Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
File: 332d3a7e-56bb-435c-b479-a81f23cb0414.roa (raw, json)
Hash identifier: jo35lOtvXY5HrOnKH1LZkIiY6WNgYhqIp+PS2Fhs7Tw=
Subject key identifier: AA:AD:30:3E:22:10:CD:B4:08:A2:1D:42:68:AD:B6:16:C3:BE:47:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 497FE101CF1D3FCF7B69A89D694135E52362A131
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
Signing time: Mon 28 Apr 2025 15:50:09 +0000
ROA not before: Mon 28 Apr 2025 15:50:09 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:7f:e1:01:cf:1d:3f:cf:7b:69:a8:9d:69:41:35:e5:23:62:a1:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:50:09 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=8e614aa713890f94532a024df555028921bbee0b6fd9fa0d2cb4ad2c98490774, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:bb:9e:23:16:62:b8:af:aa:2c:78:5f:e4:f2:
6a:b1:b4:cb:f0:cb:48:86:af:87:62:03:83:98:ed:
d5:f2:02:4d:d8:ac:28:70:d2:cf:2e:64:80:dd:a1:
6d:9d:64:60:ee:23:29:8a:0a:5a:9c:65:9a:b5:24:
5d:07:78:a7:3f:9c:21:e6:18:12:dc:54:e3:06:3c:
98:34:02:22:62:98:96:23:e1:00:0d:b2:9d:76:38:
74:eb:83:94:70:6e:2c:0d:9d:7c:5d:0f:b2:87:ce:
ff:a2:af:3b:73:c4:60:c0:9f:2c:c1:15:6e:51:7a:
c9:0f:e8:75:55:21:19:88:1e:bf:59:e0:e0:6c:64:
63:9f:99:e6:70:94:28:25:be:0c:f3:8c:61:f3:72:
14:6e:54:8f:6a:bf:80:cf:36:a1:bb:cc:82:27:5b:
20:c8:4f:21:96:6d:3a:e2:da:f7:d9:ca:e6:3c:c8:
6d:5e:13:b0:61:e1:f0:77:71:fa:80:34:48:e6:11:
99:1e:59:b8:36:f9:70:ae:e2:64:3f:66:1f:53:43:
20:cc:60:74:c4:3d:83:2e:be:df:72:09:bd:53:a1:
6f:75:74:74:c3:ea:09:c9:92:5c:0f:d9:91:ef:13:
da:20:75:09:83:93:49:c2:a4:05:14:c9:6f:c9:cb:
62:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:AD:30:3E:22:10:CD:B4:08:A2:1D:42:68:AD:B6:16:C3:BE:47:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.28.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:45:41:93:79:5d:af:67:03:55:c7:d3:8e:3a:70:19:0f:00:
13:b5:0a:a5:f8:77:dd:2e:10:3e:b6:26:29:85:fe:27:94:ac:
7a:5c:47:83:ed:4e:8f:1c:bc:b7:ea:6d:97:57:b3:5a:97:ef:
aa:85:05:44:28:81:17:8c:4c:04:b2:3f:a2:35:3f:9d:95:59:
a9:cf:31:6c:f9:05:67:ed:24:5e:79:83:7b:b1:b5:19:22:ea:
c4:01:39:75:f9:24:23:c2:11:66:bf:c1:37:a3:9f:ee:04:6c:
64:ed:e6:e8:b8:9c:05:98:5b:e9:e2:31:75:3e:03:0c:8b:bf:
f8:23:91:16:bf:f0:a9:6c:b4:61:10:39:b1:d9:be:8f:5b:4a:
d1:f3:1f:19:4a:d3:fc:fe:64:6f:ef:48:ea:d8:a1:05:53:02:
e0:62:ba:15:78:55:86:40:5b:50:0a:42:06:5e:be:07:c2:00:
8a:d2:15:15:a7:25:e5:f8:c1:91:db:71:10:64:e7:8e:9e:76:
6a:1a:dc:06:79:a3:7b:8e:08:6c:f3:9e:e1:f5:ff:e0:9a:38:
66:09:30:fb:ec:95:28:a9:0f:e4:c6:a7:f8:a0:05:91:eb:bb:
5b:6e:ce:ca:60:57:36:2b:fa:3f:8d:08:89:bf:0a:a9:d3:64:
09:5b:af:56
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSX/hAc8dP897aaidaUE15SNioTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTUwMDlaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlNjE0YWE3MTM4OTBmOTQ1MzJhMDI0ZGY1NTUwMjg5MjFiYmVlMGI2ZmQ5
ZmEwZDJjYjRhZDJjOTg0OTA3NzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPq7niMWYrivqix4X+TyarG0y/DLSIavh2IDg5jt1fICTdisKHDSzy5kgN2h
bZ1kYO4jKYoKWpxlmrUkXQd4pz+cIeYYEtxU4wY8mDQCImKYliPhAA2ynXY4dOuD
lHBuLA2dfF0PsofO/6KvO3PEYMCfLMEVblF6yQ/odVUhGYgev1ng4GxkY5+Z5nCU
KCW+DPOMYfNyFG5Uj2q/gM82obvMgidbIMhPIZZtOuLa99nK5jzIbV4TsGHh8Hdx
+oA0SOYRmR5ZuDb5cK7iZD9mH1NDIMxgdMQ9gy6+33IJvVOhb3V0dMPqCcmSXA/Z
ke8T2iB1CYOTScKkBRTJb8nLYh8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSqrTA+
IhDNtAiiHUJorbYWw75H7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzMyZDNhN2UtNTZiYi00MzVjLWI0NzktYTgxZjIzY2IwNDE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99HDAN
BgkqhkiG9w0BAQsFAAOCAQEAa0VBk3ldr2cDVcfTjjpwGQ8AE7UKpfh33S4QPrYm
KYX+J5SselxHg+1Ojxy8t+ptl1ezWpfvqoUFRCiBF4xMBLI/ojU/nZVZqc8xbPkF
Z+0kXnmDe7G1GSLqxAE5dfkkI8IRZr/BN6Of7gRsZO3m6LicBZhb6eIxdT4DDIu/
+CORFr/wqWy0YRA5sdm+j1tK0fMfGUrT/P5kb+9I6tihBVMC4GK6FXhVhkBbUApC
Bl6+B8IAitIVFacl5fjBkdtxEGTnjp52ahrcBnmje44IbPOe4fX/4Jo4Zgkw++yV
KKkP5Man+KAFkeu7W27OymBXNiv6P40Iib8KqdNkCVuvVg==
-----END CERTIFICATE-----
Generated at Mon May 5 23:31:09 2025 by rpki-client