Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
File: 5326a6e7-9660-4ae8-a80a-996863be862e.roa (raw, json)
Hash identifier: 9hrJZTj2a4smyt2xBVqCmAnhMCpG/fOLrQ9Xoyf/9dA=
Subject key identifier: 43:B0:87:1D:D1:EB:E8:19:5E:D5:B4:FF:21:AF:67:F3:CF:A0:98:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32FA65042EE0BF454DB30685BF9BC07B32B30984
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
Signing time: Wed 20 May 2026 00:00:05 +0000
ROA not before: Wed 20 May 2026 00:00:05 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:fa:65:04:2e:e0:bf:45:4d:b3:06:85:bf:9b:c0:7b:32:b3:09:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 00:00:05 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=a3bc2a0a6e98bd5dcfdfeea404369bb5a0162c986ab87618651d06f2ec35aac4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4c:5e:3d:16:53:38:9e:9d:f3:e1:b5:8c:6a:
e9:08:f9:90:be:b7:d1:70:e4:d3:af:b1:33:c8:65:
c6:4b:bf:05:58:d4:b9:15:99:37:fb:6e:8e:e5:73:
4e:76:4f:cb:ef:20:c8:59:48:df:96:23:12:7a:74:
05:a4:43:f0:b2:75:fc:09:0d:2e:0a:cc:3e:60:1a:
9f:73:f3:88:e4:29:00:b8:56:a8:57:1e:6f:81:4a:
52:45:0a:a3:c5:60:0a:55:9c:57:cd:e9:4c:63:fb:
5a:71:ae:9a:cd:17:30:b1:04:6a:d3:a7:8f:f0:7e:
e1:68:5e:49:25:03:a7:80:60:ba:35:98:db:d9:36:
e7:b0:23:27:40:45:d2:cb:34:c8:a6:18:ac:c8:cd:
d7:a6:00:b7:b9:14:a8:d9:1f:37:e4:5c:24:40:d3:
86:7c:26:de:85:e2:36:d3:0f:bb:2a:54:25:f9:5f:
a7:f0:d4:be:e4:23:3b:f3:a1:81:92:06:75:8f:20:
18:3d:30:a8:41:95:78:5b:2d:32:bc:fc:7f:d0:96:
c3:e2:d1:80:90:9e:4e:a3:47:52:8b:ee:f9:6c:5e:
f9:fa:36:c7:46:7f:55:ff:7a:84:a4:0f:41:77:ed:
e3:c6:b6:d1:f4:f1:b5:5e:93:d1:d7:07:62:b3:2a:
ff:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B0:87:1D:D1:EB:E8:19:5E:D5:B4:FF:21:AF:67:F3:CF:A0:98:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5326a6e7-9660-4ae8-a80a-996863be862e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.64.0/19
Signature Algorithm: sha256WithRSAEncryption
4a:71:81:6f:f9:13:4b:60:22:f8:d9:65:ec:1e:6d:8f:b3:03:
20:ed:91:2b:6e:47:ca:da:0b:53:f6:30:74:0d:a8:2f:e6:45:
a4:f1:0c:cd:4a:23:94:08:a9:6a:c8:3b:0a:bf:e3:e2:e1:ae:
d8:f4:9d:af:5a:b6:e2:7f:ab:68:c6:9d:14:65:a8:fe:20:c1:
45:90:2a:5b:95:af:79:42:fe:24:74:d4:6e:23:e4:62:e3:59:
e0:a2:ef:ae:46:b3:ed:f8:ef:6c:7b:02:08:94:26:47:12:21:
14:98:b0:c7:99:05:d7:a6:e0:49:db:90:8c:90:d4:97:73:75:
ac:bb:d0:b0:4a:ae:e7:6b:bf:53:7c:0f:c1:bc:81:91:8a:70:
69:df:6d:a3:6b:7d:db:7e:40:5e:45:97:c7:8d:ca:6e:4b:93:
08:19:ff:26:8e:3e:67:75:1c:e0:fc:4a:ec:ce:b5:39:3e:db:
ef:e6:12:79:e9:22:1f:23:b0:23:1e:dc:57:ed:20:a5:d2:10:
7c:2a:1a:e2:76:71:af:e3:09:21:ed:06:4c:cf:7e:93:55:97:
4d:62:b3:2d:d4:14:87:58:f9:5f:06:02:ae:ce:5e:5a:af:ad:
c0:63:6a:cb:2f:87:b2:44:ac:83:7a:18:1f:99:53:ad:02:9c:
3f:07:10:8e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMvplBC7gv0VNswaFv5vAezKzCYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjAwMDAwMDVaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzYmMyYTBhNmU5OGJkNWRjZmRmZWVhNDA0MzY5YmI1YTAxNjJjOTg2YWI4
NzYxODY1MWQwNmYyZWMzNWFhYzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVMXj0WUzienfPhtYxq6Qj5kL630XDk06+xM8hlxku/BVjUuRWZN/tujuVz
TnZPy+8gyFlI35YjEnp0BaRD8LJ1/AkNLgrMPmAan3PziOQpALhWqFceb4FKUkUK
o8VgClWcV83pTGP7WnGums0XMLEEatOnj/B+4WheSSUDp4BgujWY29k257AjJ0BF
0ss0yKYYrMjN16YAt7kUqNkfN+RcJEDThnwm3oXiNtMPuypUJflfp/DUvuQjO/Oh
gZIGdY8gGD0wqEGVeFstMrz8f9CWw+LRgJCeTqNHUovu+Wxe+fo2x0Z/Vf96hKQP
QXft48a20fTxtV6T0dcHYrMq/7UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRDsIcd
0evoGV7VtP8hr2fzz6CYGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMyNmE2ZTctOTY2MC00YWU4LWE4MGEtOTk2ODYzYmU4NjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99QDAN
BgkqhkiG9w0BAQsFAAOCAQEASnGBb/kTS2Ai+Nll7B5tj7MDIO2RK25HytoLU/Yw
dA2oL+ZFpPEMzUojlAipasg7Cr/j4uGu2PSdr1q24n+raMadFGWo/iDBRZAqW5Wv
eUL+JHTUbiPkYuNZ4KLvrkaz7fjvbHsCCJQmRxIhFJiwx5kF16bgSduQjJDUl3N1
rLvQsEqu52u/U3wPwbyBkYpwad9to2t9235AXkWXx43KbkuTCBn/Jo4+Z3Uc4PxK
7M61OT7b7+YSeekiHyOwIx7cV+0gpdIQfCoa4nZxr+MJIe0GTM9+k1WXTWKzLdQU
h1j5XwYCrs5eWq+twGNqyy+HskSsg3oYH5lTrQKcPwcQjg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:26 2026 by rpki-client