Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
File: c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa (raw, json)
Hash identifier: KH+MwyWhpmOF70Q4cP0/vOiAP1AoneMk9JHiU03YgPI=
Subject key identifier: 2B:90:D9:43:F6:00:C1:95:3A:7F:C1:09:39:6A:19:C4:BD:22:EF:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A47730C1D5DC0756C7E0C6610B43B43FA595759
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
Signing time: Wed 22 Oct 2025 00:20:08 +0000
ROA not before: Wed 22 Oct 2025 00:20:08 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:47:73:0c:1d:5d:c0:75:6c:7e:0c:66:10:b4:3b:43:fa:59:57:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 22 00:20:08 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=9acfce1eb1ca00c02f5121f36908af7c0a3d20e7c7693554c79953bd47454823, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ba:48:15:b8:71:21:4d:52:51:41:64:aa:c0:
c6:22:75:05:77:61:c5:c6:58:de:ac:a8:a3:9b:50:
66:ac:65:a9:59:c3:57:71:1b:3b:ad:6d:99:93:fa:
e1:7d:d4:84:f8:64:80:37:60:80:1a:64:ff:64:44:
4c:d0:32:a9:7a:10:30:b4:42:f2:ac:f5:0f:5e:a5:
79:46:b8:71:28:09:27:ba:67:6a:95:37:a4:22:73:
33:98:7f:0a:87:6d:93:e1:c0:c5:4c:2b:10:b8:d9:
51:24:15:13:18:92:0e:7b:dd:6f:be:be:08:26:7d:
68:97:5c:f6:2d:69:a2:fd:38:d6:45:a2:e0:92:34:
70:14:bf:af:b3:f6:47:fd:b7:31:cd:f4:c4:e0:34:
9f:de:a8:1d:eb:01:2c:5a:09:67:72:a5:0a:6f:e5:
5b:b0:f6:76:05:88:ca:c8:f9:36:46:45:b4:2f:98:
ba:4a:fe:41:fd:ec:b7:84:9c:2e:c6:b4:82:8c:52:
27:5e:17:2d:ca:66:c3:30:81:f7:bd:c2:c2:a7:1e:
bd:bc:06:85:02:3c:5c:a5:46:92:1b:09:59:04:53:
48:0d:0d:9d:f5:03:cd:4b:84:03:21:92:9d:a6:ea:
e0:14:df:e6:49:37:52:d9:24:32:15:8f:f5:91:c8:
82:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:90:D9:43:F6:00:C1:95:3A:7F:C1:09:39:6A:19:C4:BD:22:EF:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.32.0/19
Signature Algorithm: sha256WithRSAEncryption
8d:95:6c:49:88:67:3f:18:0b:2f:27:7c:50:ea:d1:38:88:e2:
9c:c9:a9:7a:70:d4:1d:b0:a9:8f:cf:6f:60:47:74:c5:da:db:
2e:87:cf:a6:de:21:cb:be:c5:48:be:4d:07:c9:7d:17:dd:4e:
a4:1e:4c:bc:89:d5:30:31:e3:ed:6a:1b:29:15:4c:eb:97:f1:
1c:2c:7b:fc:43:14:85:95:a4:75:35:5f:88:a6:42:18:60:20:
67:40:c0:8c:b0:35:3d:89:59:dc:a5:62:a3:6d:73:ee:9d:2d:
ba:45:f8:9c:ec:76:d6:be:3a:56:e7:23:15:dc:00:d3:35:97:
3f:b6:61:bf:e4:ce:fc:8d:db:14:67:ad:d3:e7:4e:13:bc:a9:
f4:74:96:25:c1:54:aa:d2:ad:39:f2:48:98:ad:b2:35:1a:cf:
f5:02:e4:d5:80:b0:d5:5e:02:1e:02:d9:a8:76:48:06:62:72:
23:b1:72:f6:4a:eb:08:47:fd:56:aa:65:4a:28:f2:f3:90:31:
0d:42:cb:d0:cf:bc:89:82:94:53:11:98:f5:17:a4:30:a1:2b:
8e:17:0c:0b:ea:02:af:30:3a:52:4e:36:9a:9e:de:b1:bc:a6:
f0:ea:b8:bf:43:54:60:de:92:3c:07:33:1b:31:72:7c:c7:44:
13:d7:0d:40
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWkdzDB1dwHVsfgxmELQ7Q/pZV1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjIwMDIwMDhaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhY2ZjZTFlYjFjYTAwYzAyZjUxMjFmMzY5MDhhZjdjMGEzZDIwZTdjNzY5
MzU1NGM3OTk1M2JkNDc0NTQ4MjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANS6SBW4cSFNUlFBZKrAxiJ1BXdhxcZY3qyoo5tQZqxlqVnDV3EbO61tmZP6
4X3UhPhkgDdggBpk/2RETNAyqXoQMLRC8qz1D16leUa4cSgJJ7pnapU3pCJzM5h/
Codtk+HAxUwrELjZUSQVExiSDnvdb76+CCZ9aJdc9i1pov041kWi4JI0cBS/r7P2
R/23Mc30xOA0n96oHesBLFoJZ3KlCm/lW7D2dgWIysj5NkZFtC+Yukr+Qf3st4Sc
Lsa0goxSJ14XLcpmwzCB973CwqcevbwGhQI8XKVGkhsJWQRTSA0NnfUDzUuEAyGS
nabq4BTf5kk3UtkkMhWP9ZHIggUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQrkNlD
9gDBlTp/wQk5ahnEvSLvejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzRmZWRjMDQtMjRlMC00MWRjLWExZjgtM2JhY2FlM2Q2NjE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99IDAN
BgkqhkiG9w0BAQsFAAOCAQEAjZVsSYhnPxgLLyd8UOrROIjinMmpenDUHbCpj89v
YEd0xdrbLofPpt4hy77FSL5NB8l9F91OpB5MvInVMDHj7WobKRVM65fxHCx7/EMU
hZWkdTVfiKZCGGAgZ0DAjLA1PYlZ3KVio21z7p0tukX4nOx21r46VucjFdwA0zWX
P7Zhv+TO/I3bFGet0+dOE7yp9HSWJcFUqtKtOfJImK2yNRrP9QLk1YCw1V4CHgLZ
qHZIBmJyI7Fy9krrCEf9VqplSijy85AxDULL0M+8iYKUUxGY9RekMKErjhcMC+oC
rzA6Uk42mp7esbym8Oq4v0NUYN6SPAczGzFyfMdEE9cNQA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:09:11 2025 by rpki-client