Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
File: 4cdfefba-9573-485f-8040-202e038ebf78.roa (raw, json)
Hash identifier: PuFoMbqL4B7Z9j/mPCtVfylbe7AAZPhMhxqgLn/tXaY=
Subject key identifier: 10:1B:FE:39:84:96:C7:9A:6B:9A:93:10:12:CA:07:77:B2:8D:48:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A5CC67195B8D44B8CA8042F8FDC8BF6FF6BF6BC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
Signing time: Wed 06 Aug 2025 00:50:20 +0000
ROA not before: Wed 06 Aug 2025 00:50:20 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.8.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:5c:c6:71:95:b8:d4:4b:8c:a8:04:2f:8f:dc:8b:f6:ff:6b:f6:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:20 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=8b7dd99fcd084c23e34628435f3ae5ead655d94ee79d7c4d23f00ac3bf8fd2cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:55:8d:eb:cd:8b:8e:ee:f7:3d:15:20:6d:47:
b3:d2:fa:b2:43:15:da:9c:e7:f3:c3:9b:f9:74:f4:
6f:36:7b:1a:d2:af:54:f6:4d:24:62:61:04:d8:07:
c3:84:1d:99:e0:5c:2e:06:00:05:25:61:25:dc:82:
b3:68:9d:12:b9:df:9f:86:96:61:88:45:11:92:79:
3f:bb:fc:d3:17:52:88:dc:1e:78:1d:4a:62:ad:46:
e2:b6:57:54:29:47:5e:98:37:b2:92:10:a7:9b:cc:
55:d7:b6:53:89:ee:81:6d:d5:ef:0c:c6:31:4b:54:
00:cf:a7:cd:d2:d5:54:6c:22:fa:89:36:d0:43:89:
c5:a4:93:e3:55:5c:00:e6:72:52:6e:24:18:07:16:
68:f6:c3:9e:33:70:e6:ca:1a:dc:30:50:cc:79:a6:
39:c2:10:b2:c0:dc:5f:5f:11:c3:12:91:a2:ac:ec:
1a:fc:0b:3c:67:31:e4:76:1c:75:0b:1e:d3:cc:86:
bc:5c:a4:de:b6:cf:b1:9e:be:33:1c:af:5b:bc:45:
9b:75:93:6a:75:bd:79:30:ed:5f:2a:7a:0b:5a:df:
e9:59:0e:a6:e4:d1:2e:f2:59:f7:f7:6f:f6:3c:3f:
b2:12:b5:fb:0a:5c:67:35:2a:81:a9:94:3a:74:33:
77:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:1B:FE:39:84:96:C7:9A:6B:9A:93:10:12:CA:07:77:B2:8D:48:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.8.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:11:86:91:f2:c9:1e:4f:95:56:a4:b2:52:25:96:5c:3b:29:
46:42:ce:03:5d:72:4b:cf:fd:35:1d:7c:a2:c7:c4:24:a1:b2:
7d:ce:a5:c0:04:92:7e:3b:d8:a3:5f:91:66:10:ba:53:86:99:
ef:52:10:ab:8c:80:ef:c2:dc:9c:52:06:84:3e:29:a8:13:45:
50:7e:2f:56:b0:e3:95:86:a0:0f:7f:37:70:40:d7:bc:e0:4b:
39:bc:97:05:31:74:99:42:77:d4:28:a5:73:f3:d6:d8:59:85:
a6:52:3d:d6:52:63:ad:89:9c:35:53:f0:c5:71:5c:ed:8c:df:
a0:c0:b7:48:26:2c:04:e7:94:b1:72:a2:5d:9a:02:e8:79:5a:
a5:e4:f3:5f:80:fa:61:6c:de:fc:4a:51:f5:10:09:81:02:c2:
64:d2:c8:3b:2a:05:bf:c6:55:45:3f:86:fd:38:98:cd:00:76:
69:5b:35:cf:7b:72:5f:04:03:cf:1a:fd:a4:c8:62:4f:46:2d:
91:33:3a:5e:be:f5:79:a4:ab:01:bd:21:a4:29:c6:80:6f:11:
e7:37:c0:da:25:19:23:2d:fb:43:85:fb:62:dc:43:08:a0:c1:
c9:80:56:e6:41:c7:63:69:91:7f:25:63:7f:e1:d9:9b:e7:a8:
0b:10:0a:43
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKlzGcZW41EuMqAQvj9yL9v9r9rwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwMjBaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiN2RkOTlmY2QwODRjMjNlMzQ2Mjg0MzVmM2FlNWVhZDY1NWQ5NGVlNzlk
N2M0ZDIzZjAwYWMzYmY4ZmQyY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANhVjevNi47u9z0VIG1Hs9L6skMV2pzn88Ob+XT0bzZ7GtKvVPZNJGJhBNgH
w4QdmeBcLgYABSVhJdyCs2idErnfn4aWYYhFEZJ5P7v80xdSiNweeB1KYq1G4rZX
VClHXpg3spIQp5vMVde2U4nugW3V7wzGMUtUAM+nzdLVVGwi+ok20EOJxaST41Vc
AOZyUm4kGAcWaPbDnjNw5soa3DBQzHmmOcIQssDcX18RwxKRoqzsGvwLPGcx5HYc
dQse08yGvFyk3rbPsZ6+MxyvW7xFm3WTanW9eTDtXyp6C1rf6VkOpuTRLvJZ9/dv
9jw/shK1+wpcZzUqgamUOnQzd8UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQQG/45
hJbHmmuakxASygd3so1I8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNkZmVmYmEtOTU3My00ODVmLTgwNDAtMjAyZTAzOGViZjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099CDAN
BgkqhkiG9w0BAQsFAAOCAQEAihGGkfLJHk+VVqSyUiWWXDspRkLOA11yS8/9NR18
osfEJKGyfc6lwASSfjvYo1+RZhC6U4aZ71IQq4yA78LcnFIGhD4pqBNFUH4vVrDj
lYagD383cEDXvOBLObyXBTF0mUJ31Cilc/PW2FmFplI91lJjrYmcNVPwxXFc7Yzf
oMC3SCYsBOeUsXKiXZoC6HlapeTzX4D6YWze/EpR9RAJgQLCZNLIOyoFv8ZVRT+G
/TiYzQB2aVs1z3tyXwQDzxr9pMhiT0YtkTM6Xr71eaSrAb0hpCnGgG8R5zfA2iUZ
Iy37Q4X7YtxDCKDByYBW5kHHY2mRfyVjf+HZm+eoCxAKQw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:58 2025 by rpki-client