf+I/CwG6qu0ZvsvgcuDI8QnzyEykhQ
oZbX0d+SQ+ypjea2XzBZG19lr3sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQRjWzc
Dtj8sQmmKmvZP+1bqwCvGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWRjYTAyZTYtMDNhNC00MjUxLWI2ZDMtNWM5NmQyMmFmN2NiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99GDAN
BgkqhkiG9w0BAQsFAAOCAQEAIGE8pjNLME42i5vPcqJ7gp+gIwrWXQC3KYOrzlBa
q5JoIUuNi10crixO4HPqemrRc1Z9hUbSF5v2TTgv+UKxh1PA3IjWk3SPmfXfOlmZ
ge9LK3Qoz1u2fdSKwyPQomXrwAEZeQA1Omo6fx9cZOrJaBD1G8n57VBYflWnttVi
bBnjFJWQUK9JeO1vcT/aVdXNqfblnZ06sAOLsrvqGqwQc0Y74x7Rgx8JDSYugRP3
+UN5gQYCwRSp9qI2ak+dhjM3ee2qjHU3LXXY3mFLsiqNHBE8/5pwdQxE8XgpvRk9
ROGG0Xkr22DDZ+mCETX45ZGmygEJ04FdlhNmp4ZR8MLxGA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:47:21 2025 by rpki-client