Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
File: 0b022346-638e-4570-8b19-5cf9b4c378c8.roa (raw, json)
Hash identifier: BuOHjA6SS6yBNNPqL60eZhTK2sJHcEiZUdlWEKSAJM0=
Subject key identifier: F2:73:15:F6:CB:77:11:10:37:3E:DA:59:68:B0:A1:D2:67:A0:68:EF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5272AE93FD3059E386B225E8801602B7295AA8C5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
Signing time: Tue 19 May 2026 05:20:58 +0000
ROA not before: Tue 19 May 2026 05:20:58 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:72:ae:93:fd:30:59:e3:86:b2:25:e8:80:16:02:b7:29:5a:a8:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:58 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=35016a34f43812a53f43b0868658b6b85476a206e27c17f3a5d226e3d02e5a5b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c8:b3:74:fa:2e:7f:5e:08:4e:b6:4b:b5:4e:
a6:fd:11:91:97:e4:2f:26:32:f9:a9:fd:34:71:a4:
6e:a1:e6:13:cc:db:25:db:02:19:80:89:05:ac:6c:
d7:e4:83:16:88:ce:5d:a1:b6:5d:3b:4a:13:71:8f:
8c:d8:b7:de:3d:03:b0:3f:81:f2:65:da:18:b3:ca:
1f:66:c6:e2:16:31:e5:40:61:18:ba:f2:d8:8c:44:
2f:ed:b0:0c:05:55:d0:44:81:c0:09:c1:3e:f1:d1:
93:cf:e5:d9:94:d9:32:e8:35:aa:21:4e:1d:79:18:
e5:52:87:6f:53:cb:5b:73:b4:be:9c:55:0a:4c:ca:
34:06:46:7d:c4:23:41:d1:29:29:60:d6:45:d2:75:
8d:28:5a:1c:05:ea:c9:6e:c0:44:41:8b:57:c5:6b:
27:23:51:f5:09:42:d1:8e:45:7d:79:c8:ef:4b:ec:
50:dd:3a:5d:c5:a6:0f:ec:78:18:51:0c:3a:cb:73:
f4:3a:07:b9:c7:b4:8a:bb:7f:87:1f:9b:fb:ff:b6:
50:1a:3c:cb:b6:54:2d:18:8a:c0:c9:2b:47:0c:af:
46:f2:bc:80:e5:b5:79:90:7e:3f:c6:17:73:1f:fa:
64:76:2b:db:17:22:90:c9:4f:35:2a:b1:5a:9f:54:
1b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:73:15:F6:CB:77:11:10:37:3E:DA:59:68:B0:A1:D2:67:A0:68:EF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b022346-638e-4570-8b19-5cf9b4c378c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.96.0/21
Signature Algorithm: sha256WithRSAEncryption
49:8a:3f:f0:4e:08:a4:f3:e8:3c:78:c4:20:71:83:98:9a:2d:
d9:5d:12:5e:15:11:db:e1:9f:68:56:a9:49:22:b5:e9:1b:92:
4a:06:da:44:64:34:b9:95:52:0f:39:5a:95:0b:0c:a3:99:a0:
9d:89:69:02:5a:37:b2:34:a2:a7:87:c8:28:1f:23:7e:71:d8:
10:42:5a:8a:71:d2:df:1d:65:ed:63:d4:ad:31:94:37:ce:59:
9b:15:35:13:aa:e1:81:29:99:78:4a:b1:70:0d:25:d4:22:e5:
20:97:ce:7b:e1:4c:d3:c2:14:c3:43:ab:79:03:45:c8:a3:59:
00:48:d1:f6:f8:13:98:93:d2:af:d9:69:d7:26:97:91:03:f7:
34:b5:00:da:5a:48:cb:31:1f:b2:22:7d:1d:8b:81:e8:0a:f2:
ce:db:a4:36:70:21:55:66:34:f2:0d:e1:c6:ba:a4:d9:1d:df:
67:cb:00:c7:f8:58:6f:c2:7b:87:ce:4f:47:2c:13:38:58:35:
c3:d9:bf:83:25:f3:89:d7:14:83:0d:50:a6:ff:de:cf:c5:c4:
32:bf:5e:88:b9:0a:a3:63:0f:71:82:60:66:3c:a6:73:b8:c1:
6a:a0:25:9b:eb:4f:3a:b7:e0:73:d7:20:55:55:d4:72:15:ad:
59:66:bd:ea
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUnKuk/0wWeOGsiXogBYCtylaqMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwNThaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1MDE2YTM0ZjQzODEyYTUzZjQzYjA4Njg2NThiNmI4NTQ3NmEyMDZlMjdj
MTdmM2E1ZDIyNmUzZDAyZTVhNWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbIs3T6Ln9eCE62S7VOpv0RkZfkLyYy+an9NHGkbqHmE8zbJdsCGYCJBaxs
1+SDFojOXaG2XTtKE3GPjNi33j0DsD+B8mXaGLPKH2bG4hYx5UBhGLry2IxEL+2w
DAVV0ESBwAnBPvHRk8/l2ZTZMug1qiFOHXkY5VKHb1PLW3O0vpxVCkzKNAZGfcQj
QdEpKWDWRdJ1jShaHAXqyW7AREGLV8VrJyNR9QlC0Y5FfXnI70vsUN06XcWmD+x4
GFEMOstz9DoHuce0irt/hx+b+/+2UBo8y7ZULRiKwMkrRwyvRvK8gOW1eZB+P8YX
cx/6ZHYr2xcikMlPNSqxWp9UGzMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTycxX2
y3cREDc+2llosKHSZ6Bo7zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIwMjIzNDYtNjM4ZS00NTcwLThiMTktNWNmOWI0YzM3OGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099YDAN
BgkqhkiG9w0BAQsFAAOCAQEASYo/8E4IpPPoPHjEIHGDmJot2V0SXhUR2+GfaFap
SSK16RuSSgbaRGQ0uZVSDzlalQsMo5mgnYlpAlo3sjSip4fIKB8jfnHYEEJainHS
3x1l7WPUrTGUN85ZmxU1E6rhgSmZeEqxcA0l1CLlIJfOe+FM08IUw0OreQNFyKNZ
AEjR9vgTmJPSr9lp1yaXkQP3NLUA2lpIyzEfsiJ9HYuB6AryztukNnAhVWY08g3h
xrqk2R3fZ8sAx/hYb8J7h85PRywTOFg1w9m/gyXzidcUgw1Qpv/ez8XEMr9eiLkK
o2MPcYJgZjymc7jBaqAlm+tPOrfgc9cgVVXUchWtWWa96g==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:15 2026 by rpki-client