Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
File: 0b022346-638e-4570-8b19-5cf9b4c378c8.roa (raw, json)
Hash identifier: eGDCgVP/8GaBoJs8ub99VXAWMKrHprZSl9b5+DdcB44=
Subject key identifier: 63:E2:01:E8:7B:5E:24:6B:1B:14:51:8F:25:A1:6B:7B:E2:4C:B1:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24698384DA4BEC7163A2BC74CA5AC33B6C87BCC9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
Signing time: Fri 23 May 2025 00:40:18 +0000
ROA not before: Fri 23 May 2025 00:40:18 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:69:83:84:da:4b:ec:71:63:a2:bc:74:ca:5a:c3:3b:6c:87:bc:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:18 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=7912788e7090f710579eabccccafad294ed95b6c54a193eac138346e49919a13, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:26:8f:55:03:12:7b:9d:85:dc:6e:a9:9f:13:
cf:95:9d:89:73:99:a0:f9:d9:ec:58:f3:d0:c9:3f:
ec:50:0e:70:09:c0:e3:69:6c:55:8d:f8:16:ce:a4:
47:68:4b:f1:77:4b:88:1d:cc:c2:6e:6b:68:18:33:
5a:8a:5c:9b:25:88:0d:09:37:75:fe:0f:63:7c:a0:
09:cb:b8:4b:5c:73:82:a1:e6:3c:ce:dd:f4:88:73:
8a:cb:d4:8a:e6:db:cf:de:de:ad:f9:d9:7d:bc:d6:
13:c7:a4:86:59:45:d3:40:5f:1b:a0:e0:9f:24:dc:
a9:a3:e3:40:6e:6b:c4:c6:e9:95:3f:8d:0d:a6:e2:
7f:60:7b:ce:2f:57:e3:bd:0d:d9:b6:56:5f:1a:a0:
fe:5c:ba:3a:00:00:cb:9e:e6:9f:47:6d:e2:96:7c:
37:68:84:4f:23:68:ee:17:02:2e:fb:42:17:78:66:
1d:94:f0:76:b4:4f:45:15:fc:59:79:05:b3:62:af:
de:c9:99:73:db:ff:7e:ff:89:42:76:6c:80:4e:45:
c8:50:43:4f:b2:4a:3c:2f:0d:43:1e:59:3a:b8:48:
da:a4:56:3b:38:27:10:0a:b7:81:7c:30:a1:9b:a8:
1e:70:3a:43:71:83:fb:e8:11:18:30:3c:c7:64:39:
ee:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E2:01:E8:7B:5E:24:6B:1B:14:51:8F:25:A1:6B:7B:E2:4C:B1:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.96.0/21
Signature Algorithm: sha256WithRSAEncryption
6a:5b:de:e2:80:e6:50:ea:78:37:0e:6e:f0:f9:d0:5a:80:59:
85:71:63:2d:54:83:40:94:bd:d4:17:c4:40:ea:d6:32:55:40:
64:ea:d2:c7:9a:7e:2b:34:5f:cc:df:eb:9c:a8:f5:9f:4e:72:
ca:2a:0e:e8:a9:46:15:e4:f4:9a:4c:85:35:7b:56:d5:b3:18:
d7:1b:d4:72:75:0b:28:8d:b6:10:e6:47:1d:1a:70:0d:46:4f:
9e:b4:6a:ca:9b:11:60:bb:08:1e:3c:34:f4:60:a2:fa:14:88:
9b:50:b0:c6:13:31:58:7c:0e:07:d6:58:08:08:ac:9b:87:3d:
5b:a6:d4:4e:54:1d:e4:47:e3:c1:0c:30:25:7b:d4:9d:2a:ed:
31:78:59:6d:15:ea:6f:68:07:3b:62:13:af:02:6d:52:3c:8f:
c6:78:78:ba:e1:87:1f:4d:59:62:39:ff:72:68:9a:58:79:4d:
b8:c7:d9:db:5c:fd:ca:58:38:0b:57:96:05:3e:f2:7b:60:7f:
02:2f:49:26:1c:3c:39:a8:7a:7e:d4:dd:c8:b3:8b:02:13:75:
93:1d:b4:c0:84:7c:bb:4f:99:5d:ad:e2:bb:8a:90:57:d5:2d:
a4:0f:2d:93:71:7b:2c:25:73:29:73:0e:9e:ab:ce:ea:c0:49:
8f:00:24:b2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJGmDhNpL7HFjorx0ylrDO2yHvMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwMThaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5MTI3ODhlNzA5MGY3MTA1NzllYWJjY2NjYWZhZDI5NGVkOTViNmM1NGEx
OTNlYWMxMzgzNDZlNDk5MTlhMTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0mj1UDEnudhdxuqZ8Tz5WdiXOZoPnZ7Fjz0Mk/7FAOcAnA42lsVY34Fs6k
R2hL8XdLiB3Mwm5raBgzWopcmyWIDQk3df4PY3ygCcu4S1xzgqHmPM7d9IhzisvU
iubbz97erfnZfbzWE8ekhllF00BfG6DgnyTcqaPjQG5rxMbplT+NDabif2B7zi9X
470N2bZWXxqg/ly6OgAAy57mn0dt4pZ8N2iETyNo7hcCLvtCF3hmHZTwdrRPRRX8
WXkFs2Kv3smZc9v/fv+JQnZsgE5FyFBDT7JKPC8NQx5ZOrhI2qRWOzgnEAq3gXww
oZuoHnA6Q3GD++gRGDA8x2Q57j8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRj4gHo
e14kaxsUUY8loWt74kyxnjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIwMjIzNDYtNjM4ZS00NTcwLThiMTktNWNmOWI0YzM3OGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099YDAN
BgkqhkiG9w0BAQsFAAOCAQEAalve4oDmUOp4Nw5u8PnQWoBZhXFjLVSDQJS91BfE
QOrWMlVAZOrSx5p+KzRfzN/rnKj1n05yyioO6KlGFeT0mkyFNXtW1bMY1xvUcnUL
KI22EOZHHRpwDUZPnrRqypsRYLsIHjw09GCi+hSIm1CwxhMxWHwOB9ZYCAism4c9
W6bUTlQd5EfjwQwwJXvUnSrtMXhZbRXqb2gHO2ITrwJtUjyPxnh4uuGHH01ZYjn/
cmiaWHlNuMfZ21z9ylg4C1eWBT7ye2B/Ai9JJhw8Oah6ftTdyLOLAhN1kx20wIR8
u0+ZXa3iu4qQV9UtpA8tk3F7LCVzKXMOnqvO6sBJjwAksg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:37 2025 by rpki-client