Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
File: 332d3a7e-56bb-435c-b479-a81f23cb0414.roa (raw, json)
Hash identifier: TbKAJy7o0utbOU0wQMxwBvPt+OWiPj2vQwWX8CMLHX4=
Subject key identifier: 3D:53:22:75:FB:4D:67:15:B4:09:DC:03:71:53:66:35:12:82:A0:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13577CEB671CE70EA7AAE6E74A93FFA371985269
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
Signing time: Wed 06 Aug 2025 00:50:19 +0000
ROA not before: Wed 06 Aug 2025 00:50:19 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:57:7c:eb:67:1c:e7:0e:a7:aa:e6:e7:4a:93:ff:a3:71:98:52:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:19 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=1879b337a4c1332d1b59a70c6a77de152e1b8fd5e23ba9cf436efb0a4391b0ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:32:c7:98:cd:34:cf:68:f1:b5:75:d0:f1:c7:
12:a4:66:12:44:4b:9d:67:02:f6:88:4d:91:b1:6b:
5d:f4:7a:59:65:26:fd:5b:ed:c6:96:d7:7d:ed:ca:
a8:29:2d:cd:d9:b4:11:00:82:af:67:d9:00:4f:7a:
3c:3f:48:53:fa:2b:da:1a:7f:54:1e:e2:05:fb:56:
ee:c9:e6:01:50:fd:e7:ae:3f:59:fd:48:93:10:7c:
f0:bf:7b:18:46:ac:39:1f:f9:07:fd:1a:77:e8:21:
e9:87:ac:26:14:b0:a9:23:97:6e:35:6b:38:fd:b6:
b4:b5:63:f2:70:fe:fc:e7:16:78:69:06:be:73:e1:
0d:e1:3f:15:da:08:2e:5e:fa:32:f3:08:aa:27:c2:
e9:f8:09:aa:c6:90:4e:ce:51:d1:6f:40:c9:8e:a3:
07:4a:b8:80:90:2a:53:4a:03:34:33:a6:47:0b:ba:
7f:2a:0c:0a:cc:fa:6d:ea:8b:3f:29:63:dc:7a:5e:
5a:b6:56:1d:15:14:75:35:a2:63:b8:75:36:a4:ad:
09:57:97:2f:18:06:b9:48:34:07:eb:70:84:8b:20:
74:8a:3d:87:46:f2:b9:5d:02:a6:a5:8e:77:23:31:
4b:57:c6:a4:98:88:78:fc:49:21:a3:ef:08:d2:d1:
33:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:53:22:75:FB:4D:67:15:B4:09:DC:03:71:53:66:35:12:82:A0:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.28.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:28:36:ab:b7:37:71:cd:b2:a1:d5:b5:d4:1e:46:b6:aa:4c:
54:84:05:0c:02:29:8d:23:0d:b8:47:43:39:7d:86:95:73:d0:
53:ab:00:71:b2:d4:ba:71:e3:6b:6d:a2:d2:5f:1c:4d:61:54:
fe:f3:28:90:2f:80:71:ca:bd:5c:e7:d8:b6:30:33:8c:7c:1b:
e3:b2:b0:98:67:aa:20:a3:90:20:24:5d:86:49:04:7f:29:02:
99:99:66:61:3d:79:b8:24:cb:f7:da:52:b8:21:4e:55:3c:8a:
18:e7:47:d0:1a:5a:03:fb:ff:b8:38:d5:6d:2a:9c:90:05:4b:
4d:92:06:d4:3c:ad:5d:9f:96:a3:05:c3:a3:1f:77:be:c2:61:
69:1f:a3:fa:b4:0a:6e:b8:f2:15:0b:88:fa:9b:d2:49:ca:9a:
47:24:4e:7d:f4:1d:4d:ad:0d:1a:ec:e2:55:38:d5:9d:19:bb:
11:20:de:38:7b:57:e6:f4:c9:6d:b5:ca:2c:ad:ad:b0:a2:c2:
cf:ac:f4:7c:b1:a4:4e:8b:2c:f1:b7:a7:a8:82:e2:36:1c:18:
cb:8b:d2:7f:0b:78:da:0e:23:0a:64:45:52:dd:53:fc:0b:1c:
c7:35:62:c7:b1:cc:40:38:79:0d:7a:11:99:52:e6:91:c6:af:
9f:bb:97:bd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUE1d862cc5w6nqubnSpP/o3GYUmkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwMTlaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4NzliMzM3YTRjMTMzMmQxYjU5YTcwYzZhNzdkZTE1MmUxYjhmZDVlMjNi
YTljZjQzNmVmYjBhNDM5MWIwYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIoyx5jNNM9o8bV10PHHEqRmEkRLnWcC9ohNkbFrXfR6WWUm/VvtxpbXfe3K
qCktzdm0EQCCr2fZAE96PD9IU/or2hp/VB7iBftW7snmAVD9564/Wf1IkxB88L97
GEasOR/5B/0ad+gh6YesJhSwqSOXbjVrOP22tLVj8nD+/OcWeGkGvnPhDeE/FdoI
Ll76MvMIqifC6fgJqsaQTs5R0W9AyY6jB0q4gJAqU0oDNDOmRwu6fyoMCsz6beqL
Pylj3HpeWrZWHRUUdTWiY7h1NqStCVeXLxgGuUg0B+twhIsgdIo9h0byuV0CpqWO
dyMxS1fGpJiIePxJIaPvCNLRM20CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ9UyJ1
+01nFbQJ3ANxU2Y1EoKgozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzMyZDNhN2UtNTZiYi00MzVjLWI0NzktYTgxZjIzY2IwNDE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99HDAN
BgkqhkiG9w0BAQsFAAOCAQEAOyg2q7c3cc2yodW11B5GtqpMVIQFDAIpjSMNuEdD
OX2GlXPQU6sAcbLUunHja22i0l8cTWFU/vMokC+Accq9XOfYtjAzjHwb47KwmGeq
IKOQICRdhkkEfykCmZlmYT15uCTL99pSuCFOVTyKGOdH0BpaA/v/uDjVbSqckAVL
TZIG1DytXZ+WowXDox93vsJhaR+j+rQKbrjyFQuI+pvSScqaRyROffQdTa0NGuzi
VTjVnRm7ESDeOHtX5vTJbbXKLK2tsKLCz6z0fLGkToss8benqILiNhwYy4vSfwt4
2g4jCmRFUt1T/AscxzVix7HMQDh5DXoRmVLmkcavn7uXvQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:10 2025 by rpki-client