Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
File: e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa (raw, json)
Hash identifier: 3syLPBs3ycRKJ3xNDEt1twQ1gjmVvAx4AB8z6Rch4cw=
Subject key identifier: 7A:85:C0:E2:6C:67:B1:E7:1E:EC:F3:4F:8F:27:1E:54:BC:E8:EE:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 225AF4B756E530F4BF33F7FFC7B676660914370C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
Signing time: Sat 27 Sep 2025 00:53:33 +0000
ROA not before: Sat 27 Sep 2025 00:53:33 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:5a:f4:b7:56:e5:30:f4:bf:33:f7:ff:c7:b6:76:66:09:14:37:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 27 00:53:33 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=f7ecb4321069ce45dfc3810509b56c5c634c9563b075b3899c742b0c23c3714d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:38:d4:96:62:96:a7:35:cb:1d:d2:82:c1:29:
03:f6:06:9c:4b:25:e7:e9:8d:15:89:d9:45:3d:a9:
88:75:66:b9:c5:95:77:ab:f3:79:57:cb:b0:c9:84:
0c:59:37:38:63:84:cc:ac:f9:2a:a4:e4:9d:05:2c:
c0:77:ed:39:d4:f7:eb:33:da:7d:2f:df:0b:1a:04:
ac:5d:d9:37:91:28:ad:6b:d2:04:cf:41:ca:0a:c9:
07:e6:43:6b:52:d7:65:d2:4f:d4:74:49:fa:1d:f1:
c5:fd:35:4f:9c:7a:8b:e9:71:50:80:3a:6e:a8:af:
9b:94:e2:92:91:43:a7:67:32:d4:c5:34:e3:47:14:
10:56:3d:1c:4f:ba:46:d7:a8:48:a2:0b:01:b2:3e:
a5:b3:20:13:cb:7d:89:59:04:d6:db:78:f0:c0:a7:
66:50:e2:f2:3b:ae:58:01:54:90:4a:36:cc:ac:6f:
ea:29:07:29:70:58:41:cb:af:89:b4:e2:e8:89:7a:
c2:c6:0d:61:a8:22:c0:4f:89:99:f5:26:76:0e:29:
bd:63:5c:f8:9a:02:67:9c:3f:bb:76:f8:ab:db:c2:
f7:82:30:1f:c0:e2:33:7d:36:12:90:36:60:ca:9f:
0d:15:1b:a2:38:75:09:e0:a5:51:a5:3a:ab:c8:6d:
11:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:85:C0:E2:6C:67:B1:E7:1E:EC:F3:4F:8F:27:1E:54:BC:E8:EE:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/17
Signature Algorithm: sha256WithRSAEncryption
7c:6c:3d:73:91:54:35:d3:96:5d:0c:2d:24:e9:47:8f:cb:fc:
7c:cf:15:87:1f:2a:57:4f:03:19:81:be:fb:be:72:55:58:b1:
cd:64:8c:fa:f3:23:eb:53:95:be:3a:12:68:32:24:bc:d8:75:
fe:57:ef:5b:ab:df:42:4e:25:f8:ae:e0:8e:c4:28:85:a5:3c:
ff:95:08:85:8a:26:94:6b:c4:26:fc:b4:55:86:39:04:a7:ad:
62:c6:0a:54:03:d8:d7:a3:83:4f:37:d2:81:5f:bb:1a:4a:f2:
9c:76:11:88:58:a4:77:95:b2:ca:07:54:0f:d0:48:14:66:34:
be:93:38:3a:f7:c5:0e:f4:21:15:c8:13:05:0d:b3:10:25:31:
37:1c:35:5c:98:d2:dc:07:6e:07:a5:35:34:53:ac:66:44:85:
61:e3:a2:1f:29:62:31:84:56:bf:c4:3c:02:25:9b:7f:c5:a2:
1e:81:34:d7:00:80:f5:95:9c:b0:81:46:d3:a7:da:6d:7b:cb:
83:f0:0f:ad:51:25:85:82:f3:97:96:c0:e3:9f:96:39:45:5e:
0c:ed:80:84:14:97:67:80:33:06:4e:e9:fa:ba:34:7f:93:33:
77:c8:90:ca:d0:9d:6e:06:da:6c:eb:59:3a:41:16:9e:8d:1e:
5b:fb:3c:87
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIlr0t1blMPS/M/f/x7Z2ZgkUNwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjcwMDUzMzNaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3ZWNiNDMyMTA2OWNlNDVkZmMzODEwNTA5YjU2YzVjNjM0Yzk1NjNiMDc1
YjM4OTljNzQyYjBjMjNjMzcxNGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOE41JZilqc1yx3SgsEpA/YGnEsl5+mNFYnZRT2piHVmucWVd6vzeVfLsMmE
DFk3OGOEzKz5KqTknQUswHftOdT36zPafS/fCxoErF3ZN5EorWvSBM9BygrJB+ZD
a1LXZdJP1HRJ+h3xxf01T5x6i+lxUIA6bqivm5TikpFDp2cy1MU040cUEFY9HE+6
RteoSKILAbI+pbMgE8t9iVkE1tt48MCnZlDi8juuWAFUkEo2zKxv6ikHKXBYQcuv
ibTi6Il6wsYNYagiwE+JmfUmdg4pvWNc+JoCZ5w/u3b4q9vC94IwH8DiM302EpA2
YMqfDRUbojh1CeClUaU6q8htEXMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR6hcDi
bGex5x7s80+PJx5UvOjutjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTNhMGIyMDAtM2YxNi00ZWI3LWFhMGEtZmNjYzQ2YTkwOTJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB099ADAN
BgkqhkiG9w0BAQsFAAOCAQEAfGw9c5FUNdOWXQwtJOlHj8v8fM8Vhx8qV08DGYG+
+75yVVixzWSM+vMj61OVvjoSaDIkvNh1/lfvW6vfQk4l+K7gjsQohaU8/5UIhYom
lGvEJvy0VYY5BKetYsYKVAPY16ODTzfSgV+7GkrynHYRiFikd5WyygdUD9BIFGY0
vpM4OvfFDvQhFcgTBQ2zECUxNxw1XJjS3AduB6U1NFOsZkSFYeOiHyliMYRWv8Q8
AiWbf8WiHoE01wCA9ZWcsIFG06fabXvLg/APrVElhYLzl5bA45+WOUVeDO2AhBSX
Z4AzBk7p+ro0f5Mzd8iQytCdbgbabOtZOkEWno0eW/s8hw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:17 2025 by rpki-client