Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
File: c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa (raw, json)
Hash identifier: GImZsLpvJnbHlC6OIJs0a0g+d5PgOdqrcNuAreW+G6I=
Subject key identifier: 37:98:D3:B2:2A:FE:43:F0:EA:2E:14:43:D8:6A:93:F4:EF:E4:7F:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F576120E442F21C33E1CB5590FA62E89FD1D823
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
Signing time: Tue 02 Sep 2025 00:40:37 +0000
ROA not before: Tue 02 Sep 2025 00:40:37 +0000
ROA not after: Tue 07 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:57:61:20:e4:42:f2:1c:33:e1:cb:55:90:fa:62:e8:9f:d1:d8:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 2 00:40:37 2025 GMT
Not After : Oct 7 23:59:59 2025 GMT
Subject: serialNumber=c4d10cc143811041a688b0c54c97b2b95553c3111e17d48fde56e739a286a033, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8e:e9:54:1b:f9:4a:e7:4c:99:6d:66:d4:04:
9a:5c:b2:c7:f7:56:3b:d3:33:28:1f:db:32:4e:bf:
c0:4e:ca:fd:fe:5f:3b:8b:2a:52:ec:c6:92:2d:b3:
c4:2a:2a:81:59:2a:85:12:67:70:d0:54:08:78:33:
d7:14:f7:f5:80:3f:32:2e:b8:6e:e4:e3:46:d3:10:
7d:cf:99:61:01:cc:c6:04:a7:33:9b:1e:ff:12:46:
7d:d2:51:82:de:4d:2f:64:f4:4d:3a:34:50:db:57:
d2:3b:67:63:a3:06:9b:cd:0a:fd:a4:e8:cf:68:ed:
db:8d:98:72:11:9c:8d:4d:0a:9f:f4:a6:36:15:e4:
98:4e:1b:21:cd:18:72:fc:6d:12:13:52:8d:0d:d0:
85:91:7c:d3:45:7c:be:dd:12:1b:55:c5:ea:cd:82:
27:ba:ee:63:7b:ee:71:2b:af:d7:a0:65:8e:d4:4e:
5c:fb:22:94:38:59:43:64:3b:2c:39:9d:78:e0:4e:
eb:94:e0:99:64:82:a2:b3:c6:7b:a5:f9:ac:8e:22:
bb:cd:0c:9e:18:c7:4f:34:97:dc:5d:b1:2a:62:6d:
7c:05:8e:a6:ff:a9:c9:d7:23:bb:01:4b:0a:51:67:
1d:26:40:58:f7:37:e2:34:66:f9:ef:97:b5:bc:a9:
bd:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:98:D3:B2:2A:FE:43:F0:EA:2E:14:43:D8:6A:93:F4:EF:E4:7F:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.32.0/19
Signature Algorithm: sha256WithRSAEncryption
0d:e8:20:a2:4c:09:10:a4:7f:92:09:2e:23:3d:b9:5e:84:a6:
67:c9:af:91:d6:75:b7:44:cd:25:7d:da:97:e0:7c:83:a3:db:
b5:56:25:5b:f7:f4:07:d3:fe:ea:07:e7:e3:4d:cf:a7:1b:7c:
f1:06:7f:18:41:ec:57:69:86:f3:a6:e2:6e:8a:fa:b7:68:d5:
5e:62:86:b0:df:92:02:81:ae:cb:c2:62:ef:a5:00:a9:e8:83:
b5:94:72:65:cc:21:6e:e7:e4:44:8f:c5:26:4a:7a:1d:fa:6a:
03:69:c7:29:76:3f:c2:0b:1a:2b:26:48:b5:2a:a0:5d:05:d6:
f9:32:be:8a:82:4e:25:c0:5f:82:2a:84:75:dc:b2:ea:7c:22:
1b:12:10:3a:1e:19:2c:8d:e4:3a:90:54:3b:bb:be:92:02:3c:
5f:f6:19:4c:a5:0a:b5:a9:a7:91:da:c3:48:85:6f:6b:25:f0:
1c:9d:66:58:cf:f0:71:38:f1:f1:c3:39:3c:3e:ff:42:32:df:
d3:23:8d:d4:d8:4a:37:90:67:82:4e:31:d5:57:90:c2:06:7c:
9e:2b:ed:3b:0f:df:ad:d6:78:a8:d3:7d:6a:20:10:1d:dd:8b:
49:6f:51:52:60:fa:ba:7e:b1:a7:61:37:b6:7a:bc:87:80:1a:
58:5e:45:8c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUf1dhIORC8hwz4ctVkPpi6J/R2CMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDIwMDQwMzdaFw0yNTEwMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0ZDEwY2MxNDM4MTEwNDFhNjg4YjBjNTRjOTdiMmI5NTU1M2MzMTExZTE3
ZDQ4ZmRlNTZlNzM5YTI4NmEwMzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyO6VQb+UrnTJltZtQEmlyyx/dWO9MzKB/bMk6/wE7K/f5fO4sqUuzGki2z
xCoqgVkqhRJncNBUCHgz1xT39YA/Mi64buTjRtMQfc+ZYQHMxgSnM5se/xJGfdJR
gt5NL2T0TTo0UNtX0jtnY6MGm80K/aToz2jt242YchGcjU0Kn/SmNhXkmE4bIc0Y
cvxtEhNSjQ3QhZF800V8vt0SG1XF6s2CJ7ruY3vucSuv16BljtROXPsilDhZQ2Q7
LDmdeOBO65TgmWSCorPGe6X5rI4iu80MnhjHTzSX3F2xKmJtfAWOpv+pydcjuwFL
ClFnHSZAWPc34jRm+e+XtbypvVkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ3mNOy
Kv5D8OouFEPYapP07+R/hjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzRmZWRjMDQtMjRlMC00MWRjLWExZjgtM2JhY2FlM2Q2NjE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99IDAN
BgkqhkiG9w0BAQsFAAOCAQEADeggokwJEKR/kgkuIz25XoSmZ8mvkdZ1t0TNJX3a
l+B8g6PbtVYlW/f0B9P+6gfn403Ppxt88QZ/GEHsV2mG86bibor6t2jVXmKGsN+S
AoGuy8Ji76UAqeiDtZRyZcwhbufkRI/FJkp6HfpqA2nHKXY/wgsaKyZItSqgXQXW
+TK+ioJOJcBfgiqEddyy6nwiGxIQOh4ZLI3kOpBUO7u+kgI8X/YZTKUKtamnkdrD
SIVvayXwHJ1mWM/wcTjx8cM5PD7/QjLf0yON1NhKN5Bngk4x1VeQwgZ8nivtOw/f
rdZ4qNN9aiAQHd2LSW9RUmD6un6xp2E3tnq8h4AaWF5FjA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:09 2025 by rpki-client