Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
File: 4cdfefba-9573-485f-8040-202e038ebf78.roa (raw, json)
Hash identifier: z6Hz218tmeI4MpRgsTR6/CDVICdEHPvfWm9uAV25XG4=
Subject key identifier: 02:7B:4B:E2:52:6D:6D:C3:D6:38:F9:DD:75:28:DD:9F:B6:3A:8D:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72476FD43111AC7192C4CE634DEB3CB174434360
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
Signing time: Sat 28 Feb 2026 05:31:30 +0000
ROA not before: Sat 28 Feb 2026 05:31:30 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.8.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:47:6f:d4:31:11:ac:71:92:c4:ce:63:4d:eb:3c:b1:74:43:43:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:31:30 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=720aac8b3e357e8a28c06896a7c4a626b89576bcded2cf3b1490c34245bd3e73, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:00:d0:d2:7a:9b:2e:00:a5:04:6f:35:a6:8f:
19:89:cc:97:cc:53:0b:5e:a9:a8:7c:1a:14:59:7e:
61:f4:63:4f:67:a3:18:d2:b9:4a:7f:b8:3a:24:41:
e5:88:0c:23:99:32:7d:4f:a8:b8:af:cd:98:03:b1:
95:61:43:a5:24:f4:53:79:78:a7:13:50:8d:1e:6d:
8e:22:e5:b3:ba:a6:46:59:27:56:80:e0:60:4e:6b:
bc:fb:4b:a5:fe:15:9c:d5:a8:f5:8a:6a:14:02:f3:
39:df:15:cb:08:28:72:06:cf:b7:9c:0d:a7:0f:eb:
59:80:67:e5:dd:df:c8:bf:e2:70:41:17:8d:27:bb:
f1:c3:90:a9:34:ad:44:41:d9:c7:0a:0b:ef:01:50:
3d:c1:72:d5:de:3d:65:32:cd:eb:a7:c3:d5:f6:a9:
7f:15:e4:8d:64:ed:06:54:ea:35:f1:52:b6:dc:67:
98:ad:9d:bc:12:f4:40:f2:6d:55:5d:e3:a5:03:b2:
f4:c7:bf:cf:53:12:f0:b3:9e:ec:e1:82:15:cc:71:
ff:87:2a:29:a3:82:60:3f:58:2e:71:71:ac:e7:83:
91:03:9e:ce:9e:5c:fc:75:27:89:ea:8e:e6:a6:b8:
2a:e9:64:68:40:9c:59:0b:b0:25:ef:e8:bb:65:29:
19:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:7B:4B:E2:52:6D:6D:C3:D6:38:F9:DD:75:28:DD:9F:B6:3A:8D:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cdfefba-9573-485f-8040-202e038ebf78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.8.0/21
Signature Algorithm: sha256WithRSAEncryption
1a:76:ae:44:3c:e4:6b:72:d1:28:c2:86:03:a2:e7:27:63:57:
81:39:87:e0:6e:6d:3c:57:89:6a:85:2c:96:00:95:21:64:e2:
11:96:a2:d0:19:b0:91:34:c1:1a:92:ba:40:98:bc:e8:93:1a:
b8:ca:ef:e6:a6:6e:f1:aa:6e:f2:21:3c:d5:c3:87:5a:5d:6f:
5c:91:a4:15:b4:f6:1d:bb:d0:e0:2a:54:65:3a:86:d7:a2:af:
ff:9a:dc:97:c7:f6:3d:7a:4e:65:0c:a2:b4:91:5a:52:03:08:
74:f5:62:4a:12:a6:58:5e:03:d6:75:c0:74:15:3d:cd:7e:b8:
cc:ce:a5:dc:3a:d4:ac:a3:3c:f0:4b:04:d3:51:17:18:9d:84:
68:89:79:ae:c1:1a:58:e9:93:aa:7f:9b:f3:81:0e:f9:64:46:
a2:bf:7b:62:99:7d:25:6f:19:3e:8c:b8:5c:99:b1:b2:7b:a4:
7b:c9:21:19:44:0c:07:71:cc:41:82:2b:65:91:b4:c7:c3:32:
05:b0:d8:a6:60:e3:8e:2a:cc:35:43:54:d5:37:61:76:a0:60:
6d:9e:92:bd:cf:a7:46:99:60:eb:da:73:5e:52:ff:10:4e:61:
fd:f2:e3:a7:be:ae:b8:52:cb:9e:d7:6d:4d:a0:79:11:f0:1b:
49:14:bc:cd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUckdv1DERrHGSxM5jTes8sXRDQ2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMxMzBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyMGFhYzhiM2UzNTdlOGEyOGMwNjg5NmE3YzRhNjI2Yjg5NTc2YmNkZWQy
Y2YzYjE0OTBjMzQyNDViZDNlNzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANIA0NJ6my4ApQRvNaaPGYnMl8xTC16pqHwaFFl+YfRjT2ejGNK5Sn+4OiRB
5YgMI5kyfU+ouK/NmAOxlWFDpST0U3l4pxNQjR5tjiLls7qmRlknVoDgYE5rvPtL
pf4VnNWo9YpqFALzOd8VywgocgbPt5wNpw/rWYBn5d3fyL/icEEXjSe78cOQqTSt
REHZxwoL7wFQPcFy1d49ZTLN66fD1fapfxXkjWTtBlTqNfFSttxnmK2dvBL0QPJt
VV3jpQOy9Me/z1MS8LOe7OGCFcxx/4cqKaOCYD9YLnFxrOeDkQOezp5c/HUnieqO
5qa4KulkaECcWQuwJe/ou2UpGSECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQCe0vi
Um1tw9Y4+d11KN2ftjqN+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNkZmVmYmEtOTU3My00ODVmLTgwNDAtMjAyZTAzOGViZjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099CDAN
BgkqhkiG9w0BAQsFAAOCAQEAGnauRDzka3LRKMKGA6LnJ2NXgTmH4G5tPFeJaoUs
lgCVIWTiEZai0BmwkTTBGpK6QJi86JMauMrv5qZu8apu8iE81cOHWl1vXJGkFbT2
HbvQ4CpUZTqG16Kv/5rcl8f2PXpOZQyitJFaUgMIdPViShKmWF4D1nXAdBU9zX64
zM6l3DrUrKM88EsE01EXGJ2EaIl5rsEaWOmTqn+b84EO+WRGor97Ypl9JW8ZPoy4
XJmxsnuke8khGUQMB3HMQYIrZZG0x8MyBbDYpmDjjirMNUNU1TdhdqBgbZ6Svc+n
Rplg69pzXlL/EE5h/fLjp76uuFLLntdtTaB5EfAbSRS8zQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:09 2026 by rpki-client