Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
File: 042e82d3-e08f-4fca-9e40-387fde51dfd5.roa (raw, json)
Hash identifier: 9YZAL6jPt3f1PGAb5Qp7EFihNLpo4IY0aVmrcxF//ts=
Subject key identifier: BC:49:FF:B2:55:95:80:E8:F1:C3:05:26:35:A1:AA:08:D8:6E:F0:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1918BCFCE83ED6C117B18F5AA8865385BB562944
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
Signing time: Mon 01 Sep 2025 21:21:37 +0000
ROA not before: Mon 01 Sep 2025 21:21:37 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:18:bc:fc:e8:3e:d6:c1:17:b1:8f:5a:a8:86:53:85:bb:56:29:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:37 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=41babf8721670ee23a4f5f9302d3f0883f2277b9eaa4e1901e43fe79adb66948, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3d:5f:c1:d4:b3:40:8d:20:52:fd:b0:df:f7:
07:52:41:f3:c1:20:1d:f8:da:29:9d:58:30:1f:c0:
45:8c:b5:6f:e3:49:06:29:83:e3:2c:d6:4a:e5:e9:
28:54:4b:cc:ec:fb:c3:c2:93:3d:ee:02:41:8d:70:
7b:e6:13:5f:8a:5f:24:73:c1:d8:cd:45:1f:c6:01:
06:d1:af:ea:e1:07:a6:4a:ec:5d:c1:52:3e:3e:be:
57:89:56:4b:05:4f:98:55:8f:b9:7b:8f:b6:db:ef:
1a:7c:72:c1:bd:a6:14:eb:2f:7b:7e:4c:89:ce:f0:
2d:fe:3f:07:e8:51:93:5d:e6:8d:7b:a9:5e:15:22:
89:b8:8f:2c:55:7a:a5:fa:b3:eb:49:d1:c3:6b:ad:
8a:7c:7b:97:41:e3:fb:62:e6:cc:56:5b:71:b5:16:
a0:ed:c6:25:b2:24:40:d6:b2:bd:bd:c4:44:7a:fd:
58:af:19:a7:eb:bd:98:54:b5:cb:a8:ec:6b:db:d8:
77:f4:aa:b0:2b:9a:e3:58:6e:4a:20:9b:17:59:77:
5a:7d:40:3b:75:85:8f:c7:fc:30:76:d9:17:71:1f:
ef:1a:cb:74:1a:f2:7e:43:32:7a:09:e7:a2:4c:30:
ed:98:c5:6d:9a:5c:ca:36:90:85:74:1d:17:0c:c1:
01:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:49:FF:B2:55:95:80:E8:F1:C3:05:26:35:A1:AA:08:D8:6E:F0:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.104.0/21
Signature Algorithm: sha256WithRSAEncryption
80:c6:dc:4a:38:9d:1c:4c:74:4a:d0:3e:da:e5:c1:37:03:dc:
14:0e:63:08:4c:d7:7f:ea:2f:27:a7:03:80:0c:d6:15:be:00:
a2:85:f5:cf:36:67:f1:50:13:b3:7f:37:b3:84:f5:91:04:67:
0e:7c:52:99:e6:29:bc:1d:0a:4f:22:94:7e:2b:41:e3:54:02:
41:94:3b:99:7c:ed:9f:1c:05:0d:33:25:09:3c:aa:53:5d:14:
86:44:cd:c7:12:d2:de:8f:ed:4d:19:f7:34:0b:6a:32:ce:74:
3d:63:69:6c:75:d2:09:33:ab:72:b6:46:6b:84:d0:10:b9:fb:
7b:ab:08:ef:1f:47:a1:8b:a2:3c:dc:7c:f0:ca:38:93:53:2b:
a0:8f:d7:0b:10:1e:e0:c6:b1:84:7e:ee:3a:cc:46:af:a7:87:
2c:bd:f7:f2:94:5a:48:bd:b2:66:7b:fc:e4:84:9f:bf:02:c9:
d9:01:89:76:e0:f2:0d:56:c8:a3:59:2f:85:8a:91:78:79:bd:
6e:17:16:1e:3e:6e:65:c9:d7:7c:f1:30:89:eb:cd:cb:09:15:
e5:22:ed:b0:4a:a7:e2:3c:3a:7e:64:1d:a7:ef:e0:66:f2:27:
62:3d:e4:6f:f8:62:ce:de:3b:90:75:6f:52:03:0b:fc:b9:8f:
8f:02:4b:e2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGRi8/Og+1sEXsY9aqIZThbtWKUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMzdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxYmFiZjg3MjE2NzBlZTIzYTRmNWY5MzAyZDNmMDg4M2YyMjc3YjllYWE0
ZTE5MDFlNDNmZTc5YWRiNjY5NDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANg9X8HUs0CNIFL9sN/3B1JB88EgHfjaKZ1YMB/ARYy1b+NJBimD4yzWSuXp
KFRLzOz7w8KTPe4CQY1we+YTX4pfJHPB2M1FH8YBBtGv6uEHpkrsXcFSPj6+V4lW
SwVPmFWPuXuPttvvGnxywb2mFOsve35Mic7wLf4/B+hRk13mjXupXhUiibiPLFV6
pfqz60nRw2utinx7l0Hj+2LmzFZbcbUWoO3GJbIkQNayvb3ERHr9WK8Zp+u9mFS1
y6jsa9vYd/SqsCua41huSiCbF1l3Wn1AO3WFj8f8MHbZF3Ef7xrLdBryfkMyegnn
okww7ZjFbZpcyjaQhXQdFwzBARMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS8Sf+y
VZWA6PHDBSY1oaoI2G7wvDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQyZTgyZDMtZTA4Zi00ZmNhLTllNDAtMzg3ZmRlNTFkZmQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099aDAN
BgkqhkiG9w0BAQsFAAOCAQEAgMbcSjidHEx0StA+2uXBNwPcFA5jCEzXf+ovJ6cD
gAzWFb4AooX1zzZn8VATs383s4T1kQRnDnxSmeYpvB0KTyKUfitB41QCQZQ7mXzt
nxwFDTMlCTyqU10UhkTNxxLS3o/tTRn3NAtqMs50PWNpbHXSCTOrcrZGa4TQELn7
e6sI7x9HoYuiPNx88Mo4k1MroI/XCxAe4MaxhH7uOsxGr6eHLL338pRaSL2yZnv8
5ISfvwLJ2QGJduDyDVbIo1kvhYqReHm9bhcWHj5uZcnXfPEwievNywkV5SLtsEqn
4jw6fmQdp+/gZvInYj3kb/hizt47kHVvUgML/LmPjwJL4g==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:32 2025 by rpki-client