Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
File: 4cdfefba-9573-485f-8040-202e038ebf78.roa (raw, json)
Hash identifier: VXsBSBalvWWKXQlDEnvWa36+7OrVhSSeshfcQpIoL+Y=
Subject key identifier: D7:12:90:D8:AF:B2:02:60:E7:90:27:2A:21:B7:C4:20:E2:FC:70:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0BC5ADBF28500D183E70573983893A4304927B75
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
Signing time: Tue 19 May 2026 04:50:53 +0000
ROA not before: Tue 19 May 2026 04:50:53 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.8.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:c5:ad:bf:28:50:0d:18:3e:70:57:39:83:89:3a:43:04:92:7b:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:53 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=64c5ee4e666f3c8099022a46e4da40e78c43bf6e51799624d0b04439ddc8c527, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bf:67:eb:8e:9e:bd:70:6a:94:94:e2:3f:3c:
c3:a8:48:68:94:ba:60:0a:c8:a4:9e:58:bd:2b:fc:
9d:ac:1f:57:48:0c:15:1c:a9:29:84:18:60:4e:8a:
ff:48:b1:1f:21:97:a2:51:b0:5e:66:d2:01:f4:2e:
c7:dd:86:45:5f:4d:97:8b:3f:80:83:f1:c8:43:10:
b2:7e:d8:b0:6e:11:19:9a:4e:26:b1:51:35:b8:41:
b7:1f:18:a7:a0:b0:8c:8c:9a:b8:2a:57:31:80:30:
58:0e:ae:7d:d9:10:12:03:c5:75:b8:5f:33:71:d0:
d8:44:ac:bc:04:5b:e8:78:0b:f6:31:5f:ee:40:97:
07:3c:be:f9:fc:11:32:b4:c2:e1:a4:69:5b:6d:2a:
7e:e1:5b:09:6e:27:21:7d:da:5a:73:24:e9:77:8a:
a3:38:a5:b2:8b:20:ec:06:90:19:a3:6c:a5:24:c6:
5c:11:5a:d1:24:d8:37:02:bc:6c:5d:f4:1e:07:5c:
63:65:5f:71:5c:f7:e1:19:03:03:fb:ed:4f:bb:a4:
61:ce:0e:f8:2b:12:6b:ca:7d:05:c9:c8:7c:4b:d7:
c6:7d:8e:7d:21:e8:49:9b:00:79:8b:aa:43:94:5f:
88:19:f4:31:34:a5:1f:54:c6:22:fc:49:c9:c0:48:
74:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:12:90:D8:AF:B2:02:60:E7:90:27:2A:21:B7:C4:20:E2:FC:70:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.8.0/21
Signature Algorithm: sha256WithRSAEncryption
75:76:95:df:55:3f:9a:30:2e:4c:aa:a9:a7:dc:47:f3:53:fb:
65:94:9f:a1:fe:5c:1f:46:c0:d4:40:49:95:e1:98:55:06:8d:
c1:3b:5d:e7:a0:1e:1b:11:48:f9:69:01:50:63:2a:b2:c7:f1:
77:31:ab:89:aa:29:11:e8:50:27:28:b6:9f:49:bf:da:6c:ae:
8b:3f:d3:ff:7a:9a:90:3f:16:a1:c6:5e:a0:ba:77:84:33:00:
20:21:b6:ce:15:10:93:0f:fc:b4:c7:f3:a3:cc:4f:e2:af:83:
53:1f:44:4f:77:ec:de:e3:e4:af:f8:de:c7:e9:68:e1:c4:25:
3b:cf:d4:73:5b:95:27:e4:74:60:82:68:eb:8f:cc:ad:f0:33:
2d:d7:4b:a3:99:f9:fa:f5:41:30:f7:6a:2a:e9:c1:0f:68:aa:
1b:15:a3:91:17:f2:47:da:5d:65:f6:a6:23:5d:ee:09:73:06:
9c:dd:2d:d9:48:a9:2a:0c:5a:3e:d7:e6:57:93:73:b9:35:e1:
5f:b2:1e:7c:5d:c0:a4:e2:1e:70:c3:5d:40:b7:56:ce:f7:1b:
2c:30:2f:31:df:b7:5f:e9:bf:61:05:c7:97:57:56:88:03:d1:
20:28:3a:c7:bd:bc:c5:6f:1d:8f:8a:0b:78:67:18:fd:0f:c5:
97:00:18:64
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUC8WtvyhQDRg+cFc5g4k6QwSSe3UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwNTNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0YzVlZTRlNjY2ZjNjODA5OTAyMmE0NmU0ZGE0MGU3OGM0M2JmNmU1MTc5
OTYyNGQwYjA0NDM5ZGRjOGM1MjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKO/Z+uOnr1wapSU4j88w6hIaJS6YArIpJ5YvSv8nawfV0gMFRypKYQYYE6K
/0ixHyGXolGwXmbSAfQux92GRV9Nl4s/gIPxyEMQsn7YsG4RGZpOJrFRNbhBtx8Y
p6CwjIyauCpXMYAwWA6ufdkQEgPFdbhfM3HQ2ESsvARb6HgL9jFf7kCXBzy++fwR
MrTC4aRpW20qfuFbCW4nIX3aWnMk6XeKozilsosg7AaQGaNspSTGXBFa0STYNwK8
bF30HgdcY2VfcVz34RkDA/vtT7ukYc4O+CsSa8p9BcnIfEvXxn2OfSHoSZsAeYuq
Q5RfiBn0MTSlH1TGIvxJycBIdPkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTXEpDY
r7ICYOeQJyoht8Qg4vxwXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNkZmVmYmEtOTU3My00ODVmLTgwNDAtMjAyZTAzOGViZjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099CDAN
BgkqhkiG9w0BAQsFAAOCAQEAdXaV31U/mjAuTKqpp9xH81P7ZZSfof5cH0bA1EBJ
leGYVQaNwTtd56AeGxFI+WkBUGMqssfxdzGriaopEehQJyi2n0m/2myuiz/T/3qa
kD8WocZeoLp3hDMAICG2zhUQkw/8tMfzo8xP4q+DUx9ET3fs3uPkr/jex+lo4cQl
O8/Uc1uVJ+R0YIJo64/MrfAzLddLo5n5+vVBMPdqKunBD2iqGxWjkRfyR9pdZfam
I13uCXMGnN0t2UipKgxaPtfmV5NzuTXhX7IefF3ApOIecMNdQLdWzvcbLDAvMd+3
X+m/YQXHl1dWiAPRICg6x728xW8dj4oLeGcY/Q/FlwAYZA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:54 2026 by rpki-client