Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
File: 332d3a7e-56bb-435c-b479-a81f23cb0414.roa (raw, json)
Hash identifier: S18nmRW6tw5eGp9ucmgU0CeNS6j+PRARCHEQFiVcFmw=
Subject key identifier: ED:2D:CB:16:97:71:D0:63:7A:62:E4:82:CF:4B:F6:1F:91:8C:9F:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B82EFA817A0D20BBC647EB8ECB8C21CFF1CC219
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
Signing time: Tue 19 May 2026 05:30:13 +0000
ROA not before: Tue 19 May 2026 05:30:13 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:82:ef:a8:17:a0:d2:0b:bc:64:7e:b8:ec:b8:c2:1c:ff:1c:c2:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:13 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=01e53c0bba081b498f04868f5b3034472d35ecdcfdf148c24614c6c126f24b90, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:05:27:b9:da:61:54:60:82:78:ca:9c:1d:e3:
6e:bf:b5:d6:cf:f3:99:12:b8:f1:43:ba:12:62:3e:
ef:ce:39:3d:be:3d:c4:7d:97:79:80:7e:31:00:26:
cb:95:92:8b:03:c0:72:b7:a5:82:bf:a8:2b:e7:f3:
8e:8c:46:aa:3c:75:dd:cd:d2:f2:51:5d:f8:a2:53:
01:c1:75:23:71:21:53:0f:99:1d:1e:d2:0d:83:db:
19:ac:df:3a:b1:0f:78:59:6c:39:b9:3f:fe:43:f7:
d4:fe:1c:e5:2c:0b:cc:32:ea:f1:da:77:b3:76:46:
1e:08:e2:a8:c8:47:25:67:46:90:ab:ff:3d:fd:bc:
4c:ba:50:80:46:19:05:f7:18:ce:82:f3:33:c9:6e:
32:76:7c:d8:33:ff:a5:70:0a:da:d6:68:7c:e6:c2:
7e:69:34:6f:93:9b:d1:2f:88:99:82:d2:e5:2c:6b:
79:38:65:e2:12:bd:1b:0d:bf:99:ca:ba:95:1d:9a:
94:2a:73:06:5b:cb:0d:15:d7:0a:27:c8:4b:73:ac:
7c:5c:7a:00:24:8b:ae:1e:a4:a1:98:a5:93:45:a8:
82:8b:27:ca:65:a1:0f:76:f9:07:cf:04:da:43:38:
f2:40:96:5f:d0:55:0e:50:d9:ab:1b:65:c1:6c:12:
5a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:2D:CB:16:97:71:D0:63:7A:62:E4:82:CF:4B:F6:1F:91:8C:9F:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/332d3a7e-56bb-435c-b479-a81f23cb0414.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.28.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:11:03:5b:00:fd:0a:3b:51:d7:69:dd:26:58:99:d8:6a:5e:
db:b3:6b:8c:17:ac:47:d1:f5:cb:c7:e3:b1:bf:76:d0:b6:86:
2e:20:f3:71:81:65:09:4d:18:45:a4:20:ae:89:20:80:41:86:
0c:36:46:4e:de:31:ec:09:b5:43:24:7b:a0:97:ac:f1:58:b8:
60:37:b5:e9:20:94:dd:a7:30:c2:90:e6:07:fc:26:ed:d5:d9:
21:57:1f:d8:df:82:10:5b:0a:5b:c3:04:a4:d0:06:50:ee:88:
e4:19:2c:84:9d:9f:a0:e4:83:83:8f:06:bd:e3:53:16:d7:40:
9b:da:bc:33:59:8e:de:c4:c9:97:83:c7:2d:e4:27:50:50:fa:
94:29:3b:14:f6:a1:5d:8c:e5:da:dd:7c:55:b7:8b:41:da:34:
9b:d6:f0:9a:42:57:88:aa:3d:9f:41:a0:3b:8a:5f:67:6a:8f:
d7:18:d6:a2:f8:e7:8d:f2:ae:f4:ba:dd:42:52:cd:66:3a:c2:
ea:c7:d7:f9:4e:f2:06:4f:e2:c9:48:db:9a:45:e3:2b:a8:68:
0a:5d:6c:ca:47:59:0b:4a:3a:8f:c4:bd:90:af:09:4f:05:0b:
62:41:81:9f:7a:89:89:fd:38:73:8b:35:60:1f:53:58:72:df:
5f:13:9e:03
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUO4LvqBeg0gu8ZH647LjCHP8cwhkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwMTNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxZTUzYzBiYmEwODFiNDk4ZjA0ODY4ZjViMzAzNDQ3MmQzNWVjZGNmZGYx
NDhjMjQ2MTRjNmMxMjZmMjRiOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoFJ7naYVRggnjKnB3jbr+11s/zmRK48UO6EmI+7845Pb49xH2XeYB+MQAm
y5WSiwPAcrelgr+oK+fzjoxGqjx13c3S8lFd+KJTAcF1I3EhUw+ZHR7SDYPbGazf
OrEPeFlsObk//kP31P4c5SwLzDLq8dp3s3ZGHgjiqMhHJWdGkKv/Pf28TLpQgEYZ
BfcYzoLzM8luMnZ82DP/pXAK2tZofObCfmk0b5Ob0S+ImYLS5SxreThl4hK9Gw2/
mcq6lR2alCpzBlvLDRXXCifIS3OsfFx6ACSLrh6koZilk0WogosnymWhD3b5B88E
2kM48kCWX9BVDlDZqxtlwWwSWn8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTtLcsW
l3HQY3pi5ILPS/YfkYyfczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzMyZDNhN2UtNTZiYi00MzVjLWI0NzktYTgxZjIzY2IwNDE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99HDAN
BgkqhkiG9w0BAQsFAAOCAQEAPREDWwD9CjtR12ndJliZ2Gpe27NrjBesR9H1y8fj
sb920LaGLiDzcYFlCU0YRaQgrokggEGGDDZGTt4x7Am1QyR7oJes8Vi4YDe16SCU
3acwwpDmB/wm7dXZIVcf2N+CEFsKW8MEpNAGUO6I5BkshJ2foOSDg48GveNTFtdA
m9q8M1mO3sTJl4PHLeQnUFD6lCk7FPahXYzl2t18VbeLQdo0m9bwmkJXiKo9n0Gg
O4pfZ2qP1xjWovjnjfKu9LrdQlLNZjrC6sfX+U7yBk/iyUjbmkXjK6hoCl1sykdZ
C0o6j8S9kK8JTwULYkGBn3qJif04c4s1YB9TWHLfXxOeAw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:44 2026 by rpki-client