Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
File: 5326a6e7-9660-4ae8-a80a-996863be862e.roa (raw, json)
Hash identifier: yaOvVYXg8ZtCn7jLKZeFKa/GWBjNmbbpOODFIaqxHtw=
Subject key identifier: 58:C6:1D:C7:A7:E8:86:AA:83:62:37:CC:87:13:CD:4C:7A:F9:4E:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4177B7186AC6FC0004F0FEFB02B96C923FCC725D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
Signing time: Tue 02 Sep 2025 00:40:37 +0000
ROA not before: Tue 02 Sep 2025 00:40:37 +0000
ROA not after: Tue 07 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:77:b7:18:6a:c6:fc:00:04:f0:fe:fb:02:b9:6c:92:3f:cc:72:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 2 00:40:37 2025 GMT
Not After : Oct 7 23:59:59 2025 GMT
Subject: serialNumber=3ac604af130a13e8f4003c12c08267adc427a35af6300ac96b71eb0dab628af1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f1:5f:91:48:c8:30:f7:29:e0:6c:be:e5:89:
0e:6d:d9:51:34:60:9c:e9:1a:2f:ab:77:be:0e:ff:
af:12:92:23:b2:62:c5:bc:9b:7c:f2:ef:66:13:e7:
bf:e8:8e:aa:b8:05:54:a7:96:ca:f4:d8:23:29:4c:
3a:bc:13:f8:44:8a:aa:4a:8c:97:13:fc:82:1c:a0:
b4:8f:f5:02:7c:8f:64:44:92:92:d1:3c:e5:70:a7:
23:95:35:d0:e3:7c:72:36:ac:f8:a1:21:53:a1:fe:
e7:30:df:cf:1a:82:d6:75:b0:f3:9b:70:93:40:d1:
40:7a:2a:b6:5d:11:65:b6:fb:79:90:25:0e:7c:44:
4f:14:7c:06:96:cd:e5:1c:8c:62:39:06:96:b2:a0:
92:eb:a7:7b:ab:e4:10:f7:e1:38:90:a5:82:22:aa:
c3:06:7b:62:3d:4f:8d:ba:e9:27:6d:00:93:98:4b:
10:af:51:27:61:85:b5:8c:9a:34:8b:70:56:d1:0f:
ee:5d:ba:11:9f:46:41:e3:6f:1f:ff:ad:c4:5f:d9:
48:21:51:e9:c9:1c:8f:08:75:bd:40:ff:ee:63:25:
3c:b4:4a:0e:a8:72:e7:06:6f:1b:9e:99:6c:2b:e4:
1e:ec:e0:5d:93:bc:ef:e3:4f:20:76:ee:ea:5a:c6:
9b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:C6:1D:C7:A7:E8:86:AA:83:62:37:CC:87:13:CD:4C:7A:F9:4E:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.64.0/19
Signature Algorithm: sha256WithRSAEncryption
6f:1f:4e:05:c1:50:18:9d:cc:e8:11:d7:ca:96:6f:80:cf:25:
c1:18:ba:51:88:19:40:f9:3d:6b:e1:61:ed:a9:03:6a:75:8f:
fa:16:96:ec:f0:4c:79:04:ad:00:bb:2c:bb:bc:c3:24:35:88:
67:d3:3d:75:8a:25:9a:29:a7:61:5b:a4:24:7c:e1:a7:3e:29:
3a:51:a0:26:f9:b2:f1:94:da:1d:02:7f:db:51:1a:1a:1b:a3:
10:70:e1:66:25:f9:8b:cc:7c:f2:2d:42:28:2a:a9:01:ed:6a:
b3:45:cc:bd:f2:c1:46:e0:91:bc:6c:97:a4:e6:84:85:a2:3d:
a0:35:46:a2:d7:13:c5:aa:15:54:a2:59:73:15:7a:d6:7a:03:
b5:7a:c5:25:b8:58:d2:93:f5:04:b9:f2:67:ce:c2:5d:1e:74:
12:b0:5a:2d:00:d4:16:31:88:8b:35:72:5e:a0:d7:ff:c1:f1:
33:f1:9b:3d:c8:3e:46:df:90:b5:d0:f4:64:e8:2e:e4:40:62:
19:47:1d:5d:73:9c:29:1c:70:93:71:30:60:2a:73:2a:cb:74:
4b:f2:3b:a0:ea:f5:13:97:92:c1:87:b1:38:f7:90:9e:e5:89:
92:69:27:bc:d1:8e:60:05:c5:fe:c2:10:e3:d7:29:f8:e9:ee:
e0:d0:aa:18
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQXe3GGrG/AAE8P77Arlskj/Mcl0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDIwMDQwMzdaFw0yNTEwMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhYzYwNGFmMTMwYTEzZThmNDAwM2MxMmMwODI2N2FkYzQyN2EzNWFmNjMw
MGFjOTZiNzFlYjBkYWI2MjhhZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjxX5FIyDD3KeBsvuWJDm3ZUTRgnOkaL6t3vg7/rxKSI7JixbybfPLvZhPn
v+iOqrgFVKeWyvTYIylMOrwT+ESKqkqMlxP8ghygtI/1AnyPZESSktE85XCnI5U1
0ON8cjas+KEhU6H+5zDfzxqC1nWw85twk0DRQHoqtl0RZbb7eZAlDnxETxR8BpbN
5RyMYjkGlrKgkuune6vkEPfhOJClgiKqwwZ7Yj1PjbrpJ20Ak5hLEK9RJ2GFtYya
NItwVtEP7l26EZ9GQeNvH/+txF/ZSCFR6ckcjwh1vUD/7mMlPLRKDqhy5wZvG56Z
bCvkHuzgXZO87+NPIHbu6lrGm58CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRYxh3H
p+iGqoNiN8yHE81MevlO9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMyNmE2ZTctOTY2MC00YWU4LWE4MGEtOTk2ODYzYmU4NjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99QDAN
BgkqhkiG9w0BAQsFAAOCAQEAbx9OBcFQGJ3M6BHXypZvgM8lwRi6UYgZQPk9a+Fh
7akDanWP+haW7PBMeQStALssu7zDJDWIZ9M9dYolmimnYVukJHzhpz4pOlGgJvmy
8ZTaHQJ/21EaGhujEHDhZiX5i8x88i1CKCqpAe1qs0XMvfLBRuCRvGyXpOaEhaI9
oDVGotcTxaoVVKJZcxV61noDtXrFJbhY0pP1BLnyZ87CXR50ErBaLQDUFjGIizVy
XqDX/8HxM/GbPcg+Rt+QtdD0ZOgu5EBiGUcdXXOcKRxwk3EwYCpzKst0S/I7oOr1
E5eSwYexOPeQnuWJkmknvNGOYAXF/sIQ49cp+Onu4NCqGA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:05 2025 by rpki-client