Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ee0a48b-ba88-465e-9e42-d0732351f46e.roa
File: 9ee0a48b-ba88-465e-9e42-d0732351f46e.roa (raw, json)
Hash identifier: 2i1Mgf0IpAil1bPRvpOGLFaXKvWglAWzBd7J8BuRKxc=
Subject key identifier: 3D:13:B5:20:00:F7:95:49:74:A5:55:ED:EA:8B:80:C3:7C:30:DB:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30B82F913DB44EB673255D34D6B04A84E61FC08B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ee0a48b-ba88-465e-9e42-d0732351f46e.roa
Signing time: Sat 27 Sep 2025 00:53:35 +0000
ROA not before: Sat 27 Sep 2025 00:53:35 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.112.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:b8:2f:91:3d:b4:4e:b6:73:25:5d:34:d6:b0:4a:84:e6:1f:c0:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 27 00:53:35 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=90444f445374e352146d2f20568b1972a4756e3dd90aa7bb9df57ff07473082c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:73:af:24:30:c9:a2:40:9c:b1:ce:69:6f:a3:
80:e4:59:29:8c:5f:01:5e:14:79:9a:51:81:f7:51:
62:d4:aa:e0:88:bd:1f:43:06:2b:06:0f:f1:13:0d:
d3:d0:bd:a0:65:4b:7f:0b:78:9d:9f:97:f4:de:8b:
08:cc:29:f0:92:df:96:42:6a:25:03:93:fd:71:9c:
95:5a:60:13:8a:a4:de:fe:71:d1:01:65:5a:49:b5:
6a:2a:72:3e:1c:2e:65:15:a4:cc:fd:12:74:fd:65:
75:b0:c6:b6:76:51:de:a0:b8:4a:2d:38:9e:d6:42:
66:5b:2d:89:a5:fb:f8:73:e6:ac:1d:d6:2e:2f:19:
ac:66:d6:28:3d:a3:39:c4:75:e7:b7:c3:1f:26:f8:
a4:41:2e:c1:15:de:89:23:4f:da:fe:f9:a8:1e:f4:
32:5a:16:f7:e0:eb:60:ff:c9:62:3d:a4:ad:2e:72:
5b:b5:7f:80:a6:e1:a5:d5:52:14:11:40:a7:7c:6a:
ca:c1:42:40:d7:c9:52:4b:e0:28:1e:8e:01:aa:b7:
4c:74:37:5c:a2:a2:8b:32:8f:27:99:34:c0:6b:a8:
cc:6c:80:94:e8:cb:e1:80:80:f8:27:64:53:2a:ba:
21:4f:e7:22:ed:bf:63:e4:d8:17:d3:84:02:52:1b:
22:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:13:B5:20:00:F7:95:49:74:A5:55:ED:EA:8B:80:C3:7C:30:DB:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ee0a48b-ba88-465e-9e42-d0732351f46e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.112.0/20
Signature Algorithm: sha256WithRSAEncryption
4f:47:2b:3f:71:10:0e:62:b3:2b:6b:5c:1b:85:e2:3c:4d:b4:
75:5e:76:2d:17:a0:b6:c7:d7:f0:de:82:c9:f5:f4:dc:9b:b3:
2e:47:56:14:99:d2:3e:66:8a:aa:36:ab:77:c4:21:b7:78:7a:
cf:a7:0e:54:c5:bf:c2:7f:92:de:a4:8f:9d:ee:ef:5b:22:77:
16:12:f3:30:82:5d:fe:b6:de:48:27:14:ef:71:d7:0b:f7:7e:
cc:5c:75:ab:99:08:87:61:a2:70:b2:ae:c8:db:82:39:20:ab:
fa:b9:c0:9b:6d:17:0c:79:35:bc:30:a2:54:e0:b6:a0:4b:9c:
82:df:09:3f:6c:21:63:da:42:58:fb:6d:db:7c:d7:38:8f:26:
5d:9b:27:d3:69:83:ac:68:96:ec:a1:7e:1a:27:de:40:02:05:
4d:ba:02:03:1e:06:4f:8e:2b:a5:78:82:56:8d:37:57:01:74:
6e:8f:f2:b2:d5:ef:37:ac:86:f8:27:5a:79:3c:55:00:9f:09:
6b:62:bb:fc:3a:cc:05:33:d4:bd:26:48:aa:b6:39:47:19:a6:
90:b1:5f:fc:9d:57:25:fe:03:a3:46:44:18:df:1a:19:b7:5a:
c1:48:72:92:ab:9f:d1:c3:6e:2e:e0:c2:71:75:98:ae:ce:41:
97:9e:7f:57
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMLgvkT20TrZzJV001rBKhOYfwIswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjcwMDUzMzVaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwNDQ0ZjQ0NTM3NGUzNTIxNDZkMmYyMDU2OGIxOTcyYTQ3NTZlM2RkOTBh
YTdiYjlkZjU3ZmYwNzQ3MzA4MmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtzryQwyaJAnLHOaW+jgORZKYxfAV4UeZpRgfdRYtSq4Ii9H0MGKwYP8RMN
09C9oGVLfwt4nZ+X9N6LCMwp8JLflkJqJQOT/XGclVpgE4qk3v5x0QFlWkm1aipy
PhwuZRWkzP0SdP1ldbDGtnZR3qC4Si04ntZCZlstiaX7+HPmrB3WLi8ZrGbWKD2j
OcR157fDHyb4pEEuwRXeiSNP2v75qB70MloW9+DrYP/JYj2krS5yW7V/gKbhpdVS
FBFAp3xqysFCQNfJUkvgKB6OAaq3THQ3XKKiizKPJ5k0wGuozGyAlOjL4YCA+Cdk
Uyq6IU/nIu2/Y+TYF9OEAlIbImkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ9E7Ug
APeVSXSlVe3qi4DDfDDbhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVlMGE0OGItYmE4OC00NjVlLTllNDItZDA3MzIzNTFmNDZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBE99cDAN
BgkqhkiG9w0BAQsFAAOCAQEAT0crP3EQDmKzK2tcG4XiPE20dV52LRegtsfX8N6C
yfX03JuzLkdWFJnSPmaKqjard8Qht3h6z6cOVMW/wn+S3qSPne7vWyJ3FhLzMIJd
/rbeSCcU73HXC/d+zFx1q5kIh2GicLKuyNuCOSCr+rnAm20XDHk1vDCiVOC2oEuc
gt8JP2whY9pCWPtt23zXOI8mXZsn02mDrGiW7KF+GifeQAIFTboCAx4GT44rpXiC
Vo03VwF0bo/ystXvN6yG+CdaeTxVAJ8Ja2K7/DrMBTPUvSZIqrY5RxmmkLFf/J1X
Jf4Do0ZEGN8aGbdawUhykquf0cNuLuDCcXWYrs5Bl55/Vw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:38:38 2025 by rpki-client