Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
File: 332d3a7e-56bb-435c-b479-a81f23cb0414.roa (raw, json)
Hash identifier: MOBrrmwrClqdjjJRjNtP3Z98yQCNykkBGZFYm5QxA+Y=
Subject key identifier: 3B:A3:78:F7:FF:AD:F1:A1:A2:6C:7C:6E:0F:6B:66:75:1E:56:FB:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 092B342CFDE5E8AFFE166A02EF5129D5AECFFFEF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
Signing time: Sat 12 Jul 2025 00:51:00 +0000
ROA not before: Sat 12 Jul 2025 00:51:00 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:2b:34:2c:fd:e5:e8:af:fe:16:6a:02:ef:51:29:d5:ae:cf:ff:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:00 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=eb8e23d7e1faff696e7f4c842d563a0f43cc6310e8dcb77cf71ad2a95facf425, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7a:b9:00:42:5f:0e:47:6c:b5:78:43:cc:21:
72:0e:bf:22:be:cf:e2:a1:c1:14:3b:e0:47:26:27:
bc:37:7c:ae:3c:8f:e2:36:61:e7:c8:9e:3b:65:25:
e7:41:6a:19:b7:71:83:52:5e:ad:28:02:f2:f1:0a:
47:72:89:a2:ae:f7:d0:33:05:2e:d3:5b:0f:c0:73:
a2:3b:b8:4a:1b:29:48:d8:f7:75:ca:4e:be:b9:21:
2f:ca:b9:1a:f9:b0:23:3f:a9:44:ce:52:cc:82:52:
06:be:69:d5:18:3f:f0:71:87:81:2b:d4:e4:60:1b:
a8:2a:2b:cb:28:fc:79:de:d7:a6:7d:d2:a2:f8:ee:
13:64:36:05:96:40:b9:9f:9b:75:f3:c5:cb:c6:57:
8f:5c:2a:4f:5c:1d:67:6b:c5:1c:fc:c0:d2:85:9e:
42:d8:b7:5b:dd:e7:40:8e:48:ea:d1:79:d7:83:c3:
b3:21:98:af:4f:95:74:dc:85:96:31:4d:3e:68:7c:
84:82:69:40:04:a4:20:ab:b2:1f:89:8b:03:4a:0a:
29:17:56:fe:c6:c4:cd:b9:af:77:ec:20:f0:d2:62:
b9:39:14:00:8d:30:e7:4f:13:d3:79:6c:7d:cf:c9:
3f:75:24:8b:a7:ee:7a:30:90:64:ef:1d:dd:5c:6c:
93:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A3:78:F7:FF:AD:F1:A1:A2:6C:7C:6E:0F:6B:66:75:1E:56:FB:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.28.0/22
Signature Algorithm: sha256WithRSAEncryption
c1:c5:f6:86:84:40:d4:09:cf:0e:1b:6b:0d:7f:ed:c2:cf:a2:
21:73:3b:7d:34:ae:8e:1e:14:ec:1d:65:29:53:69:c0:d0:a3:
9d:52:b7:be:8d:77:5d:f3:0f:34:75:e2:44:45:86:c9:49:88:
fb:2a:a0:cb:b3:8d:0f:cf:b1:07:3b:56:fd:c9:b6:3e:53:cf:
81:3e:bd:68:8a:74:20:a3:2f:44:ab:74:f3:6b:76:ce:35:c4:
d3:90:2d:d7:ae:d4:b7:9d:4d:73:cd:56:c4:60:68:a9:24:ec:
ee:0c:84:fd:64:3c:01:f2:57:4a:b5:cb:e5:e3:66:8c:f3:c2:
56:6c:86:6e:eb:04:63:1b:98:a2:d2:d8:cd:a4:59:ed:82:cc:
4c:8d:ac:ad:d4:30:7c:52:ef:fe:56:18:b6:c7:60:96:f6:56:
c3:51:d9:b1:49:27:74:18:d0:b2:85:de:a0:41:50:0f:5d:36:
e8:6f:dd:fd:ea:77:df:87:9a:71:61:d5:71:87:68:67:9d:3c:
f7:f0:21:4c:cf:45:12:73:00:08:47:e4:27:9e:d5:4f:d9:e5:
f7:a8:fc:33:dd:3c:b8:d4:9e:e3:69:0d:f3:38:81:06:ab:26:
6a:48:76:7e:18:b9:10:09:67:cb:aa:0a:87:7e:d9:83:34:42:
78:eb:27:33
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCSs0LP3l6K/+FmoC71Ep1a7P/+8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMDBaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGViOGUyM2Q3ZTFmYWZmNjk2ZTdmNGM4NDJkNTYzYTBmNDNjYzYzMTBlOGRj
Yjc3Y2Y3MWFkMmE5NWZhY2Y0MjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKN6uQBCXw5HbLV4Q8whcg6/Ir7P4qHBFDvgRyYnvDd8rjyP4jZh58ieO2Ul
50FqGbdxg1JerSgC8vEKR3KJoq730DMFLtNbD8Bzoju4ShspSNj3dcpOvrkhL8q5
GvmwIz+pRM5SzIJSBr5p1Rg/8HGHgSvU5GAbqCoryyj8ed7Xpn3SovjuE2Q2BZZA
uZ+bdfPFy8ZXj1wqT1wdZ2vFHPzA0oWeQti3W93nQI5I6tF514PDsyGYr0+VdNyF
ljFNPmh8hIJpQASkIKuyH4mLA0oKKRdW/sbEzbmvd+wg8NJiuTkUAI0w508T03ls
fc/JP3Uki6fuejCQZO8d3Vxsk4MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ7o3j3
/63xoaJsfG4Pa2Z1Hlb7ozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzMyZDNhN2UtNTZiYi00MzVjLWI0NzktYTgxZjIzY2IwNDE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99HDAN
BgkqhkiG9w0BAQsFAAOCAQEAwcX2hoRA1AnPDhtrDX/tws+iIXM7fTSujh4U7B1l
KVNpwNCjnVK3vo13XfMPNHXiREWGyUmI+yqgy7OND8+xBztW/cm2PlPPgT69aIp0
IKMvRKt082t2zjXE05At167Ut51Nc81WxGBoqSTs7gyE/WQ8AfJXSrXL5eNmjPPC
VmyGbusEYxuYotLYzaRZ7YLMTI2srdQwfFLv/lYYtsdglvZWw1HZsUkndBjQsoXe
oEFQD1026G/d/ep334eacWHVcYdoZ5089/AhTM9FEnMACEfkJ57VT9nl96j8M908
uNSe42kN8ziBBqsmakh2fhi5EAlny6oKh37ZgzRCeOsnMw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:10 2025 by rpki-client