Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa
File: 4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa (raw, json)
Hash identifier: XOdDDG5TTt5pwPXp56lZ1ptameOiU8hGk1p/QEWXFp4=
Subject key identifier: 90:6F:47:6D:1F:2E:9A:1F:CB:C0:61:13:9E:56:DC:58:33:4D:5E:47
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66FEB83FC2CDE0291949533E33FF4970A463B16F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa
Signing time: Sat 28 Feb 2026 06:11:03 +0000
ROA not before: Sat 28 Feb 2026 06:11:03 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:fe:b8:3f:c2:cd:e0:29:19:49:53:3e:33:ff:49:70:a4:63:b1:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:11:03 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=9f4d932d57b5933d18e671310a68367b23989a4972990d6a52a7b60d3c0ddfda, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fd:5f:70:d3:52:7f:7b:18:40:44:8c:ac:e7:
4b:0f:a3:54:aa:43:8a:12:2f:72:99:fd:49:40:ef:
d8:7d:85:41:bc:77:88:79:a2:9a:9d:3d:a4:72:4d:
ab:41:ca:9b:46:8f:65:3c:f6:aa:41:47:1d:84:42:
9b:2f:6e:41:ad:92:6f:60:6d:03:85:19:fb:5b:8a:
1e:b2:ec:60:f5:75:a8:df:af:48:29:10:2d:43:6e:
e0:3e:85:79:b9:97:e7:be:e1:93:c0:49:1f:9c:9c:
5d:7a:ce:b1:b0:b5:2f:ba:7d:79:3c:63:6d:d5:aa:
c0:9a:c4:ae:52:9a:5c:a1:17:7b:00:e4:07:13:19:
63:23:3c:f5:fc:53:b4:ec:76:2b:8c:0f:f5:a0:f2:
a4:b8:d6:ac:ca:b6:90:6b:22:b2:7e:50:85:f6:27:
e5:ae:38:c7:82:aa:16:71:4d:b6:83:1d:8d:f9:16:
30:bf:39:3a:a1:a7:69:59:1d:ed:8a:0c:aa:9a:49:
17:4d:f8:b5:ba:2a:83:c6:5a:e0:10:87:10:03:c1:
4b:05:99:eb:ad:af:3a:43:68:4f:2b:39:f6:11:72:
b2:02:ed:99:64:c3:1e:62:65:5e:27:b8:09:ab:f3:
81:be:fe:0a:a3:cd:e4:53:35:c9:9d:9a:d4:05:57:
c0:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:6F:47:6D:1F:2E:9A:1F:CB:C0:61:13:9E:56:DC:58:33:4D:5E:47
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.4.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:59:02:39:3b:9c:56:3c:6e:4b:c7:ba:d3:ae:fc:14:b6:82:
13:08:94:a8:cf:fe:ee:33:19:2d:1d:d9:d8:2a:fb:a1:1b:a8:
c0:89:7a:14:3f:58:2f:0b:12:fa:b8:46:73:27:44:bf:74:d9:
fe:e7:40:fc:5a:0f:93:a7:33:ab:ee:c8:da:6c:6e:67:07:0b:
33:6e:b3:96:30:1b:62:6f:dd:46:66:0e:dc:0c:f3:f5:1e:68:
74:ad:e1:a0:c1:00:6f:6c:ef:8b:ce:da:41:45:ed:52:16:7a:
c0:e6:d3:83:b6:55:1c:2b:e4:2d:40:87:37:66:7d:ac:64:2d:
28:f9:c6:a4:06:cd:ab:c6:36:0d:7c:a4:e2:c2:ae:60:3f:7c:
2f:87:15:4f:71:36:13:bc:a7:66:f0:24:5a:4d:67:0d:71:cf:
d6:30:29:ec:4c:ca:f7:f0:9b:9f:93:7b:4e:68:0d:74:85:18:
2b:89:c5:46:e5:aa:b0:1f:20:48:bb:d0:b7:13:7c:28:83:33:
a1:49:0f:ab:80:93:fe:a7:ec:db:8e:c2:6a:10:8e:82:95:5d:
3c:0d:e7:b2:af:54:2b:4b:48:a0:4d:59:15:bd:ba:e8:35:06:
37:3e:f7:37:10:d6:e9:03:52:f8:19:7e:1f:1e:3f:f6:3c:e6:
78:7d:e3:4c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZv64P8LN4CkZSVM+M/9JcKRjsW8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjExMDNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmNGQ5MzJkNTdiNTkzM2QxOGU2NzEzMTBhNjgzNjdiMjM5ODlhNDk3Mjk5
MGQ2YTUyYTdiNjBkM2MwZGRmZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJv9X3DTUn97GEBEjKznSw+jVKpDihIvcpn9SUDv2H2FQbx3iHmimp09pHJN
q0HKm0aPZTz2qkFHHYRCmy9uQa2Sb2BtA4UZ+1uKHrLsYPV1qN+vSCkQLUNu4D6F
ebmX577hk8BJH5ycXXrOsbC1L7p9eTxjbdWqwJrErlKaXKEXewDkBxMZYyM89fxT
tOx2K4wP9aDypLjWrMq2kGsisn5QhfYn5a44x4KqFnFNtoMdjfkWML85OqGnaVkd
7YoMqppJF034tboqg8Za4BCHEAPBSwWZ662vOkNoTys59hFysgLtmWTDHmJlXie4
Cavzgb7+CqPN5FM1yZ2a1AVXwOsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSQb0dt
Hy6aH8vAYROeVtxYM01eRzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNjMzBmY2MtZWMyMy00ZTI2LWJlMTYtMzdkYjgwZGJmM2EwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99BDAN
BgkqhkiG9w0BAQsFAAOCAQEAoVkCOTucVjxuS8e60678FLaCEwiUqM/+7jMZLR3Z
2Cr7oRuowIl6FD9YLwsS+rhGcydEv3TZ/udA/FoPk6czq+7I2mxuZwcLM26zljAb
Ym/dRmYO3Azz9R5odK3hoMEAb2zvi87aQUXtUhZ6wObTg7ZVHCvkLUCHN2Z9rGQt
KPnGpAbNq8Y2DXyk4sKuYD98L4cVT3E2E7ynZvAkWk1nDXHP1jAp7EzK9/Cbn5N7
TmgNdIUYK4nFRuWqsB8gSLvQtxN8KIMzoUkPq4CT/qfs247CahCOgpVdPA3nsq9U
K0tIoE1ZFb266DUGNz73NxDW6QNS+Bl+Hx4/9jzmeH3jTA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:38:06 2026 by rpki-client