Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
File: 0b022346-638e-4570-8b19-5cf9b4c378c8.roa (raw, json)
Hash identifier: VHR65fPuNRMFfAhccpTLKdksyJ229G1TeQr24aotc34=
Subject key identifier: F6:83:65:8E:E3:2D:99:06:57:3C:2A:8F:90:D4:D5:E9:B7:99:35:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72D20661FDB202105919B84F533D7D8AA777C199
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
Signing time: Mon 01 Sep 2025 21:21:38 +0000
ROA not before: Mon 01 Sep 2025 21:21:38 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:d2:06:61:fd:b2:02:10:59:19:b8:4f:53:3d:7d:8a:a7:77:c1:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:38 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=42705b573ce721243697bee8949b651f58b3a301a6ec99367002c056eae7bbe9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:40:72:63:ba:1c:fa:76:21:3e:95:fc:2b:6f:
d3:9f:69:f6:a7:d7:19:af:87:89:d5:fc:a8:31:4e:
c4:00:76:69:dc:1a:21:bb:05:7f:d9:fa:12:6d:35:
1b:da:a2:79:eb:a5:c9:b0:22:5a:ea:8c:2f:31:99:
fd:21:1b:18:f9:d5:4a:69:1c:54:db:4f:8c:85:6e:
c8:55:95:73:f7:bb:01:88:83:b4:31:b9:69:6a:86:
7c:51:02:56:89:e2:27:26:38:59:2b:8e:63:3d:a7:
38:e5:e7:af:48:50:1a:0f:f7:5f:95:dd:c7:d7:ce:
07:06:ed:8a:31:03:15:09:99:47:67:a2:3a:47:c5:
87:be:49:fc:40:e6:08:9b:d3:3d:91:60:0b:34:1b:
6c:d9:60:1d:2b:32:c7:39:94:67:9f:6f:6b:bb:0d:
04:f7:46:93:76:96:9a:0b:10:24:d8:3f:cf:2b:67:
01:71:1f:af:b5:6c:52:73:93:2b:54:47:c8:51:78:
77:05:dc:ef:81:cb:5e:7c:d9:8f:0f:7f:78:c4:d7:
31:43:33:2b:d2:99:bc:68:6a:06:dc:6a:6e:7d:74:
68:c7:54:bd:ab:e2:e8:d8:c7:9b:33:62:1e:85:01:
09:16:79:32:93:aa:60:b1:1b:cb:c7:50:07:a6:41:
12:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:83:65:8E:E3:2D:99:06:57:3C:2A:8F:90:D4:D5:E9:B7:99:35:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.96.0/21
Signature Algorithm: sha256WithRSAEncryption
89:0e:6c:79:2f:f5:48:9f:7e:f0:b9:0e:9d:74:64:af:ea:d5:
c5:31:2d:f3:54:1f:66:ec:d0:d3:57:16:49:b4:e7:f3:89:8e:
55:b2:c0:13:4d:31:35:38:aa:2d:35:94:3c:9a:91:45:04:b7:
b4:77:b5:25:34:46:a2:f1:23:26:98:2d:89:ac:ba:1f:27:c7:
f9:50:4c:62:f4:50:35:64:3f:51:5e:ed:16:62:c2:30:3e:ab:
af:e6:8f:d4:88:db:7b:1d:da:14:4d:ca:6c:e6:e3:b7:1d:79:
15:5a:68:f8:e9:d8:fa:e1:79:81:89:95:52:10:9c:1b:95:56:
98:f0:5b:45:e5:c2:e2:91:01:dd:72:0b:33:9f:3c:b2:b4:40:
3b:c9:98:de:6b:ac:58:6e:32:c1:a5:38:28:f9:c9:67:a9:8d:
31:6c:ca:aa:ce:18:07:4d:0b:24:af:95:f8:20:e0:b3:73:53:
2f:dd:af:53:2d:b1:df:67:95:d0:b2:56:eb:55:50:b3:87:59:
6c:a6:4b:94:ed:c7:fb:61:b3:f8:f3:47:62:bf:db:a6:82:40:
28:cc:fc:a5:66:61:09:77:a6:a1:95:4c:bc:b5:c6:1f:9a:d4:
c6:8b:b6:10:8c:e4:02:8b:48:8f:dc:44:5b:96:2d:08:47:5b:
a7:bd:29:16
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUctIGYf2yAhBZGbhPUz19iqd3wZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMzhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyNzA1YjU3M2NlNzIxMjQzNjk3YmVlODk0OWI2NTFmNThiM2EzMDFhNmVj
OTkzNjcwMDJjMDU2ZWFlN2JiZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFAcmO6HPp2IT6V/Ctv059p9qfXGa+HidX8qDFOxAB2adwaIbsFf9n6Em01
G9qieeulybAiWuqMLzGZ/SEbGPnVSmkcVNtPjIVuyFWVc/e7AYiDtDG5aWqGfFEC
VoniJyY4WSuOYz2nOOXnr0hQGg/3X5Xdx9fOBwbtijEDFQmZR2eiOkfFh75J/EDm
CJvTPZFgCzQbbNlgHSsyxzmUZ59va7sNBPdGk3aWmgsQJNg/zytnAXEfr7VsUnOT
K1RHyFF4dwXc74HLXnzZjw9/eMTXMUMzK9KZvGhqBtxqbn10aMdUvavi6NjHmzNi
HoUBCRZ5MpOqYLEby8dQB6ZBEl8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT2g2WO
4y2ZBlc8Ko+Q1NXpt5k1dTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIwMjIzNDYtNjM4ZS00NTcwLThiMTktNWNmOWI0YzM3OGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099YDAN
BgkqhkiG9w0BAQsFAAOCAQEAiQ5seS/1SJ9+8LkOnXRkr+rVxTEt81QfZuzQ01cW
SbTn84mOVbLAE00xNTiqLTWUPJqRRQS3tHe1JTRGovEjJpgtiay6HyfH+VBMYvRQ
NWQ/UV7tFmLCMD6rr+aP1Ijbex3aFE3KbObjtx15FVpo+OnY+uF5gYmVUhCcG5VW
mPBbReXC4pEB3XILM588srRAO8mY3musWG4ywaU4KPnJZ6mNMWzKqs4YB00LJK+V
+CDgs3NTL92vUy2x32eV0LJW61VQs4dZbKZLlO3H+2Gz+PNHYr/bpoJAKMz8pWZh
CXemoZVMvLXGH5rUxou2EIzkAotIj9xEW5YtCEdbp70pFg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:09:22 2025 by rpki-client