Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
File: e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa (raw, json)
Hash identifier: hsaLhF+XUShXFlkKeiWYB2wkIr5JfHRXUHKOdDkmdjA=
Subject key identifier: DD:7A:05:80:26:1F:83:AA:BE:8A:1A:35:84:7E:46:DC:7E:80:6D:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 204EA5DC3C526EA8D367D55E3E7DED8FB0B544AF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
Signing time: Fri 08 Aug 2025 00:31:06 +0000
ROA not before: Fri 08 Aug 2025 00:31:06 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:4e:a5:dc:3c:52:6e:a8:d3:67:d5:5e:3e:7d:ed:8f:b0:b5:44:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 8 00:31:06 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=e13c117799779dd772ec1331e1d707988e68fcf7d122f0cd0e6c8e0f7a39c0b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:db:ae:9c:d0:61:1c:97:44:63:a0:6a:e9:7d:
d5:a8:d1:89:e7:7c:73:ba:27:49:77:9b:38:f6:09:
3e:df:79:23:42:e8:ff:9d:f1:04:f4:6f:25:af:34:
91:0d:cb:4f:02:2b:cc:bc:9a:9f:00:2f:05:01:49:
63:b0:7a:55:9d:0d:ff:10:78:95:ad:cd:b3:6b:9b:
0c:68:36:d6:26:20:a7:0b:b7:19:61:7b:11:1e:0d:
dd:62:58:8e:35:15:62:e0:b7:3b:c4:83:49:8f:f7:
a2:e4:dc:3d:95:6d:8f:0b:e7:7f:dc:bf:0c:da:cc:
20:bf:29:9e:5f:76:b0:97:7d:99:2d:8e:52:0d:69:
d3:d5:a6:83:33:a2:d9:16:11:d9:71:ba:92:d5:d1:
43:00:d5:13:8b:a0:c4:b9:65:96:ce:4f:52:25:0a:
4b:95:13:b8:44:15:66:22:77:ca:69:19:69:98:b4:
24:3b:2d:9c:26:1b:41:cb:f7:ce:ba:c7:bb:61:e2:
0c:85:8b:c5:7d:c2:ef:a2:fd:68:37:6b:a1:e7:02:
a9:25:f6:b7:06:5e:28:00:c4:9b:e9:d5:d3:8c:cc:
51:8c:4f:5f:c6:9e:bf:82:ca:bb:94:d9:41:f3:77:
aa:2e:33:6b:7d:88:83:24:7c:4e:e3:16:d9:d1:31:
a7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7A:05:80:26:1F:83:AA:BE:8A:1A:35:84:7E:46:DC:7E:80:6D:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/17
Signature Algorithm: sha256WithRSAEncryption
ca:88:1a:4b:82:9b:cc:47:e6:da:3b:f1:d9:f7:de:d0:14:88:
60:d7:09:a4:ba:26:41:e9:6d:3a:49:72:45:73:4f:60:13:0a:
d2:ad:2c:16:b7:51:cf:a7:a5:92:dd:30:95:e9:dc:0c:89:04:
31:df:4a:b9:92:54:02:cb:1a:da:9c:65:68:fc:bb:2a:db:00:
06:a0:01:4c:5e:23:be:bd:ee:1d:c0:48:9f:0e:d5:81:76:0d:
23:d7:71:8a:0a:d7:f6:4d:dd:61:38:8c:91:b5:b6:0f:f7:1a:
00:8a:fd:b1:64:ab:45:69:c6:94:a6:14:11:78:85:24:2e:9a:
23:27:9e:3e:ae:2f:25:c7:f9:43:9f:e8:f4:f3:c4:24:b3:07:
42:8d:23:27:4c:85:0c:c5:48:59:6c:26:ef:96:26:44:7d:8b:
01:be:8e:40:ef:96:33:51:bc:8f:96:78:f8:af:49:0d:7e:4d:
38:90:f3:6e:38:b6:78:eb:d4:cf:ba:a0:7a:25:2c:6e:32:2b:
cb:0e:0c:2a:13:95:74:26:65:06:cd:1e:df:99:44:f9:15:44:
16:a1:c9:f4:bd:f7:5d:a8:d1:b6:41:ba:45:9e:c5:e2:07:15:
67:13:fe:cc:59:45:42:26:fb:3f:7e:c3:ab:68:b8:06:e6:52:
d3:8b:fc:a8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIE6l3DxSbqjTZ9VePn3tj7C1RK8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDgwMDMxMDZaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxM2MxMTc3OTk3NzlkZDc3MmVjMTMzMWUxZDcwNzk4OGU2OGZjZjdkMTIy
ZjBjZDBlNmM4ZTBmN2EzOWMwYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKPbrpzQYRyXRGOgaul91ajRied8c7onSXebOPYJPt95I0Lo/53xBPRvJa80
kQ3LTwIrzLyanwAvBQFJY7B6VZ0N/xB4la3Ns2ubDGg21iYgpwu3GWF7ER4N3WJY
jjUVYuC3O8SDSY/3ouTcPZVtjwvnf9y/DNrMIL8pnl92sJd9mS2OUg1p09WmgzOi
2RYR2XG6ktXRQwDVE4ugxLllls5PUiUKS5UTuEQVZiJ3ymkZaZi0JDstnCYbQcv3
zrrHu2HiDIWLxX3C76L9aDdroecCqSX2twZeKADEm+nV04zMUYxPX8aev4LKu5TZ
QfN3qi4za32IgyR8TuMW2dExp2UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTdegWA
Jh+Dqr6KGjWEfkbcfoBtZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTNhMGIyMDAtM2YxNi00ZWI3LWFhMGEtZmNjYzQ2YTkwOTJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB099ADAN
BgkqhkiG9w0BAQsFAAOCAQEAyogaS4KbzEfm2jvx2ffe0BSIYNcJpLomQeltOkly
RXNPYBMK0q0sFrdRz6elkt0wlencDIkEMd9KuZJUAssa2pxlaPy7KtsABqABTF4j
vr3uHcBInw7VgXYNI9dxigrX9k3dYTiMkbW2D/caAIr9sWSrRWnGlKYUEXiFJC6a
IyeePq4vJcf5Q5/o9PPEJLMHQo0jJ0yFDMVIWWwm75YmRH2LAb6OQO+WM1G8j5Z4
+K9JDX5NOJDzbji2eOvUz7qgeiUsbjIryw4MKhOVdCZlBs0e35lE+RVEFqHJ9L33
XajRtkG6RZ7F4gcVZxP+zFlFQib7P37Dq2i4BuZS04v8qA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:57 2025 by rpki-client