Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
File: c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa (raw, json)
Hash identifier: WZbJeP05i80gAsTEburfLidoDzac580UTK0o+Ic7mys=
Subject key identifier: C1:40:AB:6E:46:94:E8:9B:7E:78:30:1B:98:4C:5C:6C:A6:37:CE:E9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72AA064A3DF646C98DAD2D6F638C42A129D69783
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
Signing time: Fri 23 May 2025 00:50:09 +0000
ROA not before: Fri 23 May 2025 00:50:09 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:aa:06:4a:3d:f6:46:c9:8d:ad:2d:6f:63:8c:42:a1:29:d6:97:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:50:09 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=b6ad6dc2b6a151fc8460cc0f8958e04462b2085b7abbf6ee4a35814846931f72, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:9a:06:78:f3:d8:6b:c2:87:11:d9:71:e8:25:
ed:9a:dc:95:ed:16:fb:f1:48:92:fd:3c:5f:2c:0e:
36:5f:e5:1e:cf:b1:e5:7b:63:e2:48:22:42:f5:34:
fb:5e:f9:74:cd:be:24:48:83:9a:a3:72:f6:63:cf:
8b:27:f0:70:16:50:bd:36:fd:a2:c9:00:cc:09:e5:
93:16:1b:ee:b1:0c:14:59:42:3b:2c:30:07:c6:b6:
9d:40:9a:c7:58:19:8c:82:1a:03:0e:0d:a4:4b:04:
2e:30:41:49:e9:96:6f:df:78:28:0b:cc:f3:f2:b3:
c8:6d:7f:de:78:bf:3b:30:32:87:2a:f9:c1:a0:16:
c4:a0:01:b2:70:1f:29:70:21:c1:ea:23:ce:a6:ba:
cc:b9:19:c4:fb:15:6a:f6:a5:4d:f2:07:e0:56:0e:
09:96:3a:87:71:d1:e4:57:18:ce:4e:d5:4e:f1:3d:
f8:d4:7e:fd:53:12:86:b2:fe:68:4b:c5:02:90:5c:
31:fe:86:be:2d:38:46:95:27:47:80:bb:a3:8a:7a:
0b:af:af:34:b5:f0:41:3c:e8:92:39:ce:f2:2f:63:
4e:4c:ef:4c:75:a9:42:6e:31:88:7d:95:25:df:b7:
55:ee:3f:3d:b2:ae:cd:5f:61:8d:1b:b9:07:5a:5d:
f6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:40:AB:6E:46:94:E8:9B:7E:78:30:1B:98:4C:5C:6C:A6:37:CE:E9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.32.0/19
Signature Algorithm: sha256WithRSAEncryption
c3:ec:1f:31:2d:d2:cb:eb:93:8d:28:a0:86:5a:d2:49:57:e1:
84:4f:18:7d:89:0a:03:66:2a:4f:a7:22:d4:4b:cc:ef:15:a7:
3d:05:14:47:63:e4:ad:c1:02:8b:31:a3:0b:6d:80:85:a2:b6:
c5:58:38:43:ba:e9:e0:84:22:45:6e:6d:68:6a:7a:86:4b:ad:
39:a3:49:7f:7d:d9:23:7b:e6:32:ba:68:80:26:14:ee:37:ab:
7e:cd:34:57:94:2d:25:f8:3a:b0:73:10:dd:47:ac:75:c0:ad:
87:0b:94:38:f6:58:3f:dc:6b:8e:88:79:5b:af:9b:69:78:24:
06:97:d2:22:c5:cc:e2:b1:9a:40:cd:3d:70:92:d0:00:60:c6:
93:d8:8d:81:26:6d:f6:cd:59:a5:cd:9d:c1:94:83:29:3f:42:
60:a5:a5:6a:de:bb:65:fb:96:11:72:41:d2:66:d4:70:8c:93:
fd:ef:b6:c6:2a:25:a5:f6:92:7d:1b:0e:2e:60:88:fd:fd:f9:
ee:c3:fd:12:f9:48:29:80:5d:8a:97:ee:2b:2d:ad:26:c0:39:
c6:74:25:ef:23:89:bc:59:80:6b:9b:90:22:38:c2:fa:d0:ef:
3e:0b:72:31:a7:7b:5d:4b:d0:54:9b:78:a7:c8:43:4f:bc:06:
49:fc:ce:4e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcqoGSj32RsmNrS1vY4xCoSnWl4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDUwMDlaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2YWQ2ZGMyYjZhMTUxZmM4NDYwY2MwZjg5NThlMDQ0NjJiMjA4NWI3YWJi
ZjZlZTRhMzU4MTQ4NDY5MzFmNzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANyaBnjz2GvChxHZcegl7Zrcle0W+/FIkv08XywONl/lHs+x5Xtj4kgiQvU0
+175dM2+JEiDmqNy9mPPiyfwcBZQvTb9oskAzAnlkxYb7rEMFFlCOywwB8a2nUCa
x1gZjIIaAw4NpEsELjBBSemWb994KAvM8/KzyG1/3ni/OzAyhyr5waAWxKABsnAf
KXAhweojzqa6zLkZxPsVavalTfIH4FYOCZY6h3HR5FcYzk7VTvE9+NR+/VMShrL+
aEvFApBcMf6Gvi04RpUnR4C7o4p6C6+vNLXwQTzokjnO8i9jTkzvTHWpQm4xiH2V
Jd+3Ve4/PbKuzV9hjRu5B1pd9j8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTBQKtu
RpTom354MBuYTFxspjfO6TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzRmZWRjMDQtMjRlMC00MWRjLWExZjgtM2JhY2FlM2Q2NjE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99IDAN
BgkqhkiG9w0BAQsFAAOCAQEAw+wfMS3Sy+uTjSighlrSSVfhhE8YfYkKA2YqT6ci
1EvM7xWnPQUUR2PkrcECizGjC22AhaK2xVg4Q7rp4IQiRW5taGp6hkutOaNJf33Z
I3vmMrpogCYU7jerfs00V5QtJfg6sHMQ3UesdcCthwuUOPZYP9xrjoh5W6+baXgk
BpfSIsXM4rGaQM09cJLQAGDGk9iNgSZt9s1Zpc2dwZSDKT9CYKWlat67ZfuWEXJB
0mbUcIyT/e+2xiolpfaSfRsOLmCI/f357sP9EvlIKYBdipfuKy2tJsA5xnQl7yOJ
vFmAa5uQIjjC+tDvPgtyMad7XUvQVJt4p8hDT7wGSfzOTg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:32 2025 by rpki-client