Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
File: c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa (raw, json)
Hash identifier: 2EwDbeF8B8F5PRMMVYVoDgNqMu4fJpPOSE0HkNBFCp0=
Subject key identifier: 1D:B2:02:E6:33:72:17:5B:14:9E:98:E8:22:B8:DA:A4:88:79:0E:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F82A6285ED43B8F8B50D90BAE8661661442B692
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
Signing time: Sat 27 Sep 2025 00:53:36 +0000
ROA not before: Sat 27 Sep 2025 00:53:36 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:82:a6:28:5e:d4:3b:8f:8b:50:d9:0b:ae:86:61:66:14:42:b6:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 27 00:53:36 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=e39e9c1b502ab4b385fad2a8ca4cc76da341861e1349cc6b8fbdda5f14ff24f2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:30:da:f4:9a:31:6d:f0:15:ed:9c:7a:4d:80:
a7:5b:0e:d2:f9:0e:a8:6b:f7:53:45:bf:a2:9c:55:
e0:e1:1a:e4:07:d6:a9:ae:71:e0:24:ab:fe:28:5d:
e7:4a:c4:73:c6:b0:4d:aa:21:c9:f5:d4:4a:99:1d:
3c:1c:41:43:80:8f:8e:f8:9e:98:b9:ed:ef:28:84:
a3:e1:8d:b0:a0:ce:ea:81:48:09:4c:c8:4f:57:3a:
ad:c8:d9:3f:84:6b:e0:25:92:30:d8:aa:a4:c2:0e:
88:9b:cb:fc:6d:20:4e:45:c3:5e:1b:63:64:37:44:
63:61:32:d0:02:29:4c:36:76:bb:40:3f:56:54:56:
e4:ea:7d:c7:6f:f7:a3:40:84:3c:98:4c:7c:fd:ea:
67:e6:b3:75:05:83:e2:6f:57:7a:43:5e:ff:dc:47:
86:8f:11:97:c2:ae:b3:75:c7:3e:46:67:10:04:58:
b3:ed:98:17:07:a9:12:5a:e0:00:91:f2:e8:98:0b:
88:f8:f4:fd:6d:a8:53:25:2b:61:0d:43:ed:77:ee:
3a:39:e6:11:fd:69:16:db:91:d9:85:e8:89:cb:e2:
c4:b4:a8:0c:ae:ae:cb:94:5e:b2:d5:67:d7:96:50:
10:af:4a:78:e1:58:9c:86:1e:0e:b3:72:0a:c5:fb:
82:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B2:02:E6:33:72:17:5B:14:9E:98:E8:22:B8:DA:A4:88:79:0E:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.32.0/19
Signature Algorithm: sha256WithRSAEncryption
ab:cc:26:b5:c2:e1:83:61:dd:e3:e4:c2:88:5e:d2:2f:ca:c8:
db:95:3e:30:e7:c4:e9:ab:94:1b:bc:5b:95:1c:92:28:f1:46:
89:99:e8:f8:44:94:6e:22:45:02:90:29:a9:4d:f1:71:62:ec:
e0:99:2b:59:24:40:2b:32:96:28:ed:ff:8a:91:e5:20:2f:f7:
c2:e7:4a:80:61:b6:76:4a:f4:71:1b:1e:6d:9a:1c:5d:cd:56:
f6:db:53:3d:58:de:e9:93:7c:6e:e5:3b:b5:d1:dd:dd:73:09:
34:c3:20:45:80:76:0e:34:99:41:6d:01:5f:11:8f:21:3e:2c:
f4:e5:fa:49:88:12:71:18:99:35:c3:f0:fb:7b:29:71:f7:12:
62:b7:56:fa:4d:18:51:81:9c:d4:ed:6d:39:30:54:54:91:ab:
b4:cd:7e:5e:0a:07:16:25:b1:ba:81:fc:34:d4:ba:37:f6:c4:
4b:0f:e7:45:01:d0:33:ca:49:ff:27:9f:c4:c7:ff:1a:57:de:
01:4d:ab:35:c0:9e:f3:ee:f6:f5:e7:88:e0:33:e8:07:86:b2:
7c:0e:4e:e7:68:15:a8:1d:f4:bf:37:4f:28:bc:ce:7a:17:44:
15:8f:39:96:0e:62:7b:5e:df:23:1a:02:ea:9d:ae:92:2c:59:
55:34:04:ba
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUb4KmKF7UO4+LUNkLroZhZhRCtpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjcwMDUzMzZaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzOWU5YzFiNTAyYWI0YjM4NWZhZDJhOGNhNGNjNzZkYTM0MTg2MWUxMzQ5
Y2M2YjhmYmRkYTVmMTRmZjI0ZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8w2vSaMW3wFe2cek2Ap1sO0vkOqGv3U0W/opxV4OEa5AfWqa5x4CSr/ihd
50rEc8awTaohyfXUSpkdPBxBQ4CPjviemLnt7yiEo+GNsKDO6oFICUzIT1c6rcjZ
P4Rr4CWSMNiqpMIOiJvL/G0gTkXDXhtjZDdEY2Ey0AIpTDZ2u0A/VlRW5Op9x2/3
o0CEPJhMfP3qZ+azdQWD4m9XekNe/9xHho8Rl8Kus3XHPkZnEARYs+2YFwepElrg
AJHy6JgLiPj0/W2oUyUrYQ1D7XfuOjnmEf1pFtuR2YXoicvixLSoDK6uy5RestVn
15ZQEK9KeOFYnIYeDrNyCsX7gnkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQdsgLm
M3IXWxSemOgiuNqkiHkOwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzRmZWRjMDQtMjRlMC00MWRjLWExZjgtM2JhY2FlM2Q2NjE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99IDAN
BgkqhkiG9w0BAQsFAAOCAQEAq8wmtcLhg2Hd4+TCiF7SL8rI25U+MOfE6auUG7xb
lRySKPFGiZno+ESUbiJFApApqU3xcWLs4JkrWSRAKzKWKO3/ipHlIC/3wudKgGG2
dkr0cRsebZocXc1W9ttTPVje6ZN8buU7tdHd3XMJNMMgRYB2DjSZQW0BXxGPIT4s
9OX6SYgScRiZNcPw+3spcfcSYrdW+k0YUYGc1O1tOTBUVJGrtM1+XgoHFiWxuoH8
NNS6N/bESw/nRQHQM8pJ/yefxMf/GlfeAU2rNcCe8+729eeI4DPoB4ayfA5O52gV
qB30vzdPKLzOehdEFY85lg5ie17fIxoC6p2ukixZVTQEug==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:38 2025 by rpki-client