Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
File: 042e82d3-e08f-4fca-9e40-387fde51dfd5.roa (raw, json)
Hash identifier: eNn2C117EQxCQA2/7yDIFliaKrucApXGU4criGvwbSQ=
Subject key identifier: 4F:B2:37:F9:B1:5D:86:F7:04:9C:CA:2A:DE:BA:C8:64:3C:CB:60:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3282C8F4AADED84EEA272A7DADBF50A29B943E91
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
Signing time: Tue 21 Oct 2025 14:00:59 +0000
ROA not before: Tue 21 Oct 2025 14:00:59 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:82:c8:f4:aa:de:d8:4e:ea:27:2a:7d:ad:bf:50:a2:9b:94:3e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:00:59 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=b14b2d085068051abfb5f73be7d02fa1d4b3d4ad020a1b6afadadcda56f0ca34, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:30:1c:22:7f:58:02:e9:77:62:8c:c7:36:f2:
fb:49:46:fa:4b:24:d9:98:7d:79:a5:25:1e:46:ca:
83:a2:38:5d:05:d9:03:6f:b0:68:60:78:7e:b3:d9:
51:49:78:36:ae:39:52:25:38:75:d9:69:86:72:e5:
e4:b9:ce:bc:53:a3:97:8a:1c:cc:ac:09:6e:6e:ed:
8e:c2:eb:25:33:22:65:fd:7d:b4:6b:86:b4:25:9d:
c3:05:7b:ab:34:02:45:29:e3:d1:46:ee:c1:5f:84:
d1:34:51:5b:be:eb:72:1b:c0:48:91:3f:b5:c7:5c:
78:a1:86:e0:32:e5:92:91:de:41:b1:97:5d:2e:bf:
38:f3:04:e6:50:d2:57:cf:c2:c0:8c:07:ae:4c:00:
38:b3:d2:1e:ac:c5:c6:20:12:62:e3:09:68:a3:10:
bd:79:90:a3:94:d8:8c:a9:d3:72:01:38:c5:0a:1e:
b4:ea:af:02:17:e0:ea:93:9f:d2:2a:9b:8d:32:8c:
a0:de:a2:47:8b:ee:41:20:a6:f7:e6:9d:f4:58:a3:
16:d7:9b:d6:7c:11:67:69:8e:5b:7a:ff:7c:65:d8:
e0:c8:f5:1e:02:5d:68:19:e9:f7:01:7c:6d:54:30:
11:40:67:11:9e:29:3d:04:fc:63:2a:ab:2d:99:99:
be:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B2:37:F9:B1:5D:86:F7:04:9C:CA:2A:DE:BA:C8:64:3C:CB:60:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.104.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:57:e2:f6:f6:0c:c9:ce:e0:a7:48:87:27:cd:cb:e0:f7:bf:
d8:b6:3b:5d:97:43:7d:ad:f8:02:52:46:65:10:10:b1:f5:2b:
43:91:f5:35:d6:82:0a:8a:24:70:f3:0b:ba:39:23:9f:36:02:
8e:92:39:2a:ff:1b:a2:54:e4:ed:87:62:eb:dc:43:3d:38:9d:
38:4d:18:2b:19:91:46:e4:a9:2a:cc:eb:a0:7a:59:b4:36:29:
4e:96:2e:b9:31:62:6e:2a:0b:1b:93:05:f5:91:e0:ad:5d:87:
1a:c3:51:f6:fc:f4:75:72:c9:38:3b:ab:c5:99:0c:d1:9f:f7:
6d:bc:65:a1:6b:35:10:84:22:8a:b3:33:65:86:7b:f3:99:e5:
f0:8c:55:cb:64:67:4d:6c:d0:e3:3a:1b:a8:69:84:83:f8:83:
52:06:d4:ba:ac:4d:eb:ca:48:7a:f6:4d:9c:0a:46:27:49:76:
5a:b0:37:a4:29:dd:19:91:cd:81:be:4d:f4:36:f4:b7:97:44:
99:0b:ff:93:c1:fa:80:2e:bb:c0:ee:4e:29:19:eb:43:5a:ed:
df:2e:21:03:fc:c1:33:f4:9d:a6:ba:62:c9:8e:e1:7c:ba:64:
17:4f:87:fd:13:32:11:68:b0:76:09:77:aa:4f:53:88:20:2f:
35:7e:28:f2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMoLI9Kre2E7qJyp9rb9QopuUPpEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDAwNTlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxNGIyZDA4NTA2ODA1MWFiZmI1ZjczYmU3ZDAyZmExZDRiM2Q0YWQwMjBh
MWI2YWZhZGFkY2RhNTZmMGNhMzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYwHCJ/WALpd2KMxzby+0lG+ksk2Zh9eaUlHkbKg6I4XQXZA2+waGB4frPZ
UUl4Nq45UiU4ddlphnLl5LnOvFOjl4oczKwJbm7tjsLrJTMiZf19tGuGtCWdwwV7
qzQCRSnj0UbuwV+E0TRRW77rchvASJE/tcdceKGG4DLlkpHeQbGXXS6/OPME5lDS
V8/CwIwHrkwAOLPSHqzFxiASYuMJaKMQvXmQo5TYjKnTcgE4xQoetOqvAhfg6pOf
0iqbjTKMoN6iR4vuQSCm9+ad9FijFteb1nwRZ2mOW3r/fGXY4Mj1HgJdaBnp9wF8
bVQwEUBnEZ4pPQT8YyqrLZmZvq8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRPsjf5
sV2G9wScyireushkPMtgHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQyZTgyZDMtZTA4Zi00ZmNhLTllNDAtMzg3ZmRlNTFkZmQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099aDAN
BgkqhkiG9w0BAQsFAAOCAQEATlfi9vYMyc7gp0iHJ83L4Pe/2LY7XZdDfa34AlJG
ZRAQsfUrQ5H1NdaCCookcPMLujkjnzYCjpI5Kv8bolTk7Ydi69xDPTidOE0YKxmR
RuSpKszroHpZtDYpTpYuuTFibioLG5MF9ZHgrV2HGsNR9vz0dXLJODurxZkM0Z/3
bbxloWs1EIQiirMzZYZ785nl8IxVy2RnTWzQ4zobqGmEg/iDUgbUuqxN68pIevZN
nApGJ0l2WrA3pCndGZHNgb5N9Db0t5dEmQv/k8H6gC67wO5OKRnrQ1rt3y4hA/zB
M/SdprpiyY7hfLpkF0+H/RMyEWiwdgl3qk9TiCAvNX4o8g==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:21 2025 by rpki-client