Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa
File: 4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa (raw, json)
Hash identifier: 9WAjYK/v+jEPlrW6Nnvsu3MWjMjEeUYPvROlAPZ8QLY=
Subject key identifier: 0A:C0:21:73:63:59:65:48:7A:05:06:2A:97:30:F3:F5:3B:FE:B7:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DF9278F962ECBBB257F9674BDB7B10D86FF7F95
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa
Signing time: Tue 19 May 2026 05:21:04 +0000
ROA not before: Tue 19 May 2026 05:21:04 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:f9:27:8f:96:2e:cb:bb:25:7f:96:74:bd:b7:b1:0d:86:ff:7f:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:21:04 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=0d1bc421a410b7369c3b338548fcdd4fecbb2b2de1c4a720b735ff3d9ed1e42a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:93:c7:dd:ae:b3:d8:42:68:c9:3f:49:8f:94:
cf:ca:a1:c0:98:e4:2a:23:59:a7:49:ca:6c:e3:85:
05:48:98:fa:7d:17:df:5f:0b:b1:26:97:98:15:fd:
9c:29:3f:47:e0:84:03:88:e3:5e:7f:63:8e:c5:e6:
1e:ae:23:18:67:78:f5:17:77:d7:30:0e:75:39:77:
fe:37:05:34:27:7c:8d:72:20:84:da:5d:8c:14:e5:
d1:f0:bc:69:e7:20:db:ad:93:4f:7c:d5:07:17:2b:
08:0e:d5:61:7b:c2:57:61:f2:82:44:76:3a:dc:66:
d9:79:55:df:95:49:15:00:4f:da:d6:08:82:7a:e8:
42:07:68:c7:89:7e:93:ee:24:66:73:6f:bd:53:7d:
81:de:a3:30:c6:37:1a:42:f0:ab:5c:ba:08:a9:d1:
50:42:7a:35:4f:30:84:67:61:a4:65:b6:59:db:26:
30:ea:55:66:f8:58:0b:2b:15:c1:74:8f:5b:9b:e2:
8a:e2:ca:c2:4f:2c:a4:a7:1c:5e:1b:e6:08:19:79:
e2:07:f9:53:11:9c:92:dc:0b:1d:93:82:be:e7:25:
a2:96:9d:42:49:6c:bb:83:18:4a:4a:e0:8e:69:e9:
e5:d9:1a:56:20:57:d5:8b:24:dc:6c:74:01:61:1b:
2e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:C0:21:73:63:59:65:48:7A:05:06:2A:97:30:F3:F5:3B:FE:B7:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cc30fcc-ec23-4e26-be16-37db80dbf3a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.4.0/22
Signature Algorithm: sha256WithRSAEncryption
52:e1:76:69:27:da:f1:3c:2f:ba:a7:de:51:12:2a:ad:50:de:
d4:9d:cb:eb:2f:02:5c:48:03:bc:00:3b:e5:8f:07:c6:e9:86:
44:11:a1:65:d5:03:05:9a:a0:67:9c:f6:de:d9:99:2d:94:fa:
b7:3a:2a:38:d9:f4:2d:b0:d5:de:8f:53:de:73:dc:fa:9d:e5:
1f:ef:c7:b1:35:c4:f8:51:1a:c7:df:61:1b:25:80:3a:89:f7:
3b:61:07:19:43:c1:56:b9:3d:cb:2e:31:19:77:d1:63:21:40:
09:82:39:56:9d:57:76:b9:d8:fa:81:6d:9a:a5:37:53:02:16:
bc:03:58:1d:e9:7f:71:f6:4c:40:c0:71:69:89:e6:54:29:1a:
a3:6b:d0:ee:dc:bd:f6:93:43:fd:df:87:c9:da:54:9c:21:f4:
53:29:3d:a1:5d:6f:1d:fd:01:0d:14:72:23:fd:86:f5:af:12:
e4:6a:34:c0:38:87:c7:03:f5:d8:a9:3b:e9:00:7a:5f:16:94:
5c:ef:45:5b:ec:bc:4e:13:24:e9:c3:fc:fd:20:13:e7:be:0d:
d8:e7:1e:04:5c:4e:f9:c3:72:9e:92:8e:39:f6:88:e1:28:81:
7a:6b:b8:6e:21:9c:85:ea:8a:13:c3:70:8d:c9:31:e6:c2:b5:
63:0d:be:16
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULfknj5Yuy7slf5Z0vbexDYb/f5UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIxMDRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkMWJjNDIxYTQxMGI3MzY5YzNiMzM4NTQ4ZmNkZDRmZWNiYjJiMmRlMWM0
YTcyMGI3MzVmZjNkOWVkMWU0MmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGTx92us9hCaMk/SY+Uz8qhwJjkKiNZp0nKbOOFBUiY+n0X318LsSaXmBX9
nCk/R+CEA4jjXn9jjsXmHq4jGGd49Rd31zAOdTl3/jcFNCd8jXIghNpdjBTl0fC8
aecg262TT3zVBxcrCA7VYXvCV2HygkR2Otxm2XlV35VJFQBP2tYIgnroQgdox4l+
k+4kZnNvvVN9gd6jMMY3GkLwq1y6CKnRUEJ6NU8whGdhpGW2WdsmMOpVZvhYCysV
wXSPW5viiuLKwk8spKccXhvmCBl54gf5UxGcktwLHZOCvuclopadQklsu4MYSkrg
jmnp5dkaViBX1Ysk3Gx0AWEbLosCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQKwCFz
Y1llSHoFBiqXMPP1O/63/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNjMzBmY2MtZWMyMy00ZTI2LWJlMTYtMzdkYjgwZGJmM2EwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99BDAN
BgkqhkiG9w0BAQsFAAOCAQEAUuF2aSfa8TwvuqfeURIqrVDe1J3L6y8CXEgDvAA7
5Y8HxumGRBGhZdUDBZqgZ5z23tmZLZT6tzoqONn0LbDV3o9T3nPc+p3lH+/HsTXE
+FEax99hGyWAOon3O2EHGUPBVrk9yy4xGXfRYyFACYI5Vp1XdrnY+oFtmqU3UwIW
vANYHel/cfZMQMBxaYnmVCkao2vQ7ty99pND/d+HydpUnCH0Uyk9oV1vHf0BDRRy
I/2G9a8S5Go0wDiHxwP12Kk76QB6XxaUXO9FW+y8ThMk6cP8/SAT574N2OceBFxO
+cNynpKOOfaI4SiBemu4biGcheqKE8Nwjckx5sK1Yw2+Fg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:59 2026 by rpki-client