Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92f142f2-bd1c-4295-a008-efcde04ceb18.roa
File: 92f142f2-bd1c-4295-a008-efcde04ceb18.roa (raw, json)
Hash identifier: 50yi8/eiIT3HnVpy1LdqoPFvxzjykAd1ohZamLvPpBM=
Subject key identifier: EB:4B:7A:A1:58:FC:6C:69:21:75:30:51:F6:F8:0E:EF:3D:DC:49:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F88F2AB260B421F4A33997084259CEF1709FA67
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92f142f2-bd1c-4295-a008-efcde04ceb18.roa
Signing time: Tue 02 Sep 2025 00:40:33 +0000
ROA not before: Tue 02 Sep 2025 00:40:33 +0000
ROA not after: Tue 07 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.16.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:88:f2:ab:26:0b:42:1f:4a:33:99:70:84:25:9c:ef:17:09:fa:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 2 00:40:33 2025 GMT
Not After : Oct 7 23:59:59 2025 GMT
Subject: serialNumber=757ff0dbacef8a32bcc132dea1763179d1aa894084ba4b35e8d46557704e5634, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:fd:91:ce:14:20:7f:8e:84:c2:f4:78:05:d5:
c4:fe:71:e7:e8:b0:88:36:3f:09:91:d3:55:3e:c3:
e9:3d:06:f0:49:38:9c:58:28:b9:46:9a:88:2c:f7:
a4:bb:83:be:20:12:c5:31:cf:e5:ca:58:f5:1b:69:
70:fd:d0:7a:cd:4a:49:02:c9:bd:b9:9c:05:7d:e3:
c2:56:f2:31:c8:7c:f8:e6:4b:53:47:c6:07:c0:bf:
4b:2a:e4:bd:b2:f5:9d:53:d6:00:73:ea:7c:65:f9:
0d:26:a3:bc:af:19:76:0f:ad:1b:ad:1e:80:39:f7:
98:e5:1b:c3:f6:a9:3f:22:21:01:a0:62:3c:b4:07:
98:c0:5e:4d:ef:2b:53:e1:4f:11:85:b0:a1:a7:98:
bf:a3:97:ab:d0:56:ea:cd:76:5f:c1:2b:7b:28:f8:
70:6f:51:4c:73:d8:d5:3e:d2:eb:81:5d:1a:7f:73:
f0:9d:52:4a:99:a1:2e:e3:1e:3f:4c:6e:25:5e:04:
29:f3:ec:2b:6f:61:82:23:fb:5e:85:4a:ce:71:df:
94:83:93:d5:0b:24:fe:82:95:97:3b:ff:15:75:41:
8a:6c:a5:07:ce:13:a4:0b:a7:40:9f:21:ce:29:d4:
e2:c5:e1:8a:d3:aa:22:c2:30:12:cf:c8:31:15:21:
ee:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:4B:7A:A1:58:FC:6C:69:21:75:30:51:F6:F8:0E:EF:3D:DC:49:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92f142f2-bd1c-4295-a008-efcde04ceb18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.16.0/21
Signature Algorithm: sha256WithRSAEncryption
bd:da:d3:55:e8:fc:3b:1b:e6:4b:66:1a:37:df:28:4d:05:fe:
da:0b:9e:f8:f8:77:39:db:35:78:65:1d:4c:56:a5:ee:b8:e1:
a4:6d:3f:92:f0:c1:ff:f5:15:95:33:4a:f2:34:66:da:ef:b2:
4f:2b:82:8f:4a:5a:0f:4f:e8:32:4d:7e:f0:4e:7b:71:fd:c5:
13:6d:27:01:c7:15:c4:3a:d7:b5:cc:69:43:84:cb:23:38:bc:
aa:76:42:30:6e:b1:0c:d3:a4:cb:44:2d:5a:36:5c:bb:44:c0:
f8:21:eb:a5:f4:6e:f8:c0:e1:b6:9a:e7:13:e0:7b:2a:ea:96:
2f:b7:73:e5:de:94:7b:ed:88:e8:0b:a3:18:31:41:41:ed:05:
49:d8:86:5d:9c:2b:6d:52:09:a9:de:5d:84:6b:da:51:f3:87:
67:f4:d3:15:cc:63:55:b1:61:d7:f2:e2:ea:2f:c8:4f:0d:31:
a0:fc:5a:db:9d:b8:b0:c8:e1:e3:e3:50:9a:8c:38:64:11:61:
54:04:59:ad:b4:22:a3:2e:ae:77:d6:20:95:42:c4:88:9d:d0:
3d:2f:d0:da:c9:09:18:82:1a:e4:67:b8:39:12:46:23:2d:ae:
b3:d1:3b:c6:03:63:f8:5d:2a:6d:9a:b2:c8:2a:12:cc:84:83:
56:2e:98:de
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUP4jyqyYLQh9KM5lwhCWc7xcJ+mcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDIwMDQwMzNaFw0yNTEwMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1N2ZmMGRiYWNlZjhhMzJiY2MxMzJkZWExNzYzMTc5ZDFhYTg5NDA4NGJh
NGIzNWU4ZDQ2NTU3NzA0ZTU2MzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO79kc4UIH+OhML0eAXVxP5x5+iwiDY/CZHTVT7D6T0G8Ek4nFgouUaaiCz3
pLuDviASxTHP5cpY9RtpcP3Qes1KSQLJvbmcBX3jwlbyMch8+OZLU0fGB8C/Syrk
vbL1nVPWAHPqfGX5DSajvK8Zdg+tG60egDn3mOUbw/apPyIhAaBiPLQHmMBeTe8r
U+FPEYWwoaeYv6OXq9BW6s12X8Ereyj4cG9RTHPY1T7S64FdGn9z8J1SSpmhLuMe
P0xuJV4EKfPsK29hgiP7XoVKznHflIOT1Qsk/oKVlzv/FXVBimylB84TpAunQJ8h
zinU4sXhitOqIsIwEs/IMRUh7ikCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTrS3qh
WPxsaSF1MFH2+A7vPdxJWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTJmMTQyZjItYmQxYy00Mjk1LWEwMDgtZWZjZGUwNGNlYjE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099EDAN
BgkqhkiG9w0BAQsFAAOCAQEAvdrTVej8OxvmS2YaN98oTQX+2gue+Ph3Ods1eGUd
TFal7rjhpG0/kvDB//UVlTNK8jRm2u+yTyuCj0paD0/oMk1+8E57cf3FE20nAccV
xDrXtcxpQ4TLIzi8qnZCMG6xDNOky0QtWjZcu0TA+CHrpfRu+MDhtprnE+B7KuqW
L7dz5d6Ue+2I6AujGDFBQe0FSdiGXZwrbVIJqd5dhGvaUfOHZ/TTFcxjVbFh1/Li
6i/ITw0xoPxa2524sMjh4+NQmow4ZBFhVARZrbQioy6ud9YglULEiJ3QPS/Q2skJ
GIIa5Ge4ORJGIy2us9E7xgNj+F0qbZqyyCoSzISDVi6Y3g==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:10 2025 by rpki-client