Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
File: 0b022346-638e-4570-8b19-5cf9b4c378c8.roa (raw, json)
Hash identifier: xwiSsb1iyTO+7tklLyRG1Ru3BbVz84zndS3lIrSGfOo=
Subject key identifier: 0B:34:9D:B8:E6:1F:A7:FF:9E:5F:DC:F9:4F:02:48:09:4B:5D:4D:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B81BFCC19045AD33A336D3294520848C763D0B0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
Signing time: Wed 06 Aug 2025 00:50:22 +0000
ROA not before: Wed 06 Aug 2025 00:50:22 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:81:bf:cc:19:04:5a:d3:3a:33:6d:32:94:52:08:48:c7:63:d0:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:22 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=9626d8f8615b3cc531d7463a7e05661b6c7323e928d8f75bcb2f725c5f503dbf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3c:f9:20:66:2e:5d:19:a5:e5:00:42:41:dc:
c8:8b:7a:5e:40:2a:f6:a9:d5:94:30:c0:b4:23:b2:
e5:f8:fe:9f:de:f6:9c:08:8f:f0:dd:2c:e5:c7:ee:
6b:cc:fa:36:f2:6c:32:c1:52:88:5a:dc:58:60:b2:
99:36:e5:22:61:c5:f1:22:20:55:6e:30:d9:17:ec:
90:fd:da:aa:fb:f2:ed:4a:a2:f1:49:9f:17:c5:28:
c1:79:41:c6:b8:13:c1:f9:59:e7:83:d9:c2:6c:9e:
af:1c:48:0b:19:24:7b:b7:d8:82:82:12:17:8f:8f:
b1:e5:89:84:21:15:41:6c:42:1e:d6:05:e7:c8:d3:
1c:9b:e6:02:c1:03:8c:e6:34:51:1e:9e:c4:d1:47:
c4:f3:b4:62:ca:7c:46:6e:46:73:de:34:ee:bc:95:
e2:39:43:5f:4c:1c:2c:d8:b5:4e:45:d2:7c:ff:13:
71:5e:da:f8:60:72:74:44:f6:48:0a:c6:de:ca:cb:
b9:39:75:81:f0:f6:bf:6d:75:52:4d:31:c8:c1:5b:
ff:ca:a5:8c:90:5d:d5:d2:a5:f6:14:da:13:8f:ce:
a6:24:1b:5e:c4:e5:f8:d6:72:ff:dd:e7:79:3e:ce:
67:50:84:7b:2b:72:ac:db:bc:c9:77:11:c3:53:d9:
b9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:34:9D:B8:E6:1F:A7:FF:9E:5F:DC:F9:4F:02:48:09:4B:5D:4D:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.96.0/21
Signature Algorithm: sha256WithRSAEncryption
a4:2f:7c:ee:a9:c5:51:0e:a6:15:b2:4b:5c:f1:13:0f:86:eb:
1f:9e:90:7d:8c:6f:55:21:3f:41:19:89:93:a8:a8:2f:48:69:
99:26:15:d8:78:5d:c0:49:c0:18:b3:32:5f:61:67:14:3a:de:
d6:8d:1d:8e:3e:57:e5:b3:50:7e:3b:3b:21:30:d0:f5:84:44:
cf:31:25:02:38:cf:6c:89:20:1f:a5:35:79:7c:2f:6e:bc:82:
2f:ab:c2:1d:d7:e1:e9:50:65:f4:69:5a:ce:55:c2:a9:26:aa:
ff:22:e4:c5:80:ac:63:65:44:68:66:7e:ce:74:c0:00:0f:05:
54:82:d7:b2:6a:c3:07:b1:3b:4e:10:df:ea:8c:5e:b2:9b:2b:
77:de:e1:f6:d3:5d:d3:09:fe:ce:fc:fa:10:b9:d3:3a:8d:ac:
8f:f0:4a:ae:60:6c:79:6d:10:1b:58:11:99:98:ae:0b:4b:62:
99:c4:c0:7d:78:fc:cc:91:8a:15:c2:93:de:f6:03:8c:51:39:
8a:34:5e:00:87:49:bc:db:22:4e:31:8d:cf:7a:e6:cb:42:3c:
81:f0:9b:23:23:62:ae:75:46:e0:19:03:dc:39:91:96:58:46:
64:22:22:1e:62:60:50:b2:84:d2:1f:6d:b0:b6:17:f8:a2:71:
c7:df:b3:cc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUS4G/zBkEWtM6M20ylFIISMdj0LAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwMjJaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2MjZkOGY4NjE1YjNjYzUzMWQ3NDYzYTdlMDU2NjFiNmM3MzIzZTkyOGQ4
Zjc1YmNiMmY3MjVjNWY1MDNkYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMY8+SBmLl0ZpeUAQkHcyIt6XkAq9qnVlDDAtCOy5fj+n972nAiP8N0s5cfu
a8z6NvJsMsFSiFrcWGCymTblImHF8SIgVW4w2RfskP3aqvvy7Uqi8UmfF8UowXlB
xrgTwflZ54PZwmyerxxICxkke7fYgoISF4+PseWJhCEVQWxCHtYF58jTHJvmAsED
jOY0UR6exNFHxPO0Ysp8Rm5Gc9407ryV4jlDX0wcLNi1TkXSfP8TcV7a+GBydET2
SArG3srLuTl1gfD2v211Uk0xyMFb/8qljJBd1dKl9hTaE4/OpiQbXsTl+NZy/93n
eT7OZ1CEeytyrNu8yXcRw1PZuQcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQLNJ24
5h+n/55f3PlPAkgJS11NwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIwMjIzNDYtNjM4ZS00NTcwLThiMTktNWNmOWI0YzM3OGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099YDAN
BgkqhkiG9w0BAQsFAAOCAQEApC987qnFUQ6mFbJLXPETD4brH56QfYxvVSE/QRmJ
k6ioL0hpmSYV2HhdwEnAGLMyX2FnFDre1o0djj5X5bNQfjs7ITDQ9YREzzElAjjP
bIkgH6U1eXwvbryCL6vCHdfh6VBl9GlazlXCqSaq/yLkxYCsY2VEaGZ+znTAAA8F
VILXsmrDB7E7ThDf6oxespsrd97h9tNd0wn+zvz6ELnTOo2sj/BKrmBseW0QG1gR
mZiuC0timcTAfXj8zJGKFcKT3vYDjFE5ijReAIdJvNsiTjGNz3rmy0I8gfCbIyNi
rnVG4BkD3DmRllhGZCIiHmJgULKE0h9tsLYX+KJxx9+zzA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:58:42 2025 by rpki-client