Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
File: 042e82d3-e08f-4fca-9e40-387fde51dfd5.roa (raw, json)
Hash identifier: lhiFwPRinAWb+x4qDusObRBq++R0aMzNQShUjDfMiNY=
Subject key identifier: 8E:68:76:6D:31:86:5B:E6:C6:9C:76:44:74:4B:BB:5D:21:E0:C5:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1BFD0A7282863CA11A68ACB2C868AA11FDAF0118
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
Signing time: Wed 06 Aug 2025 00:50:21 +0000
ROA not before: Wed 06 Aug 2025 00:50:21 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:fd:0a:72:82:86:3c:a1:1a:68:ac:b2:c8:68:aa:11:fd:af:01:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:21 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=1aad3c723a65a7476444e168dd027e1faae82364546bbd79800f90dcc8a6e35a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:28:1f:2f:ae:db:74:ce:80:b2:3c:44:78:f4:
c2:6d:52:08:d0:7c:8b:98:f9:72:37:f6:0f:ef:a7:
0f:b2:7b:dd:69:8c:1e:3a:9c:59:03:36:87:05:51:
f6:21:dd:0a:7b:7d:8e:ad:58:15:e7:1b:b1:06:ed:
e4:97:0b:ad:bd:4e:be:59:f9:32:07:58:13:05:e0:
fc:a4:2a:8a:f8:b0:c9:8c:97:f4:55:cf:9e:7c:7e:
19:3c:0d:d3:49:69:9e:a8:26:80:45:01:69:63:d0:
25:6c:3e:28:4d:df:1b:c9:b1:1c:87:ef:69:e9:5f:
96:cd:cc:9f:c5:e3:67:71:c5:e4:e1:64:42:36:47:
ae:e6:73:8d:df:15:6d:2d:77:85:22:91:6c:ae:43:
4a:75:e3:88:c6:dc:76:84:26:ea:4e:25:39:aa:7d:
ec:2a:43:9f:d7:23:7c:e2:73:fc:c0:05:26:b5:14:
1d:fe:4d:ca:09:f5:44:0d:f3:8a:f8:b9:43:42:27:
09:fa:d3:19:70:a3:8f:ef:e0:e7:9c:ae:73:fa:f8:
4f:de:a2:d6:ef:cd:a4:93:4a:40:10:d7:83:b2:a3:
e0:9c:bd:3c:f5:db:d8:34:61:61:5f:5b:f3:31:80:
89:c5:99:c1:72:87:cd:60:4c:19:bd:22:37:63:e3:
8c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:68:76:6D:31:86:5B:E6:C6:9C:76:44:74:4B:BB:5D:21:E0:C5:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/042e82d3-e08f-4fca-9e40-387fde51dfd5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.104.0/21
Signature Algorithm: sha256WithRSAEncryption
c9:ae:40:af:37:b8:74:f3:bc:2b:30:47:7a:54:5c:26:42:d4:
3a:f1:62:ba:5d:16:66:bc:a1:65:9b:20:7f:bd:e2:80:89:b4:
04:b0:94:db:d0:c0:ed:ae:b3:b4:d4:1c:03:d4:de:f3:89:ef:
65:9c:ce:c4:a9:8b:67:47:4c:ef:4f:93:13:3a:83:2e:99:46:
27:60:ef:9d:d5:df:54:6b:7c:d1:a0:7e:10:5f:bc:d9:27:2f:
f8:2f:d5:6b:41:4e:dd:33:ce:2c:25:74:c1:42:d3:d1:5f:74:
37:72:f0:c0:00:70:c7:d3:ad:95:e7:3d:ad:66:f5:0c:b8:62:
45:40:13:93:2f:08:4a:95:3b:85:25:29:f6:32:5c:72:7f:bd:
85:5e:31:ea:72:7b:f0:f2:e2:12:00:ad:a6:5b:bd:54:cf:9e:
5e:9b:1b:f6:bd:05:3b:f9:c1:ef:8d:b2:20:83:38:ed:96:82:
fe:8a:83:dc:a2:26:35:65:ba:d7:34:9c:70:7d:2c:6d:d3:a6:
22:78:71:7a:48:f1:35:18:a6:a5:52:f4:40:da:02:33:df:58:
a7:f3:c1:e4:95:4e:1e:7a:68:3f:60:0c:1a:35:24:7e:e1:97:
a2:0d:47:5f:36:1b:08:2f:de:93:15:ac:1b:a7:19:a1:f3:cf:
02:5f:d1:5b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUG/0KcoKGPKEaaKyyyGiqEf2vARgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwMjFaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhYWQzYzcyM2E2NWE3NDc2NDQ0ZTE2OGRkMDI3ZTFmYWFlODIzNjQ1NDZi
YmQ3OTgwMGY5MGRjYzhhNmUzNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUoHy+u23TOgLI8RHj0wm1SCNB8i5j5cjf2D++nD7J73WmMHjqcWQM2hwVR
9iHdCnt9jq1YFecbsQbt5JcLrb1Ovln5MgdYEwXg/KQqiviwyYyX9FXPnnx+GTwN
00lpnqgmgEUBaWPQJWw+KE3fG8mxHIfvaelfls3Mn8XjZ3HF5OFkQjZHruZzjd8V
bS13hSKRbK5DSnXjiMbcdoQm6k4lOap97CpDn9cjfOJz/MAFJrUUHf5Nygn1RA3z
ivi5Q0InCfrTGXCjj+/g55yuc/r4T96i1u/NpJNKQBDXg7Kj4Jy9PPXb2DRhYV9b
8zGAicWZwXKHzWBMGb0iN2PjjKMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSOaHZt
MYZb5sacdkR0S7tdIeDFzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQyZTgyZDMtZTA4Zi00ZmNhLTllNDAtMzg3ZmRlNTFkZmQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099aDAN
BgkqhkiG9w0BAQsFAAOCAQEAya5Arze4dPO8KzBHelRcJkLUOvFiul0WZryhZZsg
f73igIm0BLCU29DA7a6ztNQcA9Te84nvZZzOxKmLZ0dM70+TEzqDLplGJ2DvndXf
VGt80aB+EF+82Scv+C/Va0FO3TPOLCV0wULT0V90N3LwwABwx9Otlec9rWb1DLhi
RUATky8ISpU7hSUp9jJccn+9hV4x6nJ78PLiEgCtplu9VM+eXpsb9r0FO/nB742y
IIM47ZaC/oqD3KImNWW61zSccH0sbdOmInhxekjxNRimpVL0QNoCM99Yp/PB5JVO
HnpoP2AMGjUkfuGXog1HXzYbCC/ekxWsG6cZofPPAl/RWw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:12 2025 by rpki-client