Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa
File: bfae711e-b0c4-404f-be1f-a99990818ac6.roa (raw, json)
Hash identifier: RY8wPZ98cUBxy8egHq1fbzMujBdqfxvoIGmpkvSM+TQ=
Subject key identifier: 59:B1:C4:96:28:0A:C3:48:9C:EF:85:06:BC:21:E1:B8:C0:A4:39:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5502B541316713267C2DC88BC3AC3509290C573F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa
Signing time: Sat 12 Jul 2025 00:50:57 +0000
ROA not before: Sat 12 Jul 2025 00:50:57 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:02:b5:41:31:67:13:26:7c:2d:c8:8b:c3:ac:35:09:29:0c:57:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:50:57 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=8ba136754af79113e1111273757cd91b79ffda22019c13119da6531ebd5ad90d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:26:b4:1c:ab:5b:b1:6d:65:0d:b0:cd:56:b8:
19:be:d5:c9:ed:13:07:dc:d4:31:75:f7:b1:22:ea:
72:10:76:f2:73:90:3d:1d:9a:10:39:05:f5:d8:fd:
6f:3c:e8:09:79:5e:73:e4:2b:0d:92:9b:a4:49:63:
79:f5:8a:3b:8b:1b:3e:ff:eb:27:35:74:85:a8:af:
a2:68:96:c6:96:6b:d6:3d:a4:d8:57:09:4e:20:b2:
10:be:a5:b5:67:8c:ec:87:f7:98:db:43:a6:c5:84:
8b:9b:cb:63:b0:7f:6f:bc:aa:f5:be:02:3d:9a:b4:
6d:d2:f8:0c:0d:02:34:65:29:8c:0e:0e:82:b9:db:
14:03:59:57:a6:37:1a:16:d8:ca:e0:6a:63:b3:eb:
f7:6f:78:32:5c:83:48:d8:79:04:6d:8b:71:de:8c:
54:ca:10:e4:66:23:8b:4c:db:fe:a7:6a:99:68:cd:
ab:bf:e2:6c:2d:a0:76:33:83:0b:22:06:bf:0b:55:
93:cd:88:15:0b:fd:61:a1:b2:e2:00:f3:7a:78:b2:
de:7e:dd:96:0e:d2:97:14:20:50:e9:a0:c0:d7:41:
17:0d:3d:6d:ae:e3:d4:3d:53:34:00:33:ed:f3:20:
66:16:d0:46:39:a1:54:92:c3:a6:d4:e6:6a:3b:5d:
c7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B1:C4:96:28:0A:C3:48:9C:EF:85:06:BC:21:E1:B8:C0:A4:39:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:50:a4:54:fd:46:fc:39:ec:be:af:dd:24:c7:c7:b3:29:f3:
d2:d1:e3:85:23:70:cd:90:da:08:08:df:c4:1f:3d:31:52:69:
93:23:7b:18:bc:d2:3d:4f:c9:4b:68:36:ad:35:e8:36:a0:0b:
07:71:e3:f0:63:0b:b9:06:9e:c1:d7:b5:9f:20:ce:d1:2f:bf:
96:a5:30:95:08:cf:ff:27:cf:71:db:4b:6b:67:d9:53:e8:f8:
b2:a6:2e:52:ec:27:af:c5:d7:7a:e8:1e:14:08:00:f8:7a:07:
20:d2:1e:f8:f5:c5:e6:30:ff:dc:53:42:eb:a8:ce:cd:50:e7:
72:db:f8:3b:08:3e:8d:0e:40:27:53:65:4f:2b:f3:1e:cc:fe:
e9:d3:c3:39:63:59:60:9a:c2:a0:eb:95:28:71:dc:63:d6:84:
a8:6f:c5:99:91:d0:07:04:cf:1d:ef:e4:a5:af:f0:9d:34:8f:
d8:14:ea:10:4e:42:1c:97:08:27:b1:c4:40:29:d1:24:3c:ea:
7e:60:d3:3a:ed:5f:62:e4:af:6f:dd:bf:d2:74:dd:d9:0d:1a:
ae:6b:c7:c7:b9:8b:d7:0c:0a:cc:46:f0:42:b5:33:29:65:88:
26:35:be:0d:59:0f:3e:b2:06:f1:c3:ef:8e:6b:d5:a0:a2:8a:
44:3c:2c:23
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVQK1QTFnEyZ8LciLw6w1CSkMVz8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUwNTdaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiYTEzNjc1NGFmNzkxMTNlMTExMTI3Mzc1N2NkOTFiNzlmZmRhMjIwMTlj
MTMxMTlkYTY1MzFlYmQ1YWQ5MGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMomtByrW7FtZQ2wzVa4Gb7Vye0TB9zUMXX3sSLqchB28nOQPR2aEDkF9dj9
bzzoCXlec+QrDZKbpEljefWKO4sbPv/rJzV0haivomiWxpZr1j2k2FcJTiCyEL6l
tWeM7If3mNtDpsWEi5vLY7B/b7yq9b4CPZq0bdL4DA0CNGUpjA4OgrnbFANZV6Y3
GhbYyuBqY7Pr9294MlyDSNh5BG2Lcd6MVMoQ5GYji0zb/qdqmWjNq7/ibC2gdjOD
CyIGvwtVk82IFQv9YaGy4gDzeniy3n7dlg7SlxQgUOmgwNdBFw09ba7j1D1TNAAz
7fMgZhbQRjmhVJLDptTmajtdx80CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRZscSW
KArDSJzvhQa8IeG4wKQ5gTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmZhZTcxMWUtYjBjNC00MDRmLWJlMWYtYTk5OTkwODE4YWM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAU99ADAN
BgkqhkiG9w0BAQsFAAOCAQEApVCkVP1G/Dnsvq/dJMfHsynz0tHjhSNwzZDaCAjf
xB89MVJpkyN7GLzSPU/JS2g2rTXoNqALB3Hj8GMLuQaewde1nyDO0S+/lqUwlQjP
/yfPcdtLa2fZU+j4sqYuUuwnr8XXeugeFAgA+HoHINIe+PXF5jD/3FNC66jOzVDn
ctv4Owg+jQ5AJ1NlTyvzHsz+6dPDOWNZYJrCoOuVKHHcY9aEqG/FmZHQBwTPHe/k
pa/wnTSP2BTqEE5CHJcIJ7HEQCnRJDzqfmDTOu1fYuSvb92/0nTd2Q0armvHx7mL
1wwKzEbwQrUzKWWIJjW+DVkPPrIG8cPvjmvVoKKKRDwsIw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:33:33 2025 by rpki-client