Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
File: 332d3a7e-56bb-435c-b479-a81f23cb0414.roa (raw, json)
Hash identifier: wSUoBlvbKBBfohOnqIT12xivmiRkUu+q9E6hV7BQ6KQ=
Subject key identifier: 7B:14:93:B4:F0:41:2D:CE:F1:DD:46:07:A0:CE:6E:5D:BC:FF:0A:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09669A3C7A2E745E8DCD14434754970F02669731
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
Signing time: Mon 01 Sep 2025 21:21:36 +0000
ROA not before: Mon 01 Sep 2025 21:21:36 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:66:9a:3c:7a:2e:74:5e:8d:cd:14:43:47:54:97:0f:02:66:97:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:36 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=60f485be7d35ddaf2bb6a314b7d013eeb023e5921e2fc0ddf227bf2d81168fbc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c6:01:e5:6a:7c:e3:bd:28:90:c4:f7:10:e4:
8e:2f:c2:f8:4a:34:f4:a0:89:a5:70:18:00:3b:04:
aa:e1:01:41:dd:5c:09:ed:55:d9:e4:ff:c0:f2:58:
8a:cc:2c:31:55:eb:4c:2e:75:17:74:a7:16:75:c1:
e9:b5:87:08:cc:b6:d5:20:c7:34:99:39:30:be:e9:
25:c2:c9:d6:08:ce:d3:70:5e:4b:c6:74:1a:21:da:
79:18:6f:8a:7e:d9:07:c0:dc:84:42:42:95:e2:40:
95:6a:1a:94:79:10:09:33:6d:8f:a2:e4:34:a6:e8:
be:49:d4:6e:e3:26:ef:bd:01:97:08:a6:85:96:b0:
38:69:ec:5c:7b:3c:48:d5:1f:a6:05:43:85:f3:0e:
6c:b7:78:fa:fb:90:e8:0e:d3:55:61:20:c8:cd:4e:
9b:81:7c:31:01:e6:22:a0:ba:36:db:ae:e4:67:a8:
28:61:b5:18:09:1d:b2:e3:cf:db:69:0b:04:c4:b3:
3b:bd:3a:28:bf:74:ea:c9:62:07:74:f6:e1:ff:bf:
ad:48:b8:aa:95:76:f3:f3:a8:d0:1f:89:26:b8:47:
e0:4e:49:8a:c5:e3:c4:b9:ef:e6:0d:87:01:e5:c0:
7f:50:4b:2e:a2:41:0d:e7:19:24:ac:37:eb:bf:fb:
45:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:14:93:B4:F0:41:2D:CE:F1:DD:46:07:A0:CE:6E:5D:BC:FF:0A:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.28.0/22
Signature Algorithm: sha256WithRSAEncryption
25:c7:09:a2:b1:cc:1f:67:f4:57:c6:72:88:c1:c5:8c:46:3b:
7c:40:48:c2:50:a0:0a:d6:36:8e:d3:ae:f0:13:c2:e5:77:b1:
be:61:10:e9:f5:c0:39:ec:60:0e:51:2c:42:ae:e8:35:7c:47:
93:4e:05:19:15:21:bb:b8:0c:e9:f4:ee:08:ea:3f:d5:75:d8:
0e:43:49:f7:b5:01:61:74:3a:87:76:a8:cd:c6:19:4c:3f:0f:
e7:7f:34:2d:81:bf:b4:06:a2:bc:b6:0b:46:ec:e4:db:cd:fc:
26:45:13:7e:b1:2a:db:8f:ea:f2:03:54:8e:1a:55:d1:6f:84:
68:9e:89:71:c2:f9:18:60:ba:44:4e:c9:84:fd:a0:84:ba:79:
6c:60:35:b3:23:08:92:03:18:65:77:df:6e:57:61:32:34:92:
d5:d7:44:59:70:52:05:ba:a3:66:2f:68:a2:08:12:b1:ad:71:
7e:ef:c4:f9:c7:e2:b6:b3:b5:89:63:e6:5f:44:9b:1a:03:b6:
9e:34:b3:f0:7d:a8:87:d5:bd:b7:17:6a:c9:40:23:20:bf:6d:
b3:d3:ed:f8:f5:fa:bb:9a:ce:57:82:b3:06:ff:f7:a0:bd:cb:
0a:f1:b8:3a:ac:25:fb:d8:e6:91:55:78:2c:09:6f:84:03:be:
f1:a0:dd:7f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCWaaPHoudF6NzRRDR1SXDwJmlzEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMzZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwZjQ4NWJlN2QzNWRkYWYyYmI2YTMxNGI3ZDAxM2VlYjAyM2U1OTIxZTJm
YzBkZGYyMjdiZjJkODExNjhmYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3GAeVqfOO9KJDE9xDkji/C+Eo09KCJpXAYADsEquEBQd1cCe1V2eT/wPJY
iswsMVXrTC51F3SnFnXB6bWHCMy21SDHNJk5ML7pJcLJ1gjO03BeS8Z0GiHaeRhv
in7ZB8DchEJCleJAlWoalHkQCTNtj6LkNKbovknUbuMm770BlwimhZawOGnsXHs8
SNUfpgVDhfMObLd4+vuQ6A7TVWEgyM1Om4F8MQHmIqC6Ntuu5GeoKGG1GAkdsuPP
22kLBMSzO706KL906sliB3T24f+/rUi4qpV28/Oo0B+JJrhH4E5JisXjxLnv5g2H
AeXAf1BLLqJBDecZJKw367/7RbMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR7FJO0
8EEtzvHdRgegzm5dvP8KYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzMyZDNhN2UtNTZiYi00MzVjLWI0NzktYTgxZjIzY2IwNDE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99HDAN
BgkqhkiG9w0BAQsFAAOCAQEAJccJorHMH2f0V8ZyiMHFjEY7fEBIwlCgCtY2jtOu
8BPC5XexvmEQ6fXAOexgDlEsQq7oNXxHk04FGRUhu7gM6fTuCOo/1XXYDkNJ97UB
YXQ6h3aozcYZTD8P5380LYG/tAaivLYLRuzk2838JkUTfrEq24/q8gNUjhpV0W+E
aJ6JccL5GGC6RE7JhP2ghLp5bGA1syMIkgMYZXffbldhMjSS1ddEWXBSBbqjZi9o
oggSsa1xfu/E+cfitrO1iWPmX0SbGgO2njSz8H2oh9W9txdqyUAjIL9ts9Pt+PX6
u5rOV4KzBv/3oL3LCvG4Oqwl+9jmkVV4LAlvhAO+8aDdfw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:33 2025 by rpki-client