Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
File: 042e82d3-e08f-4fca-9e40-387fde51dfd5.roa (raw, json)
Hash identifier: o7iYfZU23nQy14RVdF26hwPcqNlqTVM0snG+nE+pD6g=
Subject key identifier: 8A:EC:F0:52:46:70:C0:04:3E:3F:4A:10:5B:39:B3:87:79:C7:90:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49F4AD1634DD4E90E75CF5DBC563346D72AFF75E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
Signing time: Fri 23 May 2025 00:40:17 +0000
ROA not before: Fri 23 May 2025 00:40:17 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:f4:ad:16:34:dd:4e:90:e7:5c:f5:db:c5:63:34:6d:72:af:f7:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:17 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=4dc934ca911a632db000adc270467fd0b994d0e8568d69c1e1c84926043761b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:30:ec:8d:13:0c:db:31:0d:4c:25:4a:73:f7:
47:97:68:17:f5:2b:27:d5:f5:ab:78:b4:33:bb:6c:
03:8f:df:bf:5a:79:ef:b0:9d:20:3c:59:9a:eb:2f:
4a:24:70:71:ca:5a:5e:1d:39:ab:04:c0:fb:6f:b1:
29:d3:d8:79:19:0f:f9:95:4f:21:2d:ad:df:e3:51:
20:b4:53:b6:c9:f0:71:87:3c:66:9d:e8:ca:b2:de:
0c:00:1a:ce:30:19:0a:8c:b9:94:a9:61:45:8a:28:
d6:92:1c:4e:61:83:0d:ba:4f:6b:81:4f:45:4a:13:
9a:74:a0:cd:84:de:c8:84:ad:13:e8:ba:3f:e1:38:
64:ae:99:13:60:ac:78:27:e9:b9:66:f7:c4:df:2a:
13:ef:14:07:46:b6:86:7e:48:a0:4b:3b:ff:e5:2c:
0f:1a:5e:ba:5e:77:94:04:63:ad:50:67:dc:85:5d:
1f:99:2d:ed:99:c3:c1:28:86:f7:8e:29:b1:2c:16:
e1:ac:db:7b:c1:d7:76:6d:a5:8f:b7:3b:74:af:24:
01:19:bc:04:10:80:dc:53:0f:95:34:bd:c5:23:0d:
5e:34:52:bf:13:95:22:44:01:bb:b3:60:db:b7:ce:
86:48:77:af:5b:60:15:c9:59:91:d5:9d:f0:2a:43:
0f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:EC:F0:52:46:70:C0:04:3E:3F:4A:10:5B:39:B3:87:79:C7:90:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.104.0/21
Signature Algorithm: sha256WithRSAEncryption
90:5d:34:64:df:fd:09:bd:73:88:06:c7:e5:5a:9c:c7:0c:5d:
06:ed:4a:ce:45:ff:89:0a:21:4f:d4:94:ac:55:09:ac:92:ee:
de:b9:73:7f:15:f7:9c:09:2f:5b:1b:90:c7:bf:3d:ce:e7:e7:
f3:fc:23:52:eb:0c:38:7c:b8:61:4b:e0:c1:22:a1:8d:ea:f7:
4d:90:5d:9a:c3:2b:56:f8:f8:aa:52:73:82:5d:93:e3:b9:f0:
f1:95:11:ec:80:2b:4b:8e:7e:00:95:c8:a9:cc:d6:13:3b:d1:
45:13:d8:c0:7a:d1:52:12:e9:ac:0c:b8:26:e5:f1:48:ca:34:
bc:11:61:08:35:dc:60:54:de:c4:87:58:78:20:7e:1f:09:3d:
4d:9a:1d:a7:4a:9d:64:ec:af:43:d6:63:88:3a:26:86:d1:27:
ec:7a:a8:35:2d:45:83:2f:3a:1e:72:9a:fe:7c:0f:95:91:8c:
12:72:95:f9:44:92:a0:45:90:ce:22:ff:f4:d6:52:8e:87:01:
3e:7c:3e:8f:c2:7a:4a:39:c3:05:95:d0:e1:f5:f4:05:a6:6b:
e6:91:6c:f4:83:41:b9:bf:17:34:e0:91:21:9b:92:26:da:e3:
1a:53:59:3a:1d:f3:54:04:2b:01:3d:a3:2e:37:68:8e:ea:00:
70:05:6d:7d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSfStFjTdTpDnXPXbxWM0bXKv914wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwMTdaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkYzkzNGNhOTExYTYzMmRiMDAwYWRjMjcwNDY3ZmQwYjk5NGQwZTg1Njhk
NjljMWUxYzg0OTI2MDQzNzYxYjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMw7I0TDNsxDUwlSnP3R5doF/UrJ9X1q3i0M7tsA4/fv1p577CdIDxZmusv
SiRwccpaXh05qwTA+2+xKdPYeRkP+ZVPIS2t3+NRILRTtsnwcYc8Zp3oyrLeDAAa
zjAZCoy5lKlhRYoo1pIcTmGDDbpPa4FPRUoTmnSgzYTeyIStE+i6P+E4ZK6ZE2Cs
eCfpuWb3xN8qE+8UB0a2hn5IoEs7/+UsDxpeul53lARjrVBn3IVdH5kt7ZnDwSiG
944psSwW4azbe8HXdm2lj7c7dK8kARm8BBCA3FMPlTS9xSMNXjRSvxOVIkQBu7Ng
27fOhkh3r1tgFclZkdWd8CpDD0ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSK7PBS
RnDABD4/ShBbObOHeceQozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQyZTgyZDMtZTA4Zi00ZmNhLTllNDAtMzg3ZmRlNTFkZmQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099aDAN
BgkqhkiG9w0BAQsFAAOCAQEAkF00ZN/9Cb1ziAbH5VqcxwxdBu1KzkX/iQohT9SU
rFUJrJLu3rlzfxX3nAkvWxuQx789zufn8/wjUusMOHy4YUvgwSKhjer3TZBdmsMr
Vvj4qlJzgl2T47nw8ZUR7IArS45+AJXIqczWEzvRRRPYwHrRUhLprAy4JuXxSMo0
vBFhCDXcYFTexIdYeCB+Hwk9TZodp0qdZOyvQ9ZjiDomhtEn7HqoNS1Fgy86HnKa
/nwPlZGMEnKV+USSoEWQziL/9NZSjocBPnw+j8J6SjnDBZXQ4fX0BaZr5pFs9INB
ub8XNOCRIZuSJtrjGlNZOh3zVAQrAT2jLjdojuoAcAVtfQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:15 2025 by rpki-client