Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
File: ec82a459-cf20-418a-8b9d-03c08dc90b73.roa (raw, json)
Hash identifier: mHpfsC3/35I6kVfhfFTyVUHEhpI7VGEowstbXhPY4Y0=
Subject key identifier: 98:64:C5:6C:34:16:07:22:4E:E9:0C:E0:42:3D:57:F6:13:85:B0:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26C2B6A1B8794BC4B2D17F142DF34FEDB4EF7C62
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
Signing time: Mon 01 Sep 2025 21:21:31 +0000
ROA not before: Mon 01 Sep 2025 21:21:31 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:c2:b6:a1:b8:79:4b:c4:b2:d1:7f:14:2d:f3:4f:ed:b4:ef:7c:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:31 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=5d8046dfd45fb4a44b0df4d330bf2937e36f367857a3b25c120af64e25bd3c6b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:56:e5:3a:6d:d2:46:1d:c8:c5:ab:47:7f:94:
06:3d:1b:85:54:70:48:c0:ab:95:42:1f:45:c9:5a:
7e:7f:48:11:2a:3f:a6:cf:0f:9b:35:d7:5a:b1:58:
e0:c1:8b:ad:e1:fb:d7:2f:70:d9:f8:fb:d2:f5:0b:
d5:95:42:d6:99:22:e8:27:3c:f1:f5:b5:0c:4b:a7:
20:9a:26:5b:06:2f:90:a6:58:5a:70:7e:c4:3f:24:
95:7a:4f:44:76:cc:7f:dc:f7:17:1a:6e:30:d5:65:
19:b8:3e:7c:5f:e0:09:51:f2:d9:07:62:86:da:8e:
04:5c:b5:c3:96:57:30:31:9e:38:1a:4c:1f:f8:1b:
23:0d:58:00:ed:e9:a0:ab:da:19:2d:d4:5d:d2:4e:
33:4d:13:89:7b:58:2d:bb:c9:15:32:a2:0f:14:97:
d4:45:ff:eb:73:a7:53:bb:01:56:18:63:2f:fe:9a:
11:10:43:92:8a:2b:3e:a1:90:39:03:f4:de:fe:99:
98:df:b7:4f:ef:43:5d:a1:83:20:b3:4b:42:cb:a6:
90:de:c8:13:85:58:65:55:38:92:76:a4:f3:9c:eb:
50:59:cb:46:7d:9a:d9:8f:2f:5d:41:c9:19:1c:6c:
6f:5d:f6:8e:d2:86:e7:72:99:e0:43:2a:04:c9:57:
97:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:64:C5:6C:34:16:07:22:4E:E9:0C:E0:42:3D:57:F6:13:85:B0:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.3.0/24
Signature Algorithm: sha256WithRSAEncryption
75:1e:ad:51:3a:cd:79:bb:96:ea:a0:a1:ee:a5:9b:e4:02:68:
d4:1b:81:0b:28:9f:1e:0e:47:3e:d3:90:94:2d:90:ba:8e:24:
36:08:9b:14:64:71:26:76:f2:70:b3:61:88:01:01:b8:0f:e3:
9e:47:54:e3:53:6f:ca:06:1c:7a:42:d8:45:14:db:3f:97:b4:
05:29:ae:fa:e6:73:df:61:a1:f8:77:5d:09:99:aa:a9:ec:a2:
b5:71:d0:5a:1c:d7:6f:22:40:e1:c7:45:6e:b5:d6:21:ae:4c:
1f:6e:6d:18:bb:a8:d3:c1:58:93:11:30:58:33:b4:1f:88:d3:
01:02:2b:ee:af:75:d0:a7:74:70:2e:dd:59:d7:b2:72:e4:3f:
72:dd:a3:84:ee:da:45:14:73:01:29:f5:c3:c9:6e:7c:56:b6:
54:2e:a1:4b:bc:20:1d:b2:56:ee:17:fb:9e:6f:00:02:ec:9e:
2b:51:47:af:4e:a7:c4:b6:86:0c:b2:a3:8f:f6:46:ca:a3:72:
a3:cb:fc:d6:84:35:92:64:7b:fa:9c:6d:50:1f:e2:a2:75:b9:
d5:2a:df:35:54:1b:43:6e:6f:27:52:8e:38:a4:a5:0d:7c:03:
81:5e:a1:1e:9a:0f:cb:0c:04:fa:99:3f:1a:ad:c8:6c:d3:e6:
3c:03:70:36
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJsK2obh5S8Sy0X8ULfNP7bTvfGIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMzFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkODA0NmRmZDQ1ZmI0YTQ0YjBkZjRkMzMwYmYyOTM3ZTM2ZjM2Nzg1N2Ez
YjI1YzEyMGFmNjRlMjViZDNjNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhW5Tpt0kYdyMWrR3+UBj0bhVRwSMCrlUIfRclafn9IESo/ps8PmzXXWrFY
4MGLreH71y9w2fj70vUL1ZVC1pki6Cc88fW1DEunIJomWwYvkKZYWnB+xD8klXpP
RHbMf9z3FxpuMNVlGbg+fF/gCVHy2QdihtqOBFy1w5ZXMDGeOBpMH/gbIw1YAO3p
oKvaGS3UXdJOM00TiXtYLbvJFTKiDxSX1EX/63OnU7sBVhhjL/6aERBDkoorPqGQ
OQP03v6ZmN+3T+9DXaGDILNLQsumkN7IE4VYZVU4knak85zrUFnLRn2a2Y8vXUHJ
GRxsb132jtKG53KZ4EMqBMlXl9ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSYZMVs
NBYHIk7pDOBCPVf2E4WwZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM4MmE0NTktY2YyMC00MThhLThiOWQtMDNjMDhkYzkwYjczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE99AzAN
BgkqhkiG9w0BAQsFAAOCAQEAdR6tUTrNebuW6qCh7qWb5AJo1BuBCyifHg5HPtOQ
lC2Quo4kNgibFGRxJnbycLNhiAEBuA/jnkdU41NvygYcekLYRRTbP5e0BSmu+uZz
32Gh+HddCZmqqeyitXHQWhzXbyJA4cdFbrXWIa5MH25tGLuo08FYkxEwWDO0H4jT
AQIr7q910Kd0cC7dWdeycuQ/ct2jhO7aRRRzASn1w8lufFa2VC6hS7wgHbJW7hf7
nm8AAuyeK1FHr06nxLaGDLKjj/ZGyqNyo8v81oQ1kmR7+pxtUB/ionW51SrfNVQb
Q25vJ1KOOKSlDXwDgV6hHpoPywwE+pk/Gq3IbNPmPANwNg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:26 2025 by rpki-client