Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
File: e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa (raw, json)
Hash identifier: zvp8O0ZQJuo6EeqC20CuPNvXMYoVLagrwZFA82dTbNM=
Subject key identifier: 47:4C:8C:B0:CD:EF:72:4F:C9:32:5B:66:C2:AE:09:74:4E:2B:7C:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 202DE90B698E26D711AB6D3D3FBF39D699B3D49B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
Signing time: Tue 17 Jun 2025 00:50:04 +0000
ROA not before: Tue 17 Jun 2025 00:50:04 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:2d:e9:0b:69:8e:26:d7:11:ab:6d:3d:3f:bf:39:d6:99:b3:d4:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:50:04 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=ec6f90d6b6e9fcc45279ff708b42ce4f5ee819c70a4e476d7de8743f1dfaa6be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e6:21:3a:29:f9:a4:96:e6:01:f6:de:9d:06:
2f:9c:c8:82:60:f8:a4:c6:8b:d1:10:fd:fc:84:a8:
2c:71:d0:2a:52:4e:3f:f6:ff:da:3c:93:70:65:33:
49:90:14:82:fd:4e:a9:0e:b4:3b:9e:ba:28:ca:4c:
18:58:21:c2:c2:f9:6d:3f:4b:ab:4b:25:95:5b:a5:
e0:56:3a:f4:a8:0f:51:2f:dd:33:4c:e9:b9:08:b8:
fc:d2:32:5b:6e:31:bd:82:c5:af:51:03:e1:ea:1f:
ce:98:08:e9:6e:82:b2:8d:b4:98:69:0b:7a:df:cc:
7c:3d:be:4d:13:48:20:6a:f1:ee:93:cc:81:55:3c:
fe:66:5e:54:8d:da:4c:e4:f2:fa:3c:eb:90:24:03:
ef:67:13:bd:c2:b2:2d:8e:24:42:36:46:81:69:dd:
9d:88:2c:7b:02:9b:e1:ef:e1:d0:de:9f:2f:09:12:
0b:f6:5b:37:29:95:20:96:2f:83:26:3a:78:d5:57:
5f:23:87:1d:70:17:12:0a:3c:f4:81:2e:ec:84:0a:
67:05:4d:44:cb:18:83:74:f5:30:1b:9b:12:3b:3e:
47:5a:be:e1:27:77:70:8b:2e:32:19:7b:34:82:38:
b5:03:cf:01:7f:de:03:4f:eb:c1:96:ec:bc:4e:88:
83:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:4C:8C:B0:CD:EF:72:4F:C9:32:5B:66:C2:AE:09:74:4E:2B:7C:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/17
Signature Algorithm: sha256WithRSAEncryption
7c:24:16:17:bd:df:41:6f:ae:88:11:20:a5:3b:be:93:87:8e:
51:02:76:4f:43:29:b7:a9:36:ab:e2:89:ac:3a:42:88:7e:e8:
32:43:07:87:01:19:4c:c2:a6:e0:f6:f3:00:76:11:b6:1d:5c:
01:c8:ef:60:76:bb:db:0b:68:d8:cd:38:6c:57:02:f7:bf:95:
c1:32:fb:fb:ed:5e:e5:79:0f:68:ad:54:1a:9b:d4:85:78:88:
7d:6f:d4:4a:17:65:3a:68:46:97:65:c9:48:86:cd:7f:c0:9d:
b0:5f:d3:99:b4:d1:a8:dd:9a:de:98:02:8c:2a:38:72:85:ea:
e2:b1:ef:8f:74:a0:7d:cd:70:70:8d:83:be:19:85:bc:8f:83:
f3:04:85:c9:7d:a2:04:9d:de:30:0f:fb:70:3b:4c:d5:9a:6f:
2e:6d:3f:06:09:da:5a:bf:dd:f5:19:9b:16:d0:be:66:97:10:
3f:10:5b:14:02:16:33:20:fc:d5:42:18:43:5a:69:6d:10:30:
bb:68:8f:94:18:49:70:cd:bf:c6:7b:57:4f:71:12:94:cc:17:
97:b8:6d:47:61:da:af:9e:be:59:af:29:fe:33:51:a9:44:da:
ed:a4:a0:7c:c6:28:17:02:0e:e0:66:71:30:1e:da:99:48:64:
37:96:9f:d2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIC3pC2mOJtcRq209P7851pmz1JswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDUwMDRaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjNmY5MGQ2YjZlOWZjYzQ1Mjc5ZmY3MDhiNDJjZTRmNWVlODE5YzcwYTRl
NDc2ZDdkZTg3NDNmMWRmYWE2YmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTmITop+aSW5gH23p0GL5zIgmD4pMaL0RD9/ISoLHHQKlJOP/b/2jyTcGUz
SZAUgv1OqQ60O566KMpMGFghwsL5bT9Lq0sllVul4FY69KgPUS/dM0zpuQi4/NIy
W24xvYLFr1ED4eofzpgI6W6Cso20mGkLet/MfD2+TRNIIGrx7pPMgVU8/mZeVI3a
TOTy+jzrkCQD72cTvcKyLY4kQjZGgWndnYgsewKb4e/h0N6fLwkSC/ZbNymVIJYv
gyY6eNVXXyOHHXAXEgo89IEu7IQKZwVNRMsYg3T1MBubEjs+R1q+4Sd3cIsuMhl7
NII4tQPPAX/eA0/rwZbsvE6IgzsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRHTIyw
ze9yT8kyW2bCrgl0Tit8hjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTNhMGIyMDAtM2YxNi00ZWI3LWFhMGEtZmNjYzQ2YTkwOTJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB099ADAN
BgkqhkiG9w0BAQsFAAOCAQEAfCQWF73fQW+uiBEgpTu+k4eOUQJ2T0Mpt6k2q+KJ
rDpCiH7oMkMHhwEZTMKm4PbzAHYRth1cAcjvYHa72wto2M04bFcC97+VwTL7++1e
5XkPaK1UGpvUhXiIfW/UShdlOmhGl2XJSIbNf8CdsF/TmbTRqN2a3pgCjCo4coXq
4rHvj3Sgfc1wcI2DvhmFvI+D8wSFyX2iBJ3eMA/7cDtM1ZpvLm0/BgnaWr/d9Rmb
FtC+ZpcQPxBbFAIWMyD81UIYQ1ppbRAwu2iPlBhJcM2/xntXT3ESlMwXl7htR2Ha
r56+Wa8p/jNRqUTa7aSgfMYoFwIO4GZxMB7amUhkN5af0g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:23 2025 by rpki-client