Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa
File: bfae711e-b0c4-404f-be1f-a99990818ac6.roa (raw, json)
Hash identifier: hBzwFeUrtIsIgS86QoXhtH2WeeAQFYGyq+NcTHWfavs=
Subject key identifier: 56:21:DF:78:BC:5F:39:8C:1D:E1:05:2E:6F:E9:F0:4F:F4:FD:E0:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7AB3B9C6B5D1EE2F37FAC80EED6FC0123C0B34BB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa
Signing time: Tue 21 Oct 2025 14:30:18 +0000
ROA not before: Tue 21 Oct 2025 14:30:18 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:b3:b9:c6:b5:d1:ee:2f:37:fa:c8:0e:ed:6f:c0:12:3c:0b:34:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:30:18 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=a600e0a2a1942c618a812ee444b0925e272760c2ae70098d8577bf3f8e213b9a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:65:c6:19:1e:37:c7:4f:fb:21:5f:33:e7:80:
7a:e1:ca:03:98:f4:c2:1e:c5:b3:ee:f2:9f:e4:1e:
ac:73:87:88:60:4d:3a:11:82:16:71:d8:72:7f:ae:
56:93:d4:8c:cb:1b:e2:50:ec:36:6c:51:e2:31:d0:
35:82:c9:54:26:22:a5:99:22:b3:98:ac:2d:a7:a5:
ef:0d:28:94:34:08:83:e7:2d:1d:b5:75:4d:eb:83:
5e:d9:ad:91:8e:f5:15:c8:62:b1:e2:87:39:f4:07:
f4:52:e9:b9:17:c4:9d:c0:6b:92:e3:e7:76:59:bb:
60:ad:e5:42:3a:53:52:40:18:b4:06:7d:64:f3:a6:
2d:fc:1f:3e:2e:dc:c3:a9:51:0d:40:76:2f:bf:ee:
37:6e:1b:a6:63:ab:91:95:4b:cc:45:1c:05:d5:ee:
88:d0:4d:a9:63:b3:87:10:d1:f2:fd:ab:38:e2:54:
31:ef:7c:c5:25:a8:49:31:dc:9b:62:f2:4b:91:03:
ab:e8:a9:7e:9a:05:66:0f:d6:5e:1a:69:75:28:9b:
9e:48:61:88:76:91:ae:fd:13:0e:6b:e6:7d:19:b0:
5e:06:4b:94:8b:75:f8:de:dd:c4:b5:0f:05:ab:3b:
d6:6e:57:de:c3:20:a5:3e:cd:6b:b9:a7:b3:51:c8:
2e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:21:DF:78:BC:5F:39:8C:1D:E1:05:2E:6F:E9:F0:4F:F4:FD:E0:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:76:e5:49:fc:b3:74:e2:4f:3f:b2:26:b0:10:e3:0c:47:a1:
95:ba:44:e3:09:49:3c:54:24:1c:65:64:be:88:f4:43:71:db:
d1:8b:5b:3d:10:c6:b3:b8:20:f1:ca:46:bb:c3:d4:16:5e:fe:
a7:e1:81:3a:b7:f8:c7:b7:aa:92:7c:44:40:de:8d:2b:c2:e4:
13:e3:12:73:37:1c:32:43:53:c2:a5:ee:90:6f:18:92:83:dd:
c7:a9:3f:ae:2e:72:e9:3a:75:5e:f6:61:c1:cd:bf:df:9c:2d:
36:d4:2e:27:72:3a:e1:d2:98:93:b0:86:18:45:63:50:dd:82:
13:e0:4f:3f:56:a2:43:41:8e:77:b4:03:22:01:72:55:b5:33:
ad:c8:e7:e6:2b:4b:a9:e5:6f:db:f1:02:15:5c:7d:d7:3a:ee:
b4:4a:d9:2e:bb:7f:5d:56:47:fa:35:64:ca:ec:98:19:b1:b4:
70:bb:c3:1e:97:9b:b3:64:94:cc:12:cb:c5:1a:d8:06:7c:62:
64:bf:ea:4f:36:ec:64:66:51:1c:92:f2:ee:f2:6b:25:a4:79:
d0:76:65:b0:eb:df:9d:3c:f9:1f:76:67:c0:ff:13:e3:04:d2:
ae:1c:32:ee:44:84:18:a2:72:39:f2:b7:79:5e:43:c2:81:c7:
58:bf:93:b8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUerO5xrXR7i83+sgO7W/AEjwLNLswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDMwMThaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2MDBlMGEyYTE5NDJjNjE4YTgxMmVlNDQ0YjA5MjVlMjcyNzYwYzJhZTcw
MDk4ZDg1NzdiZjNmOGUyMTNiOWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFlxhkeN8dP+yFfM+eAeuHKA5j0wh7Fs+7yn+QerHOHiGBNOhGCFnHYcn+u
VpPUjMsb4lDsNmxR4jHQNYLJVCYipZkis5isLael7w0olDQIg+ctHbV1TeuDXtmt
kY71FchiseKHOfQH9FLpuRfEncBrkuPndlm7YK3lQjpTUkAYtAZ9ZPOmLfwfPi7c
w6lRDUB2L7/uN24bpmOrkZVLzEUcBdXuiNBNqWOzhxDR8v2rOOJUMe98xSWoSTHc
m2LyS5EDq+ipfpoFZg/WXhppdSibnkhhiHaRrv0TDmvmfRmwXgZLlIt1+N7dxLUP
Bas71m5X3sMgpT7Na7mns1HILh0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRWId94
vF85jB3hBS5v6fBP9P3gvDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmZhZTcxMWUtYjBjNC00MDRmLWJlMWYtYTk5OTkwODE4YWM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAU99ADAN
BgkqhkiG9w0BAQsFAAOCAQEAq3blSfyzdOJPP7ImsBDjDEehlbpE4wlJPFQkHGVk
voj0Q3Hb0YtbPRDGs7gg8cpGu8PUFl7+p+GBOrf4x7eqknxEQN6NK8LkE+MSczcc
MkNTwqXukG8YkoPdx6k/ri5y6Tp1XvZhwc2/35wtNtQuJ3I64dKYk7CGGEVjUN2C
E+BPP1aiQ0GOd7QDIgFyVbUzrcjn5itLqeVv2/ECFVx91zrutErZLrt/XVZH+jVk
yuyYGbG0cLvDHpebs2SUzBLLxRrYBnxiZL/qTzbsZGZRHJLy7vJrJaR50HZlsOvf
nTz5H3ZnwP8T4wTSrhwy7kSEGKJyOfK3eV5DwoHHWL+TuA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:11:22 2025 by rpki-client