Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
File: 4cdfefba-9573-485f-8040-202e038ebf78.roa (raw, json)
Hash identifier: 0cCb5ImSgH84x3TdHy4QzHVvtF/hDteEHs7BaI+zr14=
Subject key identifier: F0:3F:82:03:7D:DF:8D:AE:8B:32:8A:E1:C1:36:03:F4:29:67:2A:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 469F8B0C8C2694E19242231D15C336A1D05EB147
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
Signing time: Sat 12 Jul 2025 00:51:01 +0000
ROA not before: Sat 12 Jul 2025 00:51:01 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.8.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:9f:8b:0c:8c:26:94:e1:92:42:23:1d:15:c3:36:a1:d0:5e:b1:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:51:01 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=7144d60247ad1d87617258ad03f1083edcd9bdc1ebff8a24f9cd1efbbcc01cbe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fe:7d:7b:6e:d6:3c:72:42:52:74:9f:f2:3e:
f5:9a:1d:a3:04:10:40:8d:a3:ed:de:12:55:01:59:
fe:c2:e1:1a:80:6d:7c:fc:b0:c7:f3:20:84:7b:d9:
f1:ad:fe:fe:9e:ed:6b:b7:22:84:92:58:fb:df:bf:
4b:30:28:95:12:79:06:63:32:9b:a8:a7:54:4b:09:
f8:56:76:a2:26:ed:68:1c:cf:dc:3c:30:af:7d:94:
dd:99:fc:c5:76:b1:19:37:e9:c5:87:a4:f6:bb:83:
4c:c3:48:43:b8:5a:d3:84:c9:0d:99:55:63:bf:81:
06:76:5c:51:95:f6:1e:b5:0b:af:5d:7e:e1:63:28:
7b:df:f4:a6:61:2b:49:2c:1c:d9:fc:e0:b7:c6:cd:
d8:98:d5:18:b7:0a:62:44:bb:ae:be:76:53:f3:f9:
0b:04:d7:e2:6d:2c:9e:6c:a3:c6:58:5a:47:32:2e:
8a:8a:40:4a:c4:7d:17:9b:aa:e7:0f:3a:ff:0f:b5:
45:5e:b3:b6:87:ae:e8:b5:c9:86:b8:8a:4d:2d:42:
81:e5:c0:94:31:a1:90:8c:4f:ab:03:bf:0b:d7:71:
65:e5:89:9f:23:c5:b4:41:2a:1b:63:72:c0:1d:ce:
17:06:54:5c:da:b7:a1:16:53:9c:d7:72:15:16:90:
b5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:3F:82:03:7D:DF:8D:AE:8B:32:8A:E1:C1:36:03:F4:29:67:2A:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.8.0/21
Signature Algorithm: sha256WithRSAEncryption
83:41:06:80:f3:4c:da:e6:3a:6c:1a:9b:3d:0a:b7:1a:bf:a3:
0e:00:fb:59:e4:1c:be:47:e0:44:57:a4:33:af:bd:06:5e:16:
f6:f5:43:62:9d:a8:32:73:aa:7d:50:f1:e7:9f:96:1d:4a:e5:
21:8c:32:09:96:1d:ee:7f:2b:d0:b0:07:f2:7e:3f:0c:9a:2d:
e1:2e:a0:da:98:b6:e7:1e:0e:3f:3f:22:3b:42:68:9a:53:85:
79:98:ba:2b:57:92:3e:83:3f:93:31:b8:a0:d5:c6:06:e0:4b:
49:e9:38:83:b9:e1:bd:06:1e:1c:cd:a1:21:69:7a:c9:48:b5:
be:ab:ef:4d:c1:fe:fb:6c:82:61:90:c8:a5:c5:f7:5d:64:d6:
79:7f:34:6d:0a:19:e2:d9:9c:69:3f:9f:ec:e3:b8:f6:e9:55:
92:8b:d3:05:54:c7:18:84:71:f1:2e:8b:f4:b9:5c:c3:59:7f:
d8:45:21:bf:94:a9:76:1c:47:25:7f:d9:a4:9b:ff:67:b9:b8:
17:1b:f7:32:e0:a1:cc:8e:9b:f3:19:92:64:c4:ba:fa:d7:56:
27:e5:e3:14:be:53:c2:44:c5:36:ba:07:98:1e:08:e8:fc:ab:
46:72:52:fd:04:d6:1e:3a:f3:76:dd:76:a8:13:c1:2a:07:bf:
83:00:35:74
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURp+LDIwmlOGSQiMdFcM2odBesUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUxMDFaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxNDRkNjAyNDdhZDFkODc2MTcyNThhZDAzZjEwODNlZGNkOWJkYzFlYmZm
OGEyNGY5Y2QxZWZiYmNjMDFjYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALv+fXtu1jxyQlJ0n/I+9ZodowQQQI2j7d4SVQFZ/sLhGoBtfPywx/MghHvZ
8a3+/p7ta7cihJJY+9+/SzAolRJ5BmMym6inVEsJ+FZ2oibtaBzP3Dwwr32U3Zn8
xXaxGTfpxYek9ruDTMNIQ7ha04TJDZlVY7+BBnZcUZX2HrULr11+4WMoe9/0pmEr
SSwc2fzgt8bN2JjVGLcKYkS7rr52U/P5CwTX4m0snmyjxlhaRzIuiopASsR9F5uq
5w86/w+1RV6ztoeu6LXJhriKTS1CgeXAlDGhkIxPqwO/C9dxZeWJnyPFtEEqG2Ny
wB3OFwZUXNq3oRZTnNdyFRaQtbECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTwP4ID
fd+NrosyiuHBNgP0KWcqEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNkZmVmYmEtOTU3My00ODVmLTgwNDAtMjAyZTAzOGViZjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099CDAN
BgkqhkiG9w0BAQsFAAOCAQEAg0EGgPNM2uY6bBqbPQq3Gr+jDgD7WeQcvkfgRFek
M6+9Bl4W9vVDYp2oMnOqfVDx55+WHUrlIYwyCZYd7n8r0LAH8n4/DJot4S6g2pi2
5x4OPz8iO0JomlOFeZi6K1eSPoM/kzG4oNXGBuBLSek4g7nhvQYeHM2hIWl6yUi1
vqvvTcH++2yCYZDIpcX3XWTWeX80bQoZ4tmcaT+f7OO49ulVkovTBVTHGIRx8S6L
9Llcw1l/2EUhv5SpdhxHJX/ZpJv/Z7m4Fxv3MuChzI6b8xmSZMS6+tdWJ+XjFL5T
wkTFNroHmB4I6PyrRnJS/QTWHjrzdt12qBPBKge/gwA1dA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:24:06 2025 by rpki-client