Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
File: 332d3a7e-56bb-435c-b479-a81f23cb0414.roa (raw, json)
Hash identifier: Dn5C6P3f/g9UGZs4tlpvokQ7D5UG4HjODwlao9UhqWQ=
Subject key identifier: D1:A3:1D:0E:4F:6D:8E:44:98:B4:45:68:DB:05:8E:01:49:64:6C:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0AE89A98DCB081C0828BFB08F965682BAD1615A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
Signing time: Fri 23 May 2025 00:40:15 +0000
ROA not before: Fri 23 May 2025 00:40:15 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:e8:9a:98:dc:b0:81:c0:82:8b:fb:08:f9:65:68:2b:ad:16:15:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:40:15 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=1cea7a4e2106fb10c7f1297bf2c8780afed7f37723e61060af500cb3831bf651, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:0c:1c:b3:a5:a9:e7:a6:b6:bd:38:6e:7f:0d:
95:f1:26:0d:31:f7:62:7d:5e:c9:38:42:cb:78:13:
e9:7d:7a:23:a0:ad:9f:7f:91:b9:44:f3:c8:ba:cf:
f7:6a:52:58:3f:a3:d4:c3:9a:9b:22:f6:43:2f:39:
9f:9e:cc:ce:fd:fb:0a:1c:66:ea:88:c0:30:fe:9b:
24:97:9b:81:61:eb:1d:1d:57:50:ca:88:0a:32:a8:
35:a0:d9:58:3a:63:0a:fc:a2:77:de:64:19:eb:c2:
93:c1:d7:3f:83:3b:ea:57:6c:27:f3:dc:5c:11:2a:
93:d1:c4:dd:2a:0c:b8:2f:ed:8e:c8:6e:d2:a2:b8:
6b:f2:e2:69:7f:57:47:14:a8:b6:ef:dc:21:b3:06:
0a:1b:f0:aa:a6:c7:c9:f7:20:49:5a:8c:c9:38:0c:
7c:71:de:de:c3:a8:85:34:d9:75:3c:6d:46:3d:bc:
dc:57:78:d6:07:7b:4a:d4:2f:2d:ac:1e:71:e7:7d:
54:27:81:94:cf:1d:24:68:9f:76:fb:c0:d3:b8:a3:
5a:73:8a:5e:af:dd:e2:2f:c8:b2:f8:e7:d1:af:33:
c1:2b:ce:a0:00:83:8f:5d:e9:7b:dc:cd:2f:86:66:
d3:0c:aa:35:5f:17:b9:61:4b:ce:50:a0:69:1b:30:
95:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A3:1D:0E:4F:6D:8E:44:98:B4:45:68:DB:05:8E:01:49:64:6C:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.28.0/22
Signature Algorithm: sha256WithRSAEncryption
c4:6a:d6:b2:e9:c8:75:bc:43:92:a5:db:6a:2c:62:05:94:88:
0a:b9:9c:bc:18:ab:8c:91:e8:08:92:83:e2:22:f8:41:5a:e2:
69:20:7e:6e:3d:86:2f:93:24:d4:0c:85:1c:52:53:45:64:4a:
d4:02:aa:e9:70:da:ee:57:f6:d6:ee:74:61:57:ac:3c:8d:d9:
48:f7:dd:55:46:19:a8:b8:9e:15:12:32:42:1e:b2:77:74:53:
61:86:46:f4:cb:f0:0f:d4:aa:bf:47:e5:2b:ff:c2:7b:9d:ed:
dd:a7:4e:d1:bc:c2:ac:4e:32:5a:34:1d:ee:4f:28:ae:44:ce:
20:53:f2:73:41:ef:40:fa:47:3a:33:f0:7a:88:f3:fc:25:08:
a3:6c:71:0d:ab:16:68:1e:63:5f:b4:8c:d5:dc:51:c0:d1:9f:
a1:e5:f7:0f:d2:77:66:da:5d:c8:eb:e5:af:de:3c:4b:8e:47:
c1:a9:12:91:b8:ec:e6:1a:c9:48:12:dc:6a:af:1b:ca:e7:60:
ee:0b:00:32:cf:3a:64:98:66:2c:fd:81:5e:a6:6d:62:49:52:
b8:bb:2b:2c:3a:d6:7c:1a:5f:aa:7a:a5:29:3d:ca:f6:22:e5:
9c:c7:e2:0f:5a:5a:44:bd:08:b3:81:e7:3f:df:a6:61:41:d6:
7d:b0:b2:3e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCuiamNywgcCCi/sI+WVoK60WFaMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQwMTVaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjZWE3YTRlMjEwNmZiMTBjN2YxMjk3YmYyYzg3ODBhZmVkN2YzNzcyM2U2
MTA2MGFmNTAwY2IzODMxYmY2NTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPoMHLOlqeemtr04bn8NlfEmDTH3Yn1eyThCy3gT6X16I6Ctn3+RuUTzyLrP
92pSWD+j1MOamyL2Qy85n57Mzv37Chxm6ojAMP6bJJebgWHrHR1XUMqICjKoNaDZ
WDpjCvyid95kGevCk8HXP4M76ldsJ/PcXBEqk9HE3SoMuC/tjshu0qK4a/LiaX9X
RxSotu/cIbMGChvwqqbHyfcgSVqMyTgMfHHe3sOohTTZdTxtRj283Fd41gd7StQv
Laweced9VCeBlM8dJGifdvvA07ijWnOKXq/d4i/Isvjn0a8zwSvOoACDj13pe9zN
L4Zm0wyqNV8XuWFLzlCgaRswlW0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTRox0O
T22ORJi0RWjbBY4BSWRseDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzMyZDNhN2UtNTZiYi00MzVjLWI0NzktYTgxZjIzY2IwNDE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99HDAN
BgkqhkiG9w0BAQsFAAOCAQEAxGrWsunIdbxDkqXbaixiBZSICrmcvBirjJHoCJKD
4iL4QVriaSB+bj2GL5Mk1AyFHFJTRWRK1AKq6XDa7lf21u50YVesPI3ZSPfdVUYZ
qLieFRIyQh6yd3RTYYZG9MvwD9Sqv0flK//Ce53t3adO0bzCrE4yWjQd7k8orkTO
IFPyc0HvQPpHOjPweojz/CUIo2xxDasWaB5jX7SM1dxRwNGfoeX3D9J3ZtpdyOvl
r948S45HwakSkbjs5hrJSBLcaq8byudg7gsAMs86ZJhmLP2BXqZtYklSuLsrLDrW
fBpfqnqlKT3K9iLlnMfiD1paRL0Is4HnP9+mYUHWfbCyPg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:18 2025 by rpki-client