Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
File: 332d3a7e-56bb-435c-b479-a81f23cb0414.roa (raw, json)
Hash identifier: iXrnm1l2WXYAXyB7NQzE7jXt0T5sqD2ffHnv4GHq5UQ=
Subject key identifier: 04:EC:27:A1:E5:32:14:94:A6:16:7D:D6:57:0D:6F:6F:9A:FA:29:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 050A035C629BB75EC05027F263C355616B48EB87
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
Signing time: Sat 28 Feb 2026 06:21:24 +0000
ROA not before: Sat 28 Feb 2026 06:21:24 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:0a:03:5c:62:9b:b7:5e:c0:50:27:f2:63:c3:55:61:6b:48:eb:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:21:24 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=8c92edc1bfcc5b41173978dd83cc373973a35f0df23be5772afa566e143932ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e6:37:d1:19:ee:1b:c6:7d:b1:c1:a1:50:83:
8d:e6:11:e1:97:96:b1:f2:75:f7:06:be:31:07:f5:
c3:b5:aa:a6:8c:44:ed:98:65:b2:16:a5:c9:47:7e:
76:97:a0:eb:27:1d:4c:bd:a6:69:d6:80:90:e3:da:
71:d7:45:64:c1:d0:10:be:f8:62:eb:4e:b5:5b:2e:
76:a3:32:21:f3:72:e6:9e:4a:5c:c4:01:9a:d1:8a:
59:a4:82:ae:36:5b:8d:bd:f9:da:79:12:7c:dc:7b:
8a:91:47:44:e2:d0:35:87:47:fa:d4:ec:c3:e7:b7:
8d:a7:64:3f:d4:19:c9:40:a5:0c:b9:76:24:fb:03:
0c:68:f2:48:8b:95:af:f9:a2:70:b5:91:22:7c:1a:
09:57:be:95:f3:5d:8a:ac:1f:ff:05:df:6c:49:25:
0a:6c:51:26:17:8a:3c:a3:73:0c:70:12:a8:6c:0a:
4e:5c:c5:5f:3b:36:b1:cf:8a:f9:e1:90:86:69:2e:
10:67:af:f5:2f:15:9b:58:6d:de:f7:76:0a:ea:7e:
c9:36:49:30:f8:5d:22:7d:54:92:bd:ce:28:49:94:
79:c4:8f:4f:56:f0:3e:b9:49:f0:b5:1c:cb:05:b2:
1f:af:8f:86:04:7d:06:e6:dc:58:5e:06:e2:06:03:
8d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:EC:27:A1:E5:32:14:94:A6:16:7D:D6:57:0D:6F:6F:9A:FA:29:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.28.0/22
Signature Algorithm: sha256WithRSAEncryption
66:13:a3:07:c4:d2:e1:ee:e5:eb:ea:52:d5:30:00:d3:dd:24:
b2:b7:52:69:64:c4:9c:e3:02:fd:8d:3d:68:56:7e:f3:12:7d:
1d:31:e0:6b:df:15:6c:4f:84:2a:16:b0:49:e5:78:d3:8f:92:
9e:e1:54:3c:52:50:fe:26:2a:64:7c:44:34:ff:60:08:7a:70:
63:d3:3b:d8:37:3d:9e:f8:8d:b4:c0:80:f2:93:22:f5:8a:c7:
45:35:42:41:f3:e1:67:50:c3:39:87:f3:d5:e3:cf:4b:3c:5e:
11:de:85:6b:53:70:6d:8c:dc:5b:dd:90:9c:a3:2c:f0:86:94:
23:2a:cb:fa:aa:a9:d3:ab:44:fb:22:8a:cd:ef:d0:8c:71:96:
ff:ef:30:23:f1:b4:9f:04:7f:7f:95:54:67:8e:e9:c6:84:fe:
8b:ee:54:7e:ff:bd:71:7b:fb:50:70:21:d4:45:ff:20:7e:4f:
e3:c1:56:51:a2:a1:7d:4b:12:4a:d4:86:fb:ba:b6:32:59:4d:
f2:19:c3:b2:9b:d9:11:b0:d4:6d:d2:fe:22:45:f4:15:36:d6:
b9:7b:87:b1:9c:8e:f8:7b:81:f0:55:85:75:af:60:f3:2e:e5:
ce:60:b6:ec:8d:ff:09:66:68:94:20:83:bc:a7:c1:2f:7e:21:
01:c0:bc:61
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBQoDXGKbt17AUCfyY8NVYWtI64cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIxMjRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjOTJlZGMxYmZjYzViNDExNzM5NzhkZDgzY2MzNzM5NzNhMzVmMGRmMjNi
ZTU3NzJhZmE1NjZlMTQzOTMyZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAInmN9EZ7hvGfbHBoVCDjeYR4ZeWsfJ19wa+MQf1w7WqpoxE7ZhlshalyUd+
dpeg6ycdTL2madaAkOPacddFZMHQEL74YutOtVsudqMyIfNy5p5KXMQBmtGKWaSC
rjZbjb352nkSfNx7ipFHROLQNYdH+tTsw+e3jadkP9QZyUClDLl2JPsDDGjySIuV
r/micLWRInwaCVe+lfNdiqwf/wXfbEklCmxRJheKPKNzDHASqGwKTlzFXzs2sc+K
+eGQhmkuEGev9S8Vm1ht3vd2Cup+yTZJMPhdIn1Ukr3OKEmUecSPT1bwPrlJ8LUc
ywWyH6+PhgR9BubcWF4G4gYDjQ8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQE7Ceh
5TIUlKYWfdZXDW9vmvop4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzMyZDNhN2UtNTZiYi00MzVjLWI0NzktYTgxZjIzY2IwNDE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99HDAN
BgkqhkiG9w0BAQsFAAOCAQEAZhOjB8TS4e7l6+pS1TAA090ksrdSaWTEnOMC/Y09
aFZ+8xJ9HTHga98VbE+EKhawSeV404+SnuFUPFJQ/iYqZHxENP9gCHpwY9M72Dc9
nviNtMCA8pMi9YrHRTVCQfPhZ1DDOYfz1ePPSzxeEd6Fa1NwbYzcW92QnKMs8IaU
IyrL+qqp06tE+yKKze/QjHGW/+8wI/G0nwR/f5VUZ47pxoT+i+5Ufv+9cXv7UHAh
1EX/IH5P48FWUaKhfUsSStSG+7q2MllN8hnDspvZEbDUbdL+IkX0FTbWuXuHsZyO
+HuB8FWFda9g8y7lzmC27I3/CWZolCCDvKfBL34hAcC8YQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:27:39 2026 by rpki-client