Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
File: c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa (raw, json)
Hash identifier: l4pHb2iB9PQvbT1kic3HTpgCn6geGu+eAWxr4CcJQow=
Subject key identifier: 6D:5B:A7:80:4E:C1:60:45:93:B0:A9:97:EA:2D:CC:0F:C2:CF:94:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20EF2A396839EC6D0B656172F0CC96E6661FD5E5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
Signing time: Fri 08 Aug 2025 00:31:09 +0000
ROA not before: Fri 08 Aug 2025 00:31:09 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:ef:2a:39:68:39:ec:6d:0b:65:61:72:f0:cc:96:e6:66:1f:d5:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 8 00:31:09 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=47cf975c8d6bddadd25687c97b4e274f896746e57a97968dddbb7dc69db70192, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:80:a3:6a:3c:21:c8:bd:5b:31:c6:6b:4a:42:
7f:b1:32:00:0f:b6:31:b4:18:22:09:d9:88:de:48:
22:2d:87:33:e8:cd:f4:11:d5:54:62:ed:6e:0e:15:
64:a5:e4:f7:5e:ac:68:3a:e9:c8:b6:2b:39:de:75:
e9:34:2d:f8:db:8b:55:fe:b6:7d:a9:1a:45:34:48:
d2:44:f2:a4:ad:89:0a:9e:1e:40:54:eb:60:a4:ee:
a3:2e:ae:f9:a3:04:6f:5f:10:5b:19:25:82:52:be:
c0:c8:e2:8d:58:ac:31:f5:ca:42:58:6b:d0:ff:d2:
a1:05:b4:e4:e8:95:34:c1:b5:c6:c7:44:4f:59:0b:
d8:d7:76:28:66:22:6f:2b:9a:11:b5:15:ce:c4:e8:
31:ce:83:4c:cb:13:74:88:e5:39:d0:95:9b:b5:4c:
3c:c1:04:29:7c:0f:61:68:f5:2e:df:b3:00:c9:22:
5a:c1:2d:2a:be:83:a3:47:d7:c7:be:39:7c:2b:56:
97:20:da:33:6c:c4:38:2d:e5:03:71:0e:33:08:58:
a5:17:85:a1:43:e2:fb:cc:3d:02:99:80:89:00:85:
44:9a:41:d0:ad:73:0b:99:c8:88:c9:5a:a7:d1:d7:
8e:f1:db:2d:8a:de:9d:bb:25:55:d3:d4:e2:b7:6c:
30:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:5B:A7:80:4E:C1:60:45:93:B0:A9:97:EA:2D:CC:0F:C2:CF:94:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.32.0/19
Signature Algorithm: sha256WithRSAEncryption
8b:bb:06:15:79:ea:11:c4:f7:18:2b:c9:58:8a:a0:05:27:66:
7e:74:af:5e:0f:56:cf:a5:23:b7:d3:99:0c:c1:25:21:91:2a:
d0:c2:7d:8e:35:c4:fe:92:8a:d2:a5:e3:ed:4e:4c:39:8a:13:
d8:75:e8:49:db:c7:71:31:ea:15:a6:5c:10:20:a4:e5:3a:1b:
66:28:3d:d0:6e:18:bc:08:4e:d5:83:1f:30:10:3a:72:5c:e9:
52:6b:62:38:97:bc:ff:a8:66:11:1c:12:4b:8a:73:f4:1b:51:
58:80:a6:8d:93:bc:63:1c:6d:8f:0a:2b:66:8e:e6:ed:ac:70:
9f:73:db:04:b9:2d:f7:38:80:40:c3:c0:07:f6:dc:a3:63:4d:
e3:ca:a8:2a:89:a0:a6:24:74:b1:88:e0:43:66:01:19:fc:3f:
85:5c:12:8e:80:bb:37:6a:4b:16:b4:03:52:2a:ff:33:f9:46:
f1:b6:ea:d7:42:79:96:70:07:85:79:49:53:b7:a9:14:59:21:
5f:3d:96:3c:13:e8:2b:c2:b3:00:07:33:a1:26:39:e5:08:1a:
5b:aa:2b:7d:e1:df:a3:8c:c4:8c:13:48:2f:d2:2a:5d:dd:ea:
f3:81:68:cb:23:5a:a6:b6:ae:aa:7f:79:c7:e1:20:d3:3e:fb:
41:59:5c:3d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIO8qOWg57G0LZWFy8MyW5mYf1eUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDgwMDMxMDlaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3Y2Y5NzVjOGQ2YmRkYWRkMjU2ODdjOTdiNGUyNzRmODk2NzQ2ZTU3YTk3
OTY4ZGRkYmI3ZGM2OWRiNzAxOTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJmAo2o8Ici9WzHGa0pCf7EyAA+2MbQYIgnZiN5IIi2HM+jN9BHVVGLtbg4V
ZKXk916saDrpyLYrOd516TQt+NuLVf62fakaRTRI0kTypK2JCp4eQFTrYKTuoy6u
+aMEb18QWxklglK+wMjijVisMfXKQlhr0P/SoQW05OiVNMG1xsdET1kL2Nd2KGYi
byuaEbUVzsToMc6DTMsTdIjlOdCVm7VMPMEEKXwPYWj1Lt+zAMkiWsEtKr6Do0fX
x745fCtWlyDaM2zEOC3lA3EOMwhYpReFoUPi+8w9ApmAiQCFRJpB0K1zC5nIiMla
p9HXjvHbLYrenbslVdPU4rdsMBUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRtW6eA
TsFgRZOwqZfqLcwPws+UrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzRmZWRjMDQtMjRlMC00MWRjLWExZjgtM2JhY2FlM2Q2NjE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99IDAN
BgkqhkiG9w0BAQsFAAOCAQEAi7sGFXnqEcT3GCvJWIqgBSdmfnSvXg9Wz6Ujt9OZ
DMElIZEq0MJ9jjXE/pKK0qXj7U5MOYoT2HXoSdvHcTHqFaZcECCk5TobZig90G4Y
vAhO1YMfMBA6clzpUmtiOJe8/6hmERwSS4pz9BtRWICmjZO8YxxtjworZo7m7axw
n3PbBLkt9ziAQMPAB/bco2NN48qoKomgpiR0sYjgQ2YBGfw/hVwSjoC7N2pLFrQD
Uir/M/lG8bbq10J5lnAHhXlJU7epFFkhXz2WPBPoK8KzAAczoSY55QgaW6orfeHf
o4zEjBNIL9IqXd3q84FoyyNaprauqn95x+Eg0z77QVlcPQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:12 2025 by rpki-client