Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
File: 5326a6e7-9660-4ae8-a80a-996863be862e.roa (raw, json)
Hash identifier: /Q6Udj69m2anYYSle511wwkiYN+xN8dgBsGrv1vThq4=
Subject key identifier: 38:22:4E:D1:5B:73:A4:33:47:E9:DE:0E:74:8B:1E:E5:90:D7:D9:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F1EF84F4A3C30A31FF8B173DE3BF6A04EE0E88C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
Signing time: Sun 01 Mar 2026 00:00:36 +0000
ROA not before: Sun 01 Mar 2026 00:00:36 +0000
ROA not after: Sat 30 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:1e:f8:4f:4a:3c:30:a3:1f:f8:b1:73:de:3b:f6:a0:4e:e0:e8:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 1 00:00:36 2026 GMT
Not After : May 30 23:59:59 2026 GMT
Subject: serialNumber=ce2e01c72e1138e43e05f7fe472fa08b2f379ce8d7472701527a43e8f31589d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:34:45:2a:9e:d0:6f:09:f6:d5:7f:06:56:69:
11:44:76:78:24:1e:d1:a5:3a:fe:8d:81:75:81:0b:
90:82:14:e9:17:77:71:b2:ef:e6:17:e8:c7:9f:ef:
ee:69:aa:3d:39:fc:05:3d:35:c8:c8:53:64:c3:30:
90:e8:d7:14:63:fe:e2:4f:42:ee:91:fd:4d:45:df:
67:31:b1:c2:1b:02:5c:67:81:07:51:ec:2d:1c:64:
b5:f0:02:0a:9f:c1:d2:80:94:f6:36:65:53:45:f5:
8a:e9:f4:cf:dc:de:83:ea:f9:d8:98:c9:92:ab:a4:
0f:5b:95:76:c9:94:56:6a:ce:d6:3c:9a:a4:c3:e0:
4a:c3:b1:26:4e:04:06:73:20:76:e2:a3:a6:42:a5:
9d:bb:6c:36:30:b2:96:9b:1c:d3:93:08:7f:45:73:
a1:65:22:03:ac:18:24:f9:fb:e2:5f:c1:44:c7:1c:
60:c5:9a:93:d2:84:1c:98:78:2c:38:98:5b:4b:48:
e1:16:83:f1:67:cd:9c:9a:06:4e:cf:0e:7d:53:34:
15:e4:cf:df:c9:e2:5f:39:a3:01:5b:7a:8a:2e:75:
90:d4:49:78:c3:ce:61:64:29:51:0f:e1:72:72:fa:
88:e0:99:ba:cf:95:5c:c7:20:4b:4e:71:43:d4:6f:
d5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:22:4E:D1:5B:73:A4:33:47:E9:DE:0E:74:8B:1E:E5:90:D7:D9:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.64.0/19
Signature Algorithm: sha256WithRSAEncryption
ad:86:c5:cd:73:9b:08:5a:56:58:e0:42:17:66:1e:58:29:49:
9d:27:81:42:37:8c:69:8d:59:0f:1d:84:da:0b:7d:e1:e0:fe:
45:46:bc:a8:4c:66:15:ee:be:f5:f5:93:11:4f:7b:44:e4:cd:
db:70:dc:fe:6f:d5:a7:ef:7e:28:95:d3:31:fb:a1:ad:a8:e0:
ea:a9:43:03:e4:a1:50:dc:a5:43:a0:4b:c0:51:58:d4:3a:82:
47:88:63:96:18:18:7d:1a:62:c1:9e:4f:9f:6c:6a:0b:64:ee:
e8:f2:51:f6:b1:9a:a0:5a:7b:b2:f0:be:9c:ec:be:b1:c6:86:
1a:9d:57:5b:0b:1b:dc:37:c6:1a:41:50:e1:0b:ac:9b:52:d9:
68:7b:f8:1e:11:eb:b8:2f:54:d3:ad:1c:b7:1a:00:9e:51:bc:
ca:da:2a:77:a7:56:9b:05:71:23:a6:d3:da:3d:80:45:b0:b4:
a1:1a:ef:5b:08:08:e8:82:82:a5:bc:8a:34:2e:8d:e0:ca:4b:
93:9c:73:23:70:a9:ff:1b:59:4f:0d:e1:db:4e:59:18:9d:01:
6a:d2:a3:5a:b7:46:cb:3c:a6:f9:e9:5a:eb:1c:f4:94:a0:57:
e5:11:e6:5e:79:4c:ce:40:e0:2a:0f:2f:41:06:ac:d6:cc:15:
c4:41:28:49
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXx74T0o8MKMf+LFz3jv2oE7g6IwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMDEwMDAwMzZaFw0yNjA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlMmUwMWM3MmUxMTM4ZTQzZTA1ZjdmZTQ3MmZhMDhiMmYzNzljZThkNzQ3
MjcwMTUyN2E0M2U4ZjMxNTg5ZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIw0RSqe0G8J9tV/BlZpEUR2eCQe0aU6/o2BdYELkIIU6Rd3cbLv5hfox5/v
7mmqPTn8BT01yMhTZMMwkOjXFGP+4k9C7pH9TUXfZzGxwhsCXGeBB1HsLRxktfAC
Cp/B0oCU9jZlU0X1iun0z9zeg+r52JjJkqukD1uVdsmUVmrO1jyapMPgSsOxJk4E
BnMgduKjpkKlnbtsNjCylpsc05MIf0VzoWUiA6wYJPn74l/BRMccYMWak9KEHJh4
LDiYW0tI4RaD8WfNnJoGTs8OfVM0FeTP38niXzmjAVt6ii51kNRJeMPOYWQpUQ/h
cnL6iOCZus+VXMcgS05xQ9Rv1YsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ4Ik7R
W3OkM0fp3g50ix7lkNfZojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMyNmE2ZTctOTY2MC00YWU4LWE4MGEtOTk2ODYzYmU4NjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99QDAN
BgkqhkiG9w0BAQsFAAOCAQEArYbFzXObCFpWWOBCF2YeWClJnSeBQjeMaY1ZDx2E
2gt94eD+RUa8qExmFe6+9fWTEU97ROTN23Dc/m/Vp+9+KJXTMfuhrajg6qlDA+Sh
UNylQ6BLwFFY1DqCR4hjlhgYfRpiwZ5Pn2xqC2Tu6PJR9rGaoFp7svC+nOy+scaG
Gp1XWwsb3DfGGkFQ4Qusm1LZaHv4HhHruC9U060ctxoAnlG8ytoqd6dWmwVxI6bT
2j2ARbC0oRrvWwgI6IKCpbyKNC6N4MpLk5xzI3Cp/xtZTw3h205ZGJ0BatKjWrdG
yzym+ela6xz0lKBX5RHmXnlMzkDgKg8vQQas1swVxEEoSQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:15 2026 by rpki-client