Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92f142f2-bd1c-4295-a008-efcde04ceb18.roa
File: 92f142f2-bd1c-4295-a008-efcde04ceb18.roa (raw, json)
Hash identifier: sK/VHYGXtUQd4DJPbfbHiWLJbng4gIZ9x43y+gFpVt0=
Subject key identifier: 32:70:BB:E3:15:FA:7E:CA:03:B3:B7:B1:3C:6E:21:4A:91:7F:4C:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 431367A2F83F3DAD6BB9AFDE06E53358E3AA99A7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92f142f2-bd1c-4295-a008-efcde04ceb18.roa
Signing time: Wed 22 Oct 2025 00:20:07 +0000
ROA not before: Wed 22 Oct 2025 00:20:07 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.16.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:13:67:a2:f8:3f:3d:ad:6b:b9:af:de:06:e5:33:58:e3:aa:99:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 22 00:20:07 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=63c648ca5910f82335d546f1a4d3425ef49baee3eb1ee14f4e3071bdc58b2948, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3f:79:58:65:ae:01:38:7a:0c:64:f0:23:0a:
7c:53:e2:e1:a7:1f:ee:00:79:85:76:70:89:a5:b2:
40:a0:ba:9a:d4:af:19:78:9c:02:68:94:34:18:56:
e1:59:6a:06:71:90:5d:7b:34:aa:0c:20:a9:f1:ad:
df:c4:80:85:ab:2d:c1:03:0c:02:c6:d4:24:18:ee:
07:09:30:65:c5:15:d5:74:f1:1f:ef:7c:c8:fb:a4:
ca:4a:3f:b6:7d:ae:45:dd:3e:88:3d:35:24:bc:1e:
fc:93:2e:70:18:61:bd:6c:58:a8:12:9c:44:14:81:
9f:c5:23:9d:0f:d2:ea:46:87:b1:9e:a0:85:ce:3b:
e1:8e:61:8e:46:3a:a7:5c:98:ce:65:a3:46:55:3d:
ab:1b:c8:74:69:1e:dc:28:07:de:a2:46:e8:7f:4a:
69:66:b5:b5:2a:19:a2:6f:7a:41:9f:6c:da:62:91:
05:14:75:2e:c5:9a:03:38:5e:47:a2:40:7d:2b:d2:
73:76:ae:e9:05:10:71:ea:c8:02:52:57:ad:51:da:
a0:dc:06:25:a2:d1:7a:8d:81:4e:ac:2d:07:49:96:
6e:13:f9:fa:57:dc:b4:da:63:48:bd:96:00:1f:9f:
7e:35:33:06:ef:f1:20:f6:ec:b7:7e:29:cc:ca:d5:
04:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:70:BB:E3:15:FA:7E:CA:03:B3:B7:B1:3C:6E:21:4A:91:7F:4C:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92f142f2-bd1c-4295-a008-efcde04ceb18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.16.0/21
Signature Algorithm: sha256WithRSAEncryption
92:55:8f:51:f4:4d:fa:f1:41:cf:5b:70:f6:15:0d:0e:e8:ab:
62:4c:c0:98:34:8f:39:fa:b2:ab:3a:f1:e8:98:3b:7a:d9:df:
1d:29:4a:71:5f:f5:18:b9:0e:ee:0a:93:5c:6a:23:7e:ea:f1:
84:af:bc:e8:86:3a:3e:e4:64:86:67:71:1b:38:99:e4:63:d7:
4c:86:5e:a2:25:2d:63:6b:b7:e0:f4:33:db:85:26:b4:cb:18:
b2:2d:20:e1:28:d7:e3:e1:49:6b:68:03:73:e3:72:23:ef:f8:
45:43:d9:27:2f:3b:07:92:c6:88:32:04:9e:52:63:20:41:e0:
5d:7e:59:72:65:6b:43:cb:d2:02:f2:43:d6:5b:06:c6:6f:84:
66:46:ce:03:d8:b2:62:3e:13:7e:12:23:b5:61:f2:b1:8f:e9:
9d:d5:3e:38:46:20:3d:8c:2f:9a:c3:74:de:56:ed:78:ef:2d:
2c:3a:97:cd:94:a5:38:2a:2f:bb:62:b2:e0:ce:cc:f7:25:75:
46:9e:97:b8:8a:a0:9f:11:dd:4e:15:a2:68:5a:93:dd:ef:f5:
11:ac:ce:97:f6:92:25:3e:93:0b:32:8d:c2:a9:be:d6:2a:16:
ba:68:61:4a:d1:f6:6e:04:48:78:f0:09:0b:0a:03:00:b1:c1:
c3:26:8a:3e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQxNnovg/Pa1rua/eBuUzWOOqmacwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjIwMDIwMDdaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzYzY0OGNhNTkxMGY4MjMzNWQ1NDZmMWE0ZDM0MjVlZjQ5YmFlZTNlYjFl
ZTE0ZjRlMzA3MWJkYzU4YjI5NDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANA/eVhlrgE4egxk8CMKfFPi4acf7gB5hXZwiaWyQKC6mtSvGXicAmiUNBhW
4VlqBnGQXXs0qgwgqfGt38SAhastwQMMAsbUJBjuBwkwZcUV1XTxH+98yPukyko/
tn2uRd0+iD01JLwe/JMucBhhvWxYqBKcRBSBn8UjnQ/S6kaHsZ6ghc474Y5hjkY6
p1yYzmWjRlU9qxvIdGke3CgH3qJG6H9KaWa1tSoZom96QZ9s2mKRBRR1LsWaAzhe
R6JAfSvSc3au6QUQcerIAlJXrVHaoNwGJaLReo2BTqwtB0mWbhP5+lfctNpjSL2W
AB+ffjUzBu/xIPbst34pzMrVBE8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQycLvj
Ffp+ygOzt7E8biFKkX9MlDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTJmMTQyZjItYmQxYy00Mjk1LWEwMDgtZWZjZGUwNGNlYjE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099EDAN
BgkqhkiG9w0BAQsFAAOCAQEAklWPUfRN+vFBz1tw9hUNDuirYkzAmDSPOfqyqzrx
6Jg7etnfHSlKcV/1GLkO7gqTXGojfurxhK+86IY6PuRkhmdxGziZ5GPXTIZeoiUt
Y2u34PQz24UmtMsYsi0g4SjX4+FJa2gDc+NyI+/4RUPZJy87B5LGiDIEnlJjIEHg
XX5ZcmVrQ8vSAvJD1lsGxm+EZkbOA9iyYj4TfhIjtWHysY/pndU+OEYgPYwvmsN0
3lbteO8tLDqXzZSlOCovu2Ky4M7M9yV1Rp6XuIqgnxHdThWiaFqT3e/1EazOl/aS
JT6TCzKNwqm+1ioWumhhStH2bgRIePAJCwoDALHBwyaKPg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:57 2025 by rpki-client