Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa
File: 83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa (raw, json)
Hash identifier: eoc7fYfGDfusdDQnqTVhY59p6QA5/SacliYupwnffcM=
Subject key identifier: 04:B4:39:09:BD:E3:2E:7A:6B:ED:1A:24:71:40:F4:0D:86:A7:DF:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 348EBBE36265A1B381F0224482E3CE759A41CF58
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa
Signing time: Tue 02 Sep 2025 00:40:35 +0000
ROA not before: Tue 02 Sep 2025 00:40:35 +0000
ROA not after: Tue 07 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:8e:bb:e3:62:65:a1:b3:81:f0:22:44:82:e3:ce:75:9a:41:cf:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 2 00:40:35 2025 GMT
Not After : Oct 7 23:59:59 2025 GMT
Subject: serialNumber=4e10c880af71cdd150b1ce8fb963320d6d6814ec977a91d4c07dcaa8233f5c09, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3b:04:28:66:a5:bd:1b:c8:29:cf:6b:02:2e:
16:ef:21:33:f1:8e:21:98:86:62:88:ac:45:8b:6e:
46:49:cd:5c:e5:b8:39:fe:0a:95:53:f4:73:7a:e5:
c3:1b:1b:6b:e9:8a:8a:e3:a1:f7:b3:86:36:51:36:
a9:b2:16:aa:83:66:b3:bc:13:41:a1:23:49:6e:5e:
99:32:14:b4:7b:69:7f:8d:00:cf:aa:99:bf:b5:2e:
98:8a:01:58:89:df:00:cb:e9:6a:be:04:f9:06:ca:
96:08:e1:79:5b:d6:45:1c:cb:a1:e3:d8:41:ae:d3:
42:74:c9:f9:a3:a0:97:d8:11:d3:48:8c:34:ca:37:
1f:df:72:a6:f5:5f:ac:a2:f0:49:c8:d4:e5:50:5c:
31:b7:57:8d:0c:98:f7:d2:c8:7c:91:dd:07:ba:b1:
bd:f7:7b:27:48:58:f4:03:9d:9e:77:c5:3f:8a:b7:
b5:6c:82:26:7d:63:0c:59:c8:ea:37:80:9c:e2:47:
02:13:9c:00:9c:32:e3:6f:af:de:0f:a5:d8:8c:84:
fd:6d:93:38:81:f7:6f:1a:2d:0a:bf:2c:d2:51:cd:
aa:48:55:7a:93:f5:7e:fe:2f:9a:91:5d:79:13:81:
87:c3:f6:1d:02:18:60:8e:1e:62:f3:5a:77:3b:b9:
9f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B4:39:09:BD:E3:2E:7A:6B:ED:1A:24:71:40:F4:0D:86:A7:DF:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/18
Signature Algorithm: sha256WithRSAEncryption
85:3a:f3:54:be:42:12:7a:bf:9d:29:7f:88:17:2f:80:cf:db:
63:df:c8:37:ab:25:0d:ab:42:b9:7f:8b:ec:f7:7c:9f:1b:58:
68:a8:e2:73:04:17:4a:eb:a5:9a:55:50:31:4a:68:e6:63:57:
d0:0a:44:ea:d3:0f:aa:d4:fc:a3:15:ef:36:51:33:ca:ab:8b:
0b:0c:54:dd:03:ad:39:81:ac:54:75:d2:e4:cb:8e:cc:d0:0d:
4a:12:cb:fb:ca:7e:19:dd:a7:ba:34:b7:8e:7e:15:ca:4f:92:
c9:af:de:3e:03:49:41:d4:dc:c7:df:b8:dd:2d:52:12:9c:0e:
ad:e2:5e:27:99:fe:a0:a3:fc:4f:fa:1f:df:ce:65:fc:c7:e7:
14:fa:9a:c1:75:36:57:52:95:41:1f:3e:95:72:c9:35:e6:4b:
99:a3:1a:23:78:74:25:f9:38:30:13:2d:61:40:60:e1:e9:3f:
ca:15:05:16:51:6d:45:80:5c:bc:0b:24:9c:1a:c5:db:53:6c:
bb:2a:b4:93:20:f7:d5:56:54:f2:f6:86:e6:53:44:1d:77:85:
fd:a8:cc:59:73:68:7d:66:05:84:59:5b:10:05:0f:7c:15:b8:
47:80:f7:ba:7f:23:1a:1f:42:ec:49:7f:22:ff:da:f9:a6:0f:
b8:d5:ed:9d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNI6742JlobOB8CJEguPOdZpBz1gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDIwMDQwMzVaFw0yNTEwMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlMTBjODgwYWY3MWNkZDE1MGIxY2U4ZmI5NjMzMjBkNmQ2ODE0ZWM5Nzdh
OTFkNGMwN2RjYWE4MjMzZjVjMDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM07BChmpb0byCnPawIuFu8hM/GOIZiGYoisRYtuRknNXOW4Of4KlVP0c3rl
wxsba+mKiuOh97OGNlE2qbIWqoNms7wTQaEjSW5emTIUtHtpf40Az6qZv7UumIoB
WInfAMvpar4E+QbKlgjheVvWRRzLoePYQa7TQnTJ+aOgl9gR00iMNMo3H99ypvVf
rKLwScjU5VBcMbdXjQyY99LIfJHdB7qxvfd7J0hY9AOdnnfFP4q3tWyCJn1jDFnI
6jeAnOJHAhOcAJwy42+v3g+l2IyE/W2TOIH3bxotCr8s0lHNqkhVepP1fv4vmpFd
eROBh8P2HQIYYI4eYvNadzu5nycCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQEtDkJ
veMuemvtGiRxQPQNhqffVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODM1MDlhNWUtMmFkNy00MjFiLTkwZWYtZmNkZmRhM2ZkZmM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBk99ADAN
BgkqhkiG9w0BAQsFAAOCAQEAhTrzVL5CEnq/nSl/iBcvgM/bY9/IN6slDatCuX+L
7Pd8nxtYaKjicwQXSuulmlVQMUpo5mNX0ApE6tMPqtT8oxXvNlEzyquLCwxU3QOt
OYGsVHXS5MuOzNANShLL+8p+Gd2nujS3jn4Vyk+Sya/ePgNJQdTcx9+43S1SEpwO
reJeJ5n+oKP8T/of385l/MfnFPqawXU2V1KVQR8+lXLJNeZLmaMaI3h0Jfk4MBMt
YUBg4ek/yhUFFlFtRYBcvAsknBrF21Nsuyq0kyD31VZU8vaG5lNEHXeF/ajMWXNo
fWYFhFlbEAUPfBW4R4D3un8jGh9C7El/Iv/a+aYPuNXtnQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:22 2025 by rpki-client