Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ee0a48b-ba88-465e-9e42-d0732351f46e.roa
File: 9ee0a48b-ba88-465e-9e42-d0732351f46e.roa (raw, json)
Hash identifier: Dhh7edUuXd/hM2roz2/EXcjroyIFzRQ/+aeK4CYSt2Q=
Subject key identifier: E9:E9:A5:FA:AB:E7:35:45:F3:FA:54:FC:F9:0C:86:0C:04:A3:22:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D216E4257909499C095C644CA518904705DFA62
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ee0a48b-ba88-465e-9e42-d0732351f46e.roa
Signing time: Tue 17 Jun 2025 00:50:07 +0000
ROA not before: Tue 17 Jun 2025 00:50:07 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.112.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:21:6e:42:57:90:94:99:c0:95:c6:44:ca:51:89:04:70:5d:fa:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:50:07 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=f876ee1c411c21b2912ffe4939c6a493ca0afcca1af197bd7c4f2201d0b9b3bf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a0:b4:5a:29:0c:47:f6:63:88:72:7e:e2:7f:
0a:56:15:18:93:24:57:86:dd:34:f5:6a:60:86:7c:
48:68:16:47:70:0b:69:5d:aa:2d:8a:d8:ce:61:a1:
eb:fc:06:5a:65:e4:2b:5b:a8:7f:16:a1:20:07:1c:
fe:22:ac:2f:3f:31:e8:22:40:6f:96:b5:e6:99:0e:
bb:06:0c:b0:4c:f7:b3:63:e7:7d:cb:bc:13:e1:ab:
91:fd:29:b4:0b:c2:20:ee:d8:b7:7e:b0:cc:17:95:
2f:be:ec:d7:84:6d:26:48:84:49:20:8e:84:ad:f9:
6f:e0:fe:1d:7d:35:44:a5:86:53:15:af:1c:6c:20:
89:3e:ea:64:1e:8a:d2:0e:8c:7f:bc:cf:c7:f5:f0:
7a:38:1d:0e:15:01:65:57:33:3c:8e:4c:67:ea:ce:
e1:78:98:21:b6:53:67:30:6f:a2:47:3e:dd:b9:38:
b2:4b:71:15:3e:c9:21:93:f7:3f:99:23:30:ef:1a:
1a:a4:87:b6:cc:5f:be:4a:aa:d3:a1:99:d7:7b:21:
36:79:fa:c0:11:9f:2d:70:91:6b:3f:b8:2e:84:4e:
8e:e8:d7:f4:2d:f7:ef:2e:8a:2f:7f:56:91:b7:56:
93:7f:66:dd:47:83:4e:c3:72:5f:e7:d0:3b:bc:d8:
0f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:E9:A5:FA:AB:E7:35:45:F3:FA:54:FC:F9:0C:86:0C:04:A3:22:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ee0a48b-ba88-465e-9e42-d0732351f46e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.112.0/20
Signature Algorithm: sha256WithRSAEncryption
18:eb:54:5a:af:0b:62:db:45:ef:00:fd:9a:e1:f3:be:a4:57:
65:7b:86:a3:bd:74:dc:18:de:8e:28:16:2f:da:69:97:77:a5:
6d:3c:f1:d9:4b:6d:4f:ea:c7:d6:e3:18:4c:40:18:95:7e:81:
01:96:d3:22:1f:d2:37:a9:76:51:f6:f9:12:af:39:c7:81:cd:
bc:c9:da:6c:4e:8d:ec:a4:0b:65:68:bd:69:95:da:22:61:44:
b9:d3:77:c0:5d:12:98:bd:9c:88:d8:a8:10:f1:f0:07:82:3a:
ca:f3:7f:a9:9e:5c:7f:3c:7f:25:84:9e:c3:cb:40:af:b5:90:
ac:06:06:7d:6f:08:fe:de:b8:c1:4f:21:69:b9:d9:fb:09:22:
92:21:17:6b:8e:fb:c8:1f:95:84:89:15:a9:d1:0e:44:f4:25:
03:04:a0:38:2f:38:00:dd:66:6b:2a:ec:d4:f3:03:63:29:87:
2c:20:06:9a:e6:15:65:7d:35:82:67:f5:bd:12:47:a9:0e:f1:
9e:88:f9:79:20:fb:4e:13:c1:f2:17:81:7e:f7:0b:f9:d7:b9:
86:07:7d:b5:59:47:a6:1e:c3:fd:48:65:9b:5e:ff:0b:93:8e:
8d:c8:68:8d:4a:16:8f:0c:87:be:53:0d:e1:37:3e:f2:44:03:
32:63:ec:e5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTSFuQleQlJnAlcZEylGJBHBd+mIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDUwMDdaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4NzZlZTFjNDExYzIxYjI5MTJmZmU0OTM5YzZhNDkzY2EwYWZjY2ExYWYx
OTdiZDdjNGYyMjAxZDBiOWIzYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSgtFopDEf2Y4hyfuJ/ClYVGJMkV4bdNPVqYIZ8SGgWR3ALaV2qLYrYzmGh
6/wGWmXkK1uofxahIAcc/iKsLz8x6CJAb5a15pkOuwYMsEz3s2Pnfcu8E+Grkf0p
tAvCIO7Yt36wzBeVL77s14RtJkiESSCOhK35b+D+HX01RKWGUxWvHGwgiT7qZB6K
0g6Mf7zPx/XwejgdDhUBZVczPI5MZ+rO4XiYIbZTZzBvokc+3bk4sktxFT7JIZP3
P5kjMO8aGqSHtsxfvkqq06GZ13shNnn6wBGfLXCRaz+4LoROjujX9C337y6KL39W
kbdWk39m3UeDTsNyX+fQO7zYD0UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTp6aX6
q+c1RfP6VPz5DIYMBKMi1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVlMGE0OGItYmE4OC00NjVlLTllNDItZDA3MzIzNTFmNDZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBE99cDAN
BgkqhkiG9w0BAQsFAAOCAQEAGOtUWq8LYttF7wD9muHzvqRXZXuGo7103BjejigW
L9ppl3elbTzx2UttT+rH1uMYTEAYlX6BAZbTIh/SN6l2Ufb5Eq85x4HNvMnabE6N
7KQLZWi9aZXaImFEudN3wF0SmL2ciNioEPHwB4I6yvN/qZ5cfzx/JYSew8tAr7WQ
rAYGfW8I/t64wU8habnZ+wkikiEXa477yB+VhIkVqdEORPQlAwSgOC84AN1mayrs
1PMDYymHLCAGmuYVZX01gmf1vRJHqQ7xnoj5eSD7ThPB8heBfvcL+de5hgd9tVlH
ph7D/Uhlm17/C5OOjchojUoWjwyHvlMN4Tc+8kQDMmPs5Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:57:53 2025 by rpki-client