Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
File: ec82a459-cf20-418a-8b9d-03c08dc90b73.roa (raw, json)
Hash identifier: sUkNlcRROvQ6F+jO2TQpWiIZ3DwISGjRM/yjJ385UXE=
Subject key identifier: F9:FC:2F:34:BB:B3:27:E0:FE:C1:6D:F7:EF:DD:6E:B6:D3:FF:13:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3388A562C966A93BEEBC50DE352ED2F1E13B0BF3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
Signing time: Tue 21 Oct 2025 13:30:46 +0000
ROA not before: Tue 21 Oct 2025 13:30:46 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:88:a5:62:c9:66:a9:3b:ee:bc:50:de:35:2e:d2:f1:e1:3b:0b:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:30:46 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=ef1587a50bc018bfa38013309d7d2465521b8c6ac3d2e0e774ff8c5c1b58acc5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:88:a4:38:b5:c8:03:54:f8:c1:e7:4d:ce:09:
5c:87:d9:ff:ec:8c:2c:75:37:78:0a:0b:31:07:df:
9d:5c:64:a2:92:d1:47:04:95:fa:0e:b8:a0:5a:aa:
27:05:c5:27:fb:cc:1e:78:78:64:cd:05:08:c8:32:
fa:f9:4c:06:b7:ab:8b:53:c7:be:4c:16:bf:39:1a:
1a:f0:3b:da:a9:64:ff:bf:9e:6e:7f:05:35:89:a8:
33:c1:09:40:e6:95:73:3d:db:e0:62:5a:43:c4:8e:
96:f0:f8:93:4e:8c:4f:b5:63:ae:44:f9:97:3b:78:
4a:ed:1e:4e:88:30:17:a4:39:ae:f8:91:76:8f:1b:
d5:4d:c4:58:44:f6:68:92:a9:01:ad:9d:93:d2:86:
d7:e2:13:ca:59:c4:12:a5:d8:44:dd:e8:91:32:e1:
99:4b:a4:79:eb:2a:ce:a8:5b:80:b9:2a:f1:1d:5d:
31:be:60:ca:1f:65:1f:28:3d:de:c0:1c:81:85:3a:
60:1b:19:fe:9e:77:fa:0f:81:85:cd:d6:f8:f8:e6:
7d:31:5a:a1:67:e3:d1:5e:4c:7a:1f:5c:50:7e:8b:
11:f3:66:36:1c:01:59:43:3f:f2:76:8c:00:30:1d:
00:b5:65:a4:26:73:de:af:c1:c8:d1:25:dd:94:73:
fd:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:FC:2F:34:BB:B3:27:E0:FE:C1:6D:F7:EF:DD:6E:B6:D3:FF:13:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.3.0/24
Signature Algorithm: sha256WithRSAEncryption
00:79:57:ba:13:db:d4:c1:eb:43:4c:4d:c8:b2:2d:3a:de:ba:
4a:4f:f7:2a:5c:ec:1b:1a:73:55:be:de:01:67:21:7d:b3:70:
5d:54:cb:90:28:28:fe:a5:6f:e5:92:a4:e8:9a:65:91:c8:a0:
bf:6a:80:47:83:a7:07:cc:ae:6a:0e:6f:e0:cd:7f:7f:3f:3b:
fc:12:11:97:03:d9:3f:b6:ae:2e:c2:d1:9c:80:30:80:15:a4:
95:dd:b5:e0:91:76:74:e5:0b:5d:93:f9:e3:d8:08:b7:57:6e:
5f:a9:68:9c:5b:e4:60:a3:07:05:16:58:89:15:34:0f:ba:84:
4a:8c:9e:53:3e:b5:a8:fe:9c:dd:ac:c1:d8:a9:d7:42:83:b6:
e5:76:d1:f3:6e:b8:d4:a1:5f:27:87:31:f1:b3:35:70:a0:1b:
3d:cf:b8:44:a3:27:22:68:a6:15:f8:ae:df:5b:41:d7:35:04:
af:58:f7:e2:6e:22:fa:7b:13:42:5c:6c:02:e7:c8:d8:75:f2:
05:65:5f:42:9a:32:72:6f:3e:1a:9b:05:93:7a:bf:e2:c2:8d:
77:14:bc:07:97:d8:0e:68:4b:9f:70:5f:d5:a6:76:f5:bd:1c:
31:5b:9e:35:a4:0b:d5:aa:2b:bc:f2:57:bc:30:67:34:30:8b:
51:3c:5b:10
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUM4ilYslmqTvuvFDeNS7S8eE7C/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzMwNDZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmMTU4N2E1MGJjMDE4YmZhMzgwMTMzMDlkN2QyNDY1NTIxYjhjNmFjM2Qy
ZTBlNzc0ZmY4YzVjMWI1OGFjYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOIpDi1yANU+MHnTc4JXIfZ/+yMLHU3eAoLMQffnVxkopLRRwSV+g64oFqq
JwXFJ/vMHnh4ZM0FCMgy+vlMBreri1PHvkwWvzkaGvA72qlk/7+ebn8FNYmoM8EJ
QOaVcz3b4GJaQ8SOlvD4k06MT7VjrkT5lzt4Su0eTogwF6Q5rviRdo8b1U3EWET2
aJKpAa2dk9KG1+ITylnEEqXYRN3okTLhmUukeesqzqhbgLkq8R1dMb5gyh9lHyg9
3sAcgYU6YBsZ/p53+g+Bhc3W+PjmfTFaoWfj0V5Meh9cUH6LEfNmNhwBWUM/8naM
ADAdALVlpCZz3q/ByNEl3ZRz/YkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT5/C80
u7Mn4P7Bbffv3W620/8TqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM4MmE0NTktY2YyMC00MThhLThiOWQtMDNjMDhkYzkwYjczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE99AzAN
BgkqhkiG9w0BAQsFAAOCAQEAAHlXuhPb1MHrQ0xNyLItOt66Sk/3KlzsGxpzVb7e
AWchfbNwXVTLkCgo/qVv5ZKk6Jplkcigv2qAR4OnB8yuag5v4M1/fz87/BIRlwPZ
P7auLsLRnIAwgBWkld214JF2dOULXZP549gIt1duX6lonFvkYKMHBRZYiRU0D7qE
SoyeUz61qP6c3azB2KnXQoO25XbR82641KFfJ4cx8bM1cKAbPc+4RKMnImimFfiu
31tB1zUEr1j34m4i+nsTQlxsAufI2HXyBWVfQpoycm8+GpsFk3q/4sKNdxS8B5fY
DmhLn3Bf1aZ29b0cMVueNaQL1aorvPJXvDBnNDCLUTxbEA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:14:25 2025 by rpki-client