Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
File: 332d3a7e-56bb-435c-b479-a81f23cb0414.roa (raw, json)
Hash identifier: WiGtFOxtiX/UtW6gWlSDK0tbarlp+tdnlWNkmrvFRtU=
Subject key identifier: 68:4A:62:8C:00:BB:30:B3:ED:FD:56:C4:19:09:A7:11:98:18:5E:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79E5D31A51D3CA12E637E9BBBC4817C0C94EDFDC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
Signing time: Tue 17 Jun 2025 00:40:19 +0000
ROA not before: Tue 17 Jun 2025 00:40:19 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:e5:d3:1a:51:d3:ca:12:e6:37:e9:bb:bc:48:17:c0:c9:4e:df:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:19 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=88463332b80874f486336711ca587d5383ca45d3fa0e9902ffa76378720f849a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:84:fe:c7:07:ad:91:25:9e:3b:71:25:2a:01:
fe:93:eb:72:e3:87:38:c1:b1:1b:fd:f8:42:c8:ae:
29:71:d9:8c:4e:0d:49:89:af:bf:83:a7:bd:27:78:
12:de:e3:3d:ab:4b:f3:6c:c7:a0:c7:d8:4f:de:8f:
b2:47:42:84:72:bd:9a:45:fa:87:02:10:de:46:16:
57:5b:34:b9:e3:8e:38:f3:85:fa:e3:6e:df:81:e3:
57:a5:d8:61:26:17:73:d2:4a:b9:1b:99:30:f8:dc:
85:ec:ae:b9:cb:d2:b4:ad:c6:3e:5c:27:66:64:fa:
10:4d:1e:81:67:0a:85:13:2b:00:06:ca:fd:2c:20:
15:87:9d:2b:d9:ed:04:a1:a2:07:a4:f1:14:18:55:
d0:b6:f8:7e:25:1e:27:6a:a4:4a:2f:66:18:b0:e2:
19:80:70:2b:e3:7d:4b:07:55:33:ef:69:4c:be:d2:
e1:3c:7e:99:1b:9e:b7:c4:2b:a9:5a:f4:06:5c:fc:
c4:2a:53:11:dd:f5:e9:01:7e:65:2e:52:9d:15:02:
a6:3e:ca:a8:9e:22:f4:71:fe:d4:2c:ec:9d:f4:20:
55:71:8a:a9:6c:5b:5c:99:d7:66:e7:00:de:de:6d:
47:e7:9f:c9:df:35:46:72:25:d5:59:3a:45:87:37:
5d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:4A:62:8C:00:BB:30:B3:ED:FD:56:C4:19:09:A7:11:98:18:5E:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.28.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:d2:fc:29:d5:82:68:8b:ac:a8:f1:51:6b:51:83:a8:35:54:
1f:4f:75:ae:f0:9b:6e:8f:64:e5:72:a7:09:5a:cd:0b:df:8f:
0a:5d:01:bf:c8:e6:91:d2:ec:1a:e0:ac:ac:29:ec:e3:24:80:
da:f4:7a:36:2f:d1:a3:c3:d5:b6:55:f1:1f:70:2d:e8:cf:d0:
04:9c:5c:61:03:96:35:7b:cd:e0:98:0b:de:99:e9:cb:f2:16:
70:36:9b:d8:3f:e7:56:2a:91:0e:d3:b7:44:60:5c:71:d5:e0:
23:25:57:97:1f:de:62:5a:2a:3e:1a:53:bd:eb:f1:51:63:fb:
5e:48:28:bd:14:84:7e:54:ba:d6:9d:3d:b2:ee:b3:40:ce:38:
7f:52:dd:c1:1c:78:58:6c:fe:dd:27:b4:fd:c9:12:02:34:b2:
d0:11:2c:06:9e:0f:af:b1:00:c1:43:5e:24:96:c3:53:44:28:
2b:94:32:3f:cd:8f:59:e2:2a:cb:d1:1e:8a:44:fe:f0:f5:aa:
89:1f:43:39:65:e2:b3:29:09:83:d7:5e:8d:ab:33:82:38:3d:
49:27:8c:c3:8a:a4:b2:08:12:24:bd:08:4f:c2:44:d9:12:0a:
79:ff:49:26:14:3d:34:22:b7:63:3e:30:de:07:1b:22:06:2f:
b5:51:67:23
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeeXTGlHTyhLmN+m7vEgXwMlO39wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwMTlaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4NDYzMzMyYjgwODc0ZjQ4NjMzNjcxMWNhNTg3ZDUzODNjYTQ1ZDNmYTBl
OTkwMmZmYTc2Mzc4NzIwZjg0OWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMiE/scHrZElnjtxJSoB/pPrcuOHOMGxG/34QsiuKXHZjE4NSYmvv4OnvSd4
Et7jPatL82zHoMfYT96PskdChHK9mkX6hwIQ3kYWV1s0ueOOOPOF+uNu34HjV6XY
YSYXc9JKuRuZMPjcheyuucvStK3GPlwnZmT6EE0egWcKhRMrAAbK/SwgFYedK9nt
BKGiB6TxFBhV0Lb4fiUeJ2qkSi9mGLDiGYBwK+N9SwdVM+9pTL7S4Tx+mRuet8Qr
qVr0Blz8xCpTEd316QF+ZS5SnRUCpj7KqJ4i9HH+1CzsnfQgVXGKqWxbXJnXZucA
3t5tR+efyd81RnIl1Vk6RYc3XYkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRoSmKM
ALsws+39VsQZCacRmBheHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzMyZDNhN2UtNTZiYi00MzVjLWI0NzktYTgxZjIzY2IwNDE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99HDAN
BgkqhkiG9w0BAQsFAAOCAQEAstL8KdWCaIusqPFRa1GDqDVUH091rvCbbo9k5XKn
CVrNC9+PCl0Bv8jmkdLsGuCsrCns4ySA2vR6Ni/Ro8PVtlXxH3At6M/QBJxcYQOW
NXvN4JgL3pnpy/IWcDab2D/nViqRDtO3RGBccdXgIyVXlx/eYloqPhpTvevxUWP7
XkgovRSEflS61p09su6zQM44f1LdwRx4WGz+3Se0/ckSAjSy0BEsBp4Pr7EAwUNe
JJbDU0QoK5QyP82PWeIqy9EeikT+8PWqiR9DOWXisykJg9dejaszgjg9SSeMw4qk
sggSJL0IT8JE2RIKef9JJhQ9NCK3Yz4w3gcbIgYvtVFnIw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:42 2025 by rpki-client