Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
File: ec82a459-cf20-418a-8b9d-03c08dc90b73.roa (raw, json)
Hash identifier: m9rk/Am6KHhJtpxvMVmSvlHORAi3avtyZlSGGj3izdI=
Subject key identifier: BA:D7:4C:F7:93:E6:BC:57:2D:BF:36:FD:FF:54:48:44:60:30:EC:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E57426CA600A6522102AA809AF25D60F8EC8528
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
Signing time: Tue 17 Jun 2025 00:40:13 +0000
ROA not before: Tue 17 Jun 2025 00:40:13 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:57:42:6c:a6:00:a6:52:21:02:aa:80:9a:f2:5d:60:f8:ec:85:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:13 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=cd8f3f767430ad7fd85b884f626aa173cf0d73702e14b731d702e2a541cde2c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ae:21:60:76:4c:78:f5:74:1b:37:49:9b:02:
84:f9:fa:79:67:9d:38:77:4a:8b:25:44:1d:7f:15:
14:85:7e:6a:23:b7:66:99:4b:cf:7b:32:35:cf:72:
4b:e2:33:02:45:df:79:3d:22:c4:82:15:3a:81:c3:
ab:c8:4a:a6:2e:b5:c3:21:6b:9d:ba:21:41:99:db:
0c:23:ec:b8:48:0b:be:6f:cf:53:6c:5f:79:e2:eb:
9a:27:bb:29:b3:18:c9:91:e9:9a:85:2c:4e:26:5d:
55:3c:09:be:cb:44:bc:00:5f:fc:9f:79:8f:32:e5:
21:d6:bd:31:43:d3:6c:57:eb:6b:1a:fa:27:2e:59:
da:fd:7b:5b:63:eb:6a:a3:60:17:4c:0a:64:e1:a8:
28:94:0d:db:5e:27:14:87:a3:ec:06:5a:c1:e7:38:
24:6b:2d:a0:4a:ca:59:72:c7:64:52:6c:4f:7c:86:
ab:b3:ad:ff:22:85:f0:ad:1e:9b:16:06:97:3c:f3:
03:ac:3c:93:55:3f:59:5a:7e:38:69:47:1a:38:23:
89:23:ad:c4:8f:64:9c:4a:5e:d1:dd:f6:28:35:26:
9d:18:80:58:51:b2:8f:b4:34:00:e1:f8:8d:06:c1:
6d:34:43:b5:aa:1d:87:61:65:25:9f:47:8b:9d:0f:
35:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:D7:4C:F7:93:E6:BC:57:2D:BF:36:FD:FF:54:48:44:60:30:EC:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.3.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:a5:85:b9:b9:f4:db:c5:39:bb:f1:2f:6e:be:5a:8d:c8:d3:
74:d0:fa:48:b3:0b:62:08:dd:b9:64:2e:b9:30:2c:c1:4b:97:
b9:04:b9:f3:b1:a9:bf:13:4b:43:e6:4a:ee:9a:1a:ea:ae:47:
32:42:50:15:a6:04:35:34:de:35:89:fd:52:be:c9:da:5b:48:
1f:35:ea:0b:73:10:f9:24:41:7f:6e:d5:10:08:64:a0:4f:62:
ec:a3:ca:fb:02:08:33:14:5a:76:ac:2e:d8:70:6d:e5:1e:0b:
96:8a:4f:7b:be:5f:f5:dc:05:1b:57:51:d0:4c:a5:29:5a:23:
61:8a:85:cd:bd:82:62:bf:86:87:fc:83:99:10:d2:cd:87:a4:
ce:f8:7f:bf:19:bd:eb:2c:b8:5d:d6:a4:8f:4b:6d:c0:b0:f0:
05:6c:d8:7a:e7:cb:8e:18:48:10:de:c1:9b:3f:33:1a:2e:3a:
e1:4a:01:74:78:2f:fd:f2:60:a9:14:8b:4c:bd:7d:28:0c:4d:
b4:c5:16:46:50:33:9c:ce:c3:0f:9d:07:48:0c:22:b3:26:5a:
5e:12:27:3a:96:7f:00:c2:b2:65:29:4f:8c:b8:6d:af:78:80:
1c:86:92:c1:d7:df:b4:41:d4:af:ca:c1:99:69:10:b1:72:8f:
ab:40:bf:ee
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHldCbKYAplIhAqqAmvJdYPjshSgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwMTNaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkOGYzZjc2NzQzMGFkN2ZkODViODg0ZjYyNmFhMTczY2YwZDczNzAyZTE0
YjczMWQ3MDJlMmE1NDFjZGUyYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGuIWB2THj1dBs3SZsChPn6eWedOHdKiyVEHX8VFIV+aiO3ZplLz3syNc9y
S+IzAkXfeT0ixIIVOoHDq8hKpi61wyFrnbohQZnbDCPsuEgLvm/PU2xfeeLrmie7
KbMYyZHpmoUsTiZdVTwJvstEvABf/J95jzLlIda9MUPTbFfraxr6Jy5Z2v17W2Pr
aqNgF0wKZOGoKJQN214nFIej7AZawec4JGstoErKWXLHZFJsT3yGq7Ot/yKF8K0e
mxYGlzzzA6w8k1U/WVp+OGlHGjgjiSOtxI9knEpe0d32KDUmnRiAWFGyj7Q0AOH4
jQbBbTRDtaodh2FlJZ9Hi50PNU8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS610z3
k+a8Vy2/Nv3/VEhEYDDsCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM4MmE0NTktY2YyMC00MThhLThiOWQtMDNjMDhkYzkwYjczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE99AzAN
BgkqhkiG9w0BAQsFAAOCAQEAx6WFubn028U5u/Evbr5ajcjTdND6SLMLYgjduWQu
uTAswUuXuQS587GpvxNLQ+ZK7poa6q5HMkJQFaYENTTeNYn9Ur7J2ltIHzXqC3MQ
+SRBf27VEAhkoE9i7KPK+wIIMxRadqwu2HBt5R4LlopPe75f9dwFG1dR0EylKVoj
YYqFzb2CYr+Gh/yDmRDSzYekzvh/vxm96yy4Xdakj0ttwLDwBWzYeufLjhhIEN7B
mz8zGi464UoBdHgv/fJgqRSLTL19KAxNtMUWRlAznM7DD50HSAwisyZaXhInOpZ/
AMKyZSlPjLhtr3iAHIaSwdfftEHUr8rBmWkQsXKPq0C/7g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:30:54 2025 by rpki-client