Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa
File: 83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa (raw, json)
Hash identifier: dVIT4FD4r9E78FsLkuF07kLrDcVYxn3myGzBjJUmpCs=
Subject key identifier: 4A:45:8C:BF:FA:84:AD:4B:47:0C:24:CE:63:98:E7:CA:16:0F:59:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0419F5540050146941A41C20FC6CEA5223783324
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa
Signing time: Wed 22 Oct 2025 00:20:07 +0000
ROA not before: Wed 22 Oct 2025 00:20:07 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:19:f5:54:00:50:14:69:41:a4:1c:20:fc:6c:ea:52:23:78:33:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 22 00:20:07 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=a8900a84ada0034ac6e0e3d88e6009d30e6d0f5ebe8818efdd3957f29808b9eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c0:23:62:5d:55:5b:75:e6:26:26:c4:2e:da:
eb:f7:d8:8e:cd:89:61:60:e7:8b:0a:4a:4a:73:37:
8c:55:5b:bc:e6:c3:99:eb:2a:25:d3:35:56:be:cd:
84:e4:7f:59:ad:4f:4e:b0:f3:89:9b:ec:84:e5:f0:
d9:4b:12:45:21:14:ce:2e:7a:ed:9c:e3:bc:61:84:
f2:cf:a6:a6:9e:25:6f:3d:6b:8b:1e:a9:db:51:48:
e5:9b:58:bc:91:15:65:48:e4:3b:3e:14:0d:17:b4:
f2:7e:c2:f3:0b:1e:a5:74:14:4c:8e:a6:34:08:79:
c0:77:d8:c8:36:a4:7e:ba:25:9d:2b:1d:0b:26:10:
2c:a1:6b:71:86:ba:85:6b:5b:f0:2e:21:a3:fc:25:
af:dd:24:30:96:12:a6:52:82:24:9f:d9:fb:4c:98:
e0:3d:28:83:bc:48:9a:0a:e4:1c:a4:a4:61:0c:71:
b4:7e:73:f2:14:1d:58:fe:37:b0:cc:39:23:b2:76:
40:ef:3e:74:72:c5:35:74:ed:ad:1f:5a:a3:4f:61:
38:80:d2:c4:22:25:3d:41:49:94:f9:0e:fc:7d:9e:
b5:c9:19:8a:ff:c0:55:71:a4:89:f8:ce:cd:4c:9c:
82:c8:c8:40:aa:de:f6:83:c8:b0:31:88:4f:f6:9c:
6b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:45:8C:BF:FA:84:AD:4B:47:0C:24:CE:63:98:E7:CA:16:0F:59:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/18
Signature Algorithm: sha256WithRSAEncryption
2e:15:95:34:f2:01:7c:3c:3c:6a:6e:cf:0c:75:c5:b3:e5:3d:
47:08:09:3c:e0:fb:36:65:cb:27:0e:fb:02:ac:0c:3f:7a:55:
0b:ad:fb:7d:fe:eb:36:1f:95:0d:aa:41:55:12:dc:4c:e8:64:
4c:bf:35:c5:18:81:43:13:b6:b2:a2:33:98:b5:36:68:cf:bf:
f5:e1:24:e5:fd:da:a9:4f:ac:e6:fd:42:d9:ef:b9:a6:19:78:
41:d6:0a:5e:99:e7:06:c9:42:b8:52:ca:25:5b:bd:a4:66:18:
d6:4b:66:5c:26:bc:11:17:2e:cc:99:d0:5a:8b:30:4f:66:ab:
9b:8f:75:06:8a:fd:60:b0:7d:6b:19:37:21:9f:32:67:f5:43:
93:d5:96:3a:08:3e:69:85:47:1b:3b:92:79:ea:f2:64:ab:ce:
b6:61:fd:77:19:b8:9a:8e:79:db:70:38:7b:6d:50:fe:95:3c:
10:7f:5f:85:f9:e0:1d:08:0d:62:1c:49:bb:36:8e:e4:d2:31:
dc:24:3f:a5:7b:04:ab:8a:80:ac:9e:c3:0e:5d:fc:f1:6d:d0:
45:fb:ab:a9:ef:fd:1a:05:31:bc:09:88:fd:27:de:ab:2d:99:
92:30:74:21:53:48:0a:e8:55:2d:d8:8d:d2:d9:0e:90:5c:0d:
9a:b1:79:55
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBBn1VABQFGlBpBwg/GzqUiN4MyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjIwMDIwMDdaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4OTAwYTg0YWRhMDAzNGFjNmUwZTNkODhlNjAwOWQzMGU2ZDBmNWViZTg4
MThlZmRkMzk1N2YyOTgwOGI5ZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjAI2JdVVt15iYmxC7a6/fYjs2JYWDniwpKSnM3jFVbvObDmesqJdM1Vr7N
hOR/Wa1PTrDziZvshOXw2UsSRSEUzi567ZzjvGGE8s+mpp4lbz1rix6p21FI5ZtY
vJEVZUjkOz4UDRe08n7C8wsepXQUTI6mNAh5wHfYyDakfrolnSsdCyYQLKFrcYa6
hWtb8C4ho/wlr90kMJYSplKCJJ/Z+0yY4D0og7xImgrkHKSkYQxxtH5z8hQdWP43
sMw5I7J2QO8+dHLFNXTtrR9ao09hOIDSxCIlPUFJlPkO/H2etckZiv/AVXGkifjO
zUycgsjIQKre9oPIsDGIT/aca0sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRKRYy/
+oStS0cMJM5jmOfKFg9Z/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODM1MDlhNWUtMmFkNy00MjFiLTkwZWYtZmNkZmRhM2ZkZmM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBk99ADAN
BgkqhkiG9w0BAQsFAAOCAQEALhWVNPIBfDw8am7PDHXFs+U9RwgJPOD7NmXLJw77
AqwMP3pVC637ff7rNh+VDapBVRLcTOhkTL81xRiBQxO2sqIzmLU2aM+/9eEk5f3a
qU+s5v1C2e+5phl4QdYKXpnnBslCuFLKJVu9pGYY1ktmXCa8ERcuzJnQWoswT2ar
m491Bor9YLB9axk3IZ8yZ/VDk9WWOgg+aYVHGzuSeeryZKvOtmH9dxm4mo5523A4
e21Q/pU8EH9fhfngHQgNYhxJuzaO5NIx3CQ/pXsEq4qArJ7DDl388W3QRfurqe/9
GgUxvAmI/Sfeqy2ZkjB0IVNICuhVLdiN0tkOkFwNmrF5VQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:36 2025 by rpki-client