Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
File: 5326a6e7-9660-4ae8-a80a-996863be862e.roa (raw, json)
Hash identifier: cdC8vbNygggqV0t6scPIjGy44knqLej8utWakomO4IU=
Subject key identifier: 95:D8:71:A0:8A:9B:4C:DD:BB:37:1F:05:52:7E:2E:5E:D9:08:AF:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C88C31D091DE54B76F93DA3EC5E29617501D589
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
Signing time: Fri 08 Aug 2025 00:31:09 +0000
ROA not before: Fri 08 Aug 2025 00:31:09 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:88:c3:1d:09:1d:e5:4b:76:f9:3d:a3:ec:5e:29:61:75:01:d5:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 8 00:31:09 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=15c17d7b9841d80bf4e66690c1923b50d6d1a76642ef190aca7a6d6156bbeb54, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:2d:27:3e:32:7f:66:88:6c:5c:0d:23:59:df:
52:d5:24:7a:16:6f:70:52:f8:77:53:c0:c8:75:7e:
07:2d:be:21:6e:32:ba:a3:0d:ed:f9:a6:84:9d:34:
ca:62:eb:33:73:18:fc:df:52:f7:20:d4:86:26:19:
53:72:b3:42:e8:0f:38:59:72:ba:6a:13:13:97:52:
78:5d:3d:d6:9f:b2:ee:dd:4b:39:25:99:89:8b:a0:
0d:d4:3e:73:9b:7d:68:4c:f3:24:a5:b5:ae:4c:6e:
c1:3b:fa:d7:9c:b3:3e:01:ba:e6:17:bb:37:ff:ce:
8c:c7:02:73:cc:17:55:b7:f0:ae:8c:36:48:6a:56:
99:59:8c:92:d9:56:78:25:ec:51:fb:69:5d:95:6c:
b0:13:d7:ad:3b:d5:6b:36:0c:c2:b1:15:8b:70:d1:
cc:cf:f8:2e:18:ba:1c:42:99:5e:c7:49:5c:41:8b:
e3:d4:62:43:22:ee:97:f6:39:8d:ff:ef:c4:86:8e:
9c:48:05:98:6d:8a:8a:8d:c4:4b:73:3b:f9:90:fb:
76:bd:9a:19:1e:60:37:ff:f2:77:37:b3:1e:0d:b4:
92:c9:d5:44:83:f8:cb:8d:78:fe:8f:f0:2f:d8:62:
00:04:fb:52:ee:3c:c7:41:02:6a:ca:1b:d2:f3:db:
62:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D8:71:A0:8A:9B:4C:DD:BB:37:1F:05:52:7E:2E:5E:D9:08:AF:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.64.0/19
Signature Algorithm: sha256WithRSAEncryption
95:0e:80:b9:6b:3c:ac:43:f6:0b:4f:6b:aa:de:c2:1c:cc:05:
27:05:61:d4:0c:90:95:77:e5:ac:b5:9d:8b:dc:57:6e:d4:72:
be:bc:df:63:e6:c7:d8:24:53:f0:04:be:68:7d:ad:1f:2f:54:
55:36:65:0d:52:48:a8:2c:15:99:14:fc:66:79:ff:97:21:26:
c6:ed:5b:ed:a6:35:14:34:9e:85:66:89:66:3d:10:2e:f6:40:
a7:41:49:0a:dd:79:f9:c0:80:7c:61:87:a7:df:1d:b6:eb:5d:
3c:c8:23:1b:80:d5:3c:e2:c2:6c:8a:d8:57:56:95:15:cd:29:
10:ea:aa:83:14:e5:a1:bf:ba:08:fb:5c:fc:ad:79:9d:18:9d:
37:f7:2a:17:48:56:01:88:ba:8a:76:5b:92:55:8f:02:9d:31:
4e:ff:71:38:cc:2a:e0:a4:ae:cb:b1:a6:0d:5b:3a:9e:ce:e5:
2c:29:0f:64:c6:3c:60:db:74:15:dd:11:80:5e:00:a9:4e:10:
ad:22:19:d6:7e:92:10:0b:cd:27:29:39:77:ee:04:13:9a:40:
50:b9:07:17:20:8e:75:ba:21:20:9d:41:ff:7f:59:ce:82:7a:
a0:58:ef:e8:3b:f5:36:5a:d4:82:6b:4b:fa:aa:e4:98:32:88:
7e:a4:41:77
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPIjDHQkd5Ut2+T2j7F4pYXUB1YkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDgwMDMxMDlaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1YzE3ZDdiOTg0MWQ4MGJmNGU2NjY5MGMxOTIzYjUwZDZkMWE3NjY0MmVm
MTkwYWNhN2E2ZDYxNTZiYmViNTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8tJz4yf2aIbFwNI1nfUtUkehZvcFL4d1PAyHV+By2+IW4yuqMN7fmmhJ00
ymLrM3MY/N9S9yDUhiYZU3KzQugPOFlyumoTE5dSeF091p+y7t1LOSWZiYugDdQ+
c5t9aEzzJKW1rkxuwTv615yzPgG65he7N//OjMcCc8wXVbfwrow2SGpWmVmMktlW
eCXsUftpXZVssBPXrTvVazYMwrEVi3DRzM/4Lhi6HEKZXsdJXEGL49RiQyLul/Y5
jf/vxIaOnEgFmG2Kio3ES3M7+ZD7dr2aGR5gN//ydzezHg20ksnVRIP4y414/o/w
L9hiAAT7Uu48x0ECasob0vPbYtUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSV2HGg
iptM3bs3HwVSfi5e2QivwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMyNmE2ZTctOTY2MC00YWU4LWE4MGEtOTk2ODYzYmU4NjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99QDAN
BgkqhkiG9w0BAQsFAAOCAQEAlQ6AuWs8rEP2C09rqt7CHMwFJwVh1AyQlXflrLWd
i9xXbtRyvrzfY+bH2CRT8AS+aH2tHy9UVTZlDVJIqCwVmRT8Znn/lyEmxu1b7aY1
FDSehWaJZj0QLvZAp0FJCt15+cCAfGGHp98dtutdPMgjG4DVPOLCbIrYV1aVFc0p
EOqqgxTlob+6CPtc/K15nRidN/cqF0hWAYi6inZbklWPAp0xTv9xOMwq4KSuy7Gm
DVs6ns7lLCkPZMY8YNt0Fd0RgF4AqU4QrSIZ1n6SEAvNJyk5d+4EE5pAULkHFyCO
dbohIJ1B/39ZzoJ6oFjv6Dv1NlrUgmtL+qrkmDKIfqRBdw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:54 2025 by rpki-client