Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
File: 5326a6e7-9660-4ae8-a80a-996863be862e.roa (raw, json)
Hash identifier: UcspoMYUeEgm1S+Ff6cIatK0zXK8dYXvK5oAq5h8VVo=
Subject key identifier: 23:DC:8B:F6:34:1F:F8:F5:A6:C5:69:76:D1:88:7F:BD:DA:79:C0:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0CF603D5AEC841E40B0EA8F3E66CF44E608BAAEC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
Signing time: Tue 17 Jun 2025 00:50:08 +0000
ROA not before: Tue 17 Jun 2025 00:50:08 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:f6:03:d5:ae:c8:41:e4:0b:0e:a8:f3:e6:6c:f4:4e:60:8b:aa:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:50:08 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=f5f97461d2ad3e0cac17ac9ff70dc46f5c2e900cdd9d9e3a00158ee4fcaca9c5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:be:40:28:d6:8a:b7:3c:9c:42:49:c6:3c:ce:
8c:c8:2b:44:72:1a:26:37:64:ca:b3:f0:86:02:d9:
a9:07:35:9d:58:ee:5c:20:33:05:f3:42:9e:4a:ce:
c1:8f:dd:4e:24:d3:23:e7:6e:36:21:43:8c:ea:37:
25:10:c2:98:93:d0:cf:9d:b5:b0:12:d8:5a:33:17:
f7:89:e6:38:90:4d:84:1a:98:b2:c8:d1:ef:33:e1:
e9:0c:93:9c:17:68:2b:a0:4f:05:70:63:3f:74:25:
43:e7:57:d4:78:ad:43:57:b9:11:1a:1d:2b:a5:1b:
3f:b8:9a:95:30:fe:c1:f1:c5:df:0c:16:cd:ec:00:
22:a3:53:36:0b:02:f1:6d:aa:b6:26:37:c3:d9:3f:
52:44:0c:1f:7c:98:7f:4c:fb:13:83:2a:77:ba:41:
5c:9a:b5:9c:0d:93:11:f2:74:22:1f:23:47:66:32:
ff:71:38:c0:53:81:98:1c:ba:ba:fa:c5:f6:1e:32:
6c:20:6c:b3:96:dd:0b:c2:2d:b3:05:27:50:59:f7:
13:e4:b3:8f:2a:95:43:e8:ce:20:76:ef:ca:93:db:
46:ff:2e:60:7c:c3:50:cc:ad:ba:ae:ef:52:80:20:
ec:16:10:4a:5b:57:db:be:0d:25:a2:9c:63:f2:fc:
8d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:DC:8B:F6:34:1F:F8:F5:A6:C5:69:76:D1:88:7F:BD:DA:79:C0:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.64.0/19
Signature Algorithm: sha256WithRSAEncryption
15:8a:f4:21:17:17:72:51:ed:1b:aa:5c:70:ff:42:49:d7:37:
8d:f8:09:d7:91:a2:a1:2c:93:40:af:cf:7a:4e:45:78:31:2e:
55:e8:0a:6b:e7:cc:53:92:1f:e0:d7:5d:fc:e2:3b:6a:71:c9:
eb:73:7a:30:9e:77:34:3d:54:ad:73:85:54:fd:f9:a9:14:ab:
a8:8c:b0:e7:4d:0e:9f:cf:e8:c0:35:a3:0b:4e:3b:f7:30:c8:
d0:cb:0d:59:03:49:d3:b0:af:44:0b:26:01:3a:92:9b:b3:e9:
55:d6:4d:de:79:fd:d1:f2:8e:a2:8f:2f:ad:0f:ea:4b:d2:7e:
4f:4c:87:f4:b0:02:f9:6a:66:49:c2:93:e4:d3:8d:cb:5a:15:
f7:e6:54:13:5a:e2:1e:c4:6c:8a:0b:77:e0:0a:ad:93:04:18:
18:e6:59:a6:28:20:fd:3e:f0:f3:93:64:11:d7:98:34:d8:de:
83:c7:fc:a1:fb:c1:05:93:0e:28:d3:74:fd:e2:92:23:c9:c6:
f3:79:03:5f:9c:0d:4c:91:7c:82:a6:b6:08:e3:1d:bf:45:4b:
31:42:b4:8a:f9:dd:1b:1e:37:f3:61:d4:16:7e:15:06:c1:b3:
ee:86:ca:5c:7b:7d:3f:47:3f:84:8e:2c:06:84:3b:29:b5:2d:
fa:e1:05:b2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDPYD1a7IQeQLDqjz5mz0TmCLquwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDUwMDhaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1Zjk3NDYxZDJhZDNlMGNhYzE3YWM5ZmY3MGRjNDZmNWMyZTkwMGNkZDlk
OWUzYTAwMTU4ZWU0ZmNhY2E5YzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALW+QCjWirc8nEJJxjzOjMgrRHIaJjdkyrPwhgLZqQc1nVjuXCAzBfNCnkrO
wY/dTiTTI+duNiFDjOo3JRDCmJPQz521sBLYWjMX94nmOJBNhBqYssjR7zPh6QyT
nBdoK6BPBXBjP3QlQ+dX1HitQ1e5ERodK6UbP7ialTD+wfHF3wwWzewAIqNTNgsC
8W2qtiY3w9k/UkQMH3yYf0z7E4Mqd7pBXJq1nA2TEfJ0Ih8jR2Yy/3E4wFOBmBy6
uvrF9h4ybCBss5bdC8ItswUnUFn3E+SzjyqVQ+jOIHbvypPbRv8uYHzDUMytuq7v
UoAg7BYQSltX274NJaKcY/L8jUMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQj3Iv2
NB/49abFaXbRiH+92nnAyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMyNmE2ZTctOTY2MC00YWU4LWE4MGEtOTk2ODYzYmU4NjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99QDAN
BgkqhkiG9w0BAQsFAAOCAQEAFYr0IRcXclHtG6pccP9CSdc3jfgJ15GioSyTQK/P
ek5FeDEuVegKa+fMU5If4Ndd/OI7anHJ63N6MJ53ND1UrXOFVP35qRSrqIyw500O
n8/owDWjC0479zDI0MsNWQNJ07CvRAsmATqSm7PpVdZN3nn90fKOoo8vrQ/qS9J+
T0yH9LAC+WpmScKT5NONy1oV9+ZUE1riHsRsigt34AqtkwQYGOZZpigg/T7w85Nk
EdeYNNjeg8f8ofvBBZMOKNN0/eKSI8nG83kDX5wNTJF8gqa2COMdv0VLMUK0ivnd
Gx4382HUFn4VBsGz7obKXHt9P0c/hI4sBoQ7KbUt+uEFsg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:22:34 2025 by rpki-client