Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
File: 0b022346-638e-4570-8b19-5cf9b4c378c8.roa (raw, json)
Hash identifier: H3lcq3K9MlTvwW6Sk+TX2OLE859I47msIYjgFSdOrqg=
Subject key identifier: 76:8E:FB:45:E8:68:FC:6D:EA:3C:00:81:73:A9:58:2C:D8:8E:58:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06F38883B60B916C4E5C7C1F92B4DAF54655EEF6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
Signing time: Tue 17 Jun 2025 00:40:22 +0000
ROA not before: Tue 17 Jun 2025 00:40:22 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:f3:88:83:b6:0b:91:6c:4e:5c:7c:1f:92:b4:da:f5:46:55:ee:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:22 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=02e3429feb11f634af2272fb1090927b96153f8fa3590622979e5c02e87f8336, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:35:c0:09:41:da:54:47:a4:09:d6:a1:2f:47:
2f:42:41:a8:d7:ad:7b:21:dc:31:69:ee:9b:0b:16:
e9:8f:70:eb:34:aa:d0:2d:59:d0:96:db:78:00:3a:
67:b8:61:98:81:97:95:79:07:43:ab:b6:d5:e6:ed:
1a:b9:f7:81:8b:58:11:67:56:81:f0:4c:1d:3e:87:
6b:89:df:9d:be:d5:b2:1e:44:8f:86:d4:43:44:bd:
84:16:55:0e:09:bb:eb:d4:d9:e9:e3:3c:07:c0:71:
fd:4d:2e:95:2b:6a:1c:56:ed:6e:af:d9:9c:bf:ef:
ba:ef:7a:ca:8f:31:5b:b4:c5:8d:a8:33:4e:76:e3:
66:a6:5b:73:eb:f3:ae:0c:37:bc:df:82:2a:5e:6c:
97:14:0e:9d:de:aa:05:0f:99:e3:cf:4e:3f:ce:69:
ba:8d:00:a7:f1:61:cf:50:78:59:2f:93:e8:cf:ca:
92:ca:80:1c:5d:2f:5f:0a:74:cd:7f:c5:8c:a2:fa:
3a:d8:20:a4:1e:eb:fa:40:8c:c0:23:4a:08:6e:06:
82:60:1e:af:70:c8:ef:f5:bd:42:85:94:73:bc:ea:
bf:14:88:d5:22:b8:bb:52:79:a0:08:24:68:06:da:
9a:ef:86:ad:6c:05:3e:f1:2e:f8:88:dd:64:cc:f1:
d4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8E:FB:45:E8:68:FC:6D:EA:3C:00:81:73:A9:58:2C:D8:8E:58:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.96.0/21
Signature Algorithm: sha256WithRSAEncryption
4f:61:84:ef:82:30:3f:5e:ce:e4:26:2f:6f:7a:82:9e:38:97:
df:3b:c9:a3:53:7a:45:36:c8:18:1c:19:0b:48:70:66:d8:6d:
e0:a5:96:35:ff:9e:56:e1:ef:50:2f:f1:f6:ad:4c:a7:7a:c3:
51:62:ad:c3:c0:6f:ba:3b:71:12:e9:1e:6c:52:ae:cf:16:eb:
86:20:b3:2e:e8:4d:ff:cb:78:6c:74:0e:5a:92:27:b8:c5:8e:
7f:53:54:f1:27:39:4d:a9:90:b7:5c:11:59:b1:78:59:42:66:
f4:95:b0:fc:58:e3:6c:a3:29:78:ec:42:ca:b4:21:49:8a:64:
77:19:b2:62:5d:fd:1c:76:23:68:c1:c7:db:73:cf:cd:5e:c5:
b0:72:f8:66:5e:fd:fb:33:e7:94:43:25:81:5c:e5:33:04:09:
eb:c8:c6:52:6e:2b:6c:5a:57:06:bf:28:b4:64:94:0b:be:8a:
fd:94:aa:d2:79:c7:12:33:4a:08:31:24:71:cc:48:00:c8:4b:
c0:36:ef:e4:81:59:d5:8d:7f:5c:e0:14:e8:05:69:dc:1c:22:
0e:08:53:39:c6:b3:6d:f7:91:18:57:f1:19:55:1f:1c:6f:18:
b8:2a:d9:81:c8:bf:be:8f:44:97:be:3f:5a:16:4e:5e:d2:bb:
a5:b9:5f:ce
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBvOIg7YLkWxOXHwfkrTa9UZV7vYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwMjJaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyZTM0MjlmZWIxMWY2MzRhZjIyNzJmYjEwOTA5MjdiOTYxNTNmOGZhMzU5
MDYyMjk3OWU1YzAyZTg3ZjgzMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMg1wAlB2lRHpAnWoS9HL0JBqNeteyHcMWnumwsW6Y9w6zSq0C1Z0JbbeAA6
Z7hhmIGXlXkHQ6u21ebtGrn3gYtYEWdWgfBMHT6Ha4nfnb7Vsh5Ej4bUQ0S9hBZV
Dgm769TZ6eM8B8Bx/U0ulStqHFbtbq/ZnL/vuu96yo8xW7TFjagzTnbjZqZbc+vz
rgw3vN+CKl5slxQOnd6qBQ+Z489OP85puo0Ap/Fhz1B4WS+T6M/KksqAHF0vXwp0
zX/FjKL6OtggpB7r+kCMwCNKCG4GgmAer3DI7/W9QoWUc7zqvxSI1SK4u1J5oAgk
aAbamu+GrWwFPvEu+IjdZMzx1PUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR2jvtF
6Gj8beo8AIFzqVgs2I5YSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIwMjIzNDYtNjM4ZS00NTcwLThiMTktNWNmOWI0YzM3OGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099YDAN
BgkqhkiG9w0BAQsFAAOCAQEAT2GE74IwP17O5CYvb3qCnjiX3zvJo1N6RTbIGBwZ
C0hwZtht4KWWNf+eVuHvUC/x9q1Mp3rDUWKtw8BvujtxEukebFKuzxbrhiCzLuhN
/8t4bHQOWpInuMWOf1NU8Sc5TamQt1wRWbF4WUJm9JWw/FjjbKMpeOxCyrQhSYpk
dxmyYl39HHYjaMHH23PPzV7FsHL4Zl79+zPnlEMlgVzlMwQJ68jGUm4rbFpXBr8o
tGSUC76K/ZSq0nnHEjNKCDEkccxIAMhLwDbv5IFZ1Y1/XOAU6AVp3BwiDghTOcaz
bfeRGFfxGVUfHG8YuCrZgci/vo9El74/WhZOXtK7pblfzg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:39:26 2025 by rpki-client