Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
File: 5326a6e7-9660-4ae8-a80a-996863be862e.roa (raw, json)
Hash identifier: bufwy397W3gSl46g2M2GQePc1v4DpTVGCX+gqY7Xr14=
Subject key identifier: 1C:25:EE:85:4F:B3:53:31:9A:44:BC:39:9F:09:96:53:33:7A:1E:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 464BC1F3EEF94F97562D44DA59424E383125794F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
Signing time: Mon 28 Apr 2025 15:50:16 +0000
ROA not before: Mon 28 Apr 2025 15:50:16 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:4b:c1:f3:ee:f9:4f:97:56:2d:44:da:59:42:4e:38:31:25:79:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:50:16 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=db440bfcf9fb07c7081857c0adb11aaa2691f8ece898884504fca00c796627a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:87:fc:7a:a2:bb:49:26:ee:30:f2:a8:4a:8d:
3d:97:7d:0d:94:b0:28:ad:f3:26:12:08:a9:ab:e7:
57:c8:4d:42:38:c1:c7:15:25:2f:e8:a1:5e:b8:1a:
49:b6:92:93:f1:c5:fd:6f:27:b5:00:42:dc:e0:50:
07:78:9c:1b:e1:10:4d:6c:05:b8:30:7a:2b:77:05:
9f:6d:30:7e:be:df:c2:0c:e1:92:e6:45:59:8e:e3:
8c:12:67:2a:ba:52:b4:41:85:ec:fb:28:7d:62:d6:
99:58:0d:19:78:fe:99:a3:36:ac:1f:a2:bd:7e:74:
f2:b7:30:c0:34:49:73:8e:52:21:8f:37:00:f5:9f:
30:fa:a5:0c:ca:29:76:af:d6:8e:40:31:cc:74:89:
bf:ae:5f:fd:94:ce:ca:81:6e:87:34:62:ea:35:03:
0a:2b:90:a0:aa:6e:e5:b1:86:c4:89:d6:04:54:90:
38:cc:c7:6e:08:0f:5e:a7:28:e5:a9:a8:bf:1d:1d:
aa:f9:37:38:ec:b4:7b:1e:01:5d:79:9a:60:3c:7c:
9d:0a:dd:b5:8d:50:7c:e6:69:68:a0:87:bf:28:2d:
34:d2:15:ab:54:02:7b:86:fc:8b:43:0c:84:63:65:
8e:bd:3c:04:f4:2a:23:6c:f3:b8:d2:a3:e1:48:59:
4f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:25:EE:85:4F:B3:53:31:9A:44:BC:39:9F:09:96:53:33:7A:1E:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.64.0/19
Signature Algorithm: sha256WithRSAEncryption
49:27:32:21:82:67:00:b3:b2:12:57:ec:df:81:9f:e6:86:91:
19:7b:a5:c7:c3:51:3d:7e:f2:f6:9f:0a:7a:f0:cc:ac:55:5e:
1e:cc:bd:1c:5f:8f:c5:42:7c:97:5b:5d:82:79:69:0c:9e:07:
b2:61:d6:5b:82:6c:e9:1b:a0:98:63:6a:a7:d6:6a:15:67:f9:
88:29:18:c0:b0:ac:26:67:ff:a1:b1:c6:04:1b:5f:b8:c4:86:
d2:4b:1b:40:b1:26:9b:e3:5a:c5:3b:5f:c4:52:34:64:b7:39:
86:2e:cc:1e:d3:b5:5e:e3:0d:33:a1:ca:f2:73:65:89:49:6f:
e3:85:47:fb:6b:ff:44:e1:5e:4b:08:b8:8e:1a:12:2d:b1:3f:
1a:d8:46:09:d1:ad:40:d3:95:77:de:6a:f5:ce:08:6d:a9:ff:
b3:24:65:95:9a:61:84:42:57:bd:82:b7:8b:11:8b:24:99:1f:
67:98:f7:85:e8:df:34:ed:7a:54:af:55:20:37:56:8e:ab:ac:
58:2c:b7:f0:f4:2e:e3:91:84:14:54:d2:e7:4a:61:7c:80:23:
26:c8:ea:9f:db:8d:d6:22:8d:e4:af:d3:40:0c:d2:34:fd:9a:
71:69:52:b1:af:de:35:c6:7c:03:5a:59:cf:55:d6:e6:82:09:
45:50:a7:66
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURkvB8+75T5dWLUTaWUJOODEleU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTUwMTZaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiNDQwYmZjZjlmYjA3YzcwODE4NTdjMGFkYjExYWFhMjY5MWY4ZWNlODk4
ODg0NTA0ZmNhMDBjNzk2NjI3YTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJqH/Hqiu0km7jDyqEqNPZd9DZSwKK3zJhIIqavnV8hNQjjBxxUlL+ihXrga
SbaSk/HF/W8ntQBC3OBQB3icG+EQTWwFuDB6K3cFn20wfr7fwgzhkuZFWY7jjBJn
KrpStEGF7PsofWLWmVgNGXj+maM2rB+ivX508rcwwDRJc45SIY83APWfMPqlDMop
dq/WjkAxzHSJv65f/ZTOyoFuhzRi6jUDCiuQoKpu5bGGxInWBFSQOMzHbggPXqco
5amovx0dqvk3OOy0ex4BXXmaYDx8nQrdtY1QfOZpaKCHvygtNNIVq1QCe4b8i0MM
hGNljr08BPQqI2zzuNKj4UhZT2MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQcJe6F
T7NTMZpEvDmfCZZTM3oe+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMyNmE2ZTctOTY2MC00YWU4LWE4MGEtOTk2ODYzYmU4NjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99QDAN
BgkqhkiG9w0BAQsFAAOCAQEASScyIYJnALOyElfs34Gf5oaRGXulx8NRPX7y9p8K
evDMrFVeHsy9HF+PxUJ8l1tdgnlpDJ4HsmHWW4Js6RugmGNqp9ZqFWf5iCkYwLCs
Jmf/obHGBBtfuMSG0ksbQLEmm+NaxTtfxFI0ZLc5hi7MHtO1XuMNM6HK8nNliUlv
44VH+2v/ROFeSwi4jhoSLbE/GthGCdGtQNOVd95q9c4Iban/syRllZphhEJXvYK3
ixGLJJkfZ5j3hejfNO16VK9VIDdWjqusWCy38PQu45GEFFTS50phfIAjJsjqn9uN
1iKN5K/TQAzSNP2acWlSsa/eNcZ8A1pZz1XW5oIJRVCnZg==
-----END CERTIFICATE-----
Generated at Wed May 7 12:10:38 2025 by rpki-client