Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
File: 5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa (raw, json)
Hash identifier: mH7SkAsLO8kkW3FWYmYCMWUM5HHWwzEV5QmBrTFo0FY=
Subject key identifier: 78:C7:6C:35:F5:7E:8B:D5:72:CC:86:A5:B7:88:FA:4A:BC:2C:82:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44B2CFBC2DD9ECABF3E0833F57D02FFB8A1078EC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
Signing time: Tue 19 May 2026 05:00:07 +0000
ROA not before: Tue 19 May 2026 05:00:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:b2:cf:bc:2d:d9:ec:ab:f3:e0:83:3f:57:d0:2f:fb:8a:10:78:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=29d024163382b0834c512748a81136516a4832e30a55cb35973cf65e9145656e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d4:72:c3:63:c6:cf:4e:46:0b:44:f3:d6:5b:
97:84:54:9e:66:9b:72:5f:d8:a3:89:36:c7:49:0f:
f7:59:b3:0c:b0:c1:65:db:66:d2:1c:11:f6:1b:29:
7e:fc:c5:6c:87:1a:8b:d9:d2:c2:06:27:62:2e:8b:
22:25:d4:b7:21:aa:1f:01:8d:2e:e6:3a:d0:18:19:
78:76:42:dc:26:43:6b:ef:35:04:0c:8f:3f:4b:19:
a7:24:e2:0e:56:af:1d:cc:b3:6a:74:1d:83:fa:91:
37:a6:04:a7:bc:4a:f8:8c:01:7a:51:48:da:11:a5:
a9:1b:65:79:73:fa:ec:b9:1a:67:32:dd:9a:a6:11:
47:49:14:f2:60:6e:e3:64:8f:4e:64:96:88:2f:74:
25:84:80:ac:0e:fe:fd:ca:fd:a4:92:68:53:d2:a8:
0e:0e:ac:e2:11:df:23:8e:0f:30:f0:d3:0a:26:fd:
69:76:46:cd:5d:eb:aa:d8:1c:bb:b2:6f:6b:75:81:
d1:7e:dc:33:f7:5d:55:45:02:ea:02:bc:57:e3:2a:
48:12:f5:4c:fe:72:26:1a:c6:a4:a2:80:b3:77:2a:
8f:83:ff:9e:d1:07:97:16:2d:84:a1:85:07:44:d9:
38:c0:46:15:a3:c7:f6:fe:a9:22:89:92:37:d1:ef:
aa:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:C7:6C:35:F5:7E:8B:D5:72:CC:86:A5:B7:88:FA:4A:BC:2C:82:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.24.0/22
Signature Algorithm: sha256WithRSAEncryption
42:90:94:a7:12:16:75:1a:f5:38:0e:51:cc:91:4f:f0:8f:60:
10:4b:97:49:91:93:16:80:53:18:34:62:47:2b:b0:08:b9:7a:
32:ce:be:7e:ea:a8:c3:74:6b:cf:c0:4e:8f:f5:f0:ee:f8:44:
e3:a0:48:fd:16:8f:f5:01:a9:2f:89:e2:d7:30:46:af:b6:e9:
1b:a0:cd:41:e0:57:48:6b:5b:8d:c0:e7:07:cb:8f:d1:b2:49:
b9:6f:e3:93:ad:e6:60:63:32:f0:d8:2a:ce:1f:27:6e:a7:20:
90:10:e1:ca:c7:cb:60:a7:63:1f:e4:33:60:35:5b:e4:fd:2c:
6e:c1:84:05:e4:8d:f9:c6:e8:af:8b:86:e9:51:31:d5:0f:22:
9d:fa:d2:07:e9:b2:88:a0:16:9e:13:f1:b4:94:bd:93:b4:27:
cc:03:7d:6c:8b:96:fb:8c:fc:34:88:a7:48:89:02:d7:7b:94:
86:0e:73:e9:1a:2d:de:63:f7:10:9a:b9:ae:ba:a1:29:9f:fd:
50:1d:a7:f1:b0:12:ee:9f:1a:7b:b3:07:af:cc:f1:bb:ca:f9:
e1:71:18:38:ec:99:c8:95:74:78:49:c2:f5:88:54:5c:60:f4:
a7:1d:7f:6c:16:68:51:cc:15:0e:bc:fe:fd:d8:79:59:3e:2e:
f8:f9:ad:fb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURLLPvC3Z7Kvz4IM/V9Av+4oQeOwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5ZDAyNDE2MzM4MmIwODM0YzUxMjc0OGE4MTEzNjUxNmE0ODMyZTMwYTU1
Y2IzNTk3M2NmNjVlOTE0NTY1NmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbUcsNjxs9ORgtE89Zbl4RUnmabcl/Yo4k2x0kP91mzDLDBZdtm0hwR9hsp
fvzFbIcai9nSwgYnYi6LIiXUtyGqHwGNLuY60BgZeHZC3CZDa+81BAyPP0sZpyTi
DlavHcyzanQdg/qRN6YEp7xK+IwBelFI2hGlqRtleXP67LkaZzLdmqYRR0kU8mBu
42SPTmSWiC90JYSArA7+/cr9pJJoU9KoDg6s4hHfI44PMPDTCib9aXZGzV3rqtgc
u7Jva3WB0X7cM/ddVUUC6gK8V+MqSBL1TP5yJhrGpKKAs3cqj4P/ntEHlxYthKGF
B0TZOMBGFaPH9v6pIomSN9HvqoMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR4x2w1
9X6L1XLMhqW3iPpKvCyCHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWRjYTAyZTYtMDNhNC00MjUxLWI2ZDMtNWM5NmQyMmFmN2NiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99GDAN
BgkqhkiG9w0BAQsFAAOCAQEAQpCUpxIWdRr1OA5RzJFP8I9gEEuXSZGTFoBTGDRi
RyuwCLl6Ms6+fuqow3Rrz8BOj/Xw7vhE46BI/RaP9QGpL4ni1zBGr7bpG6DNQeBX
SGtbjcDnB8uP0bJJuW/jk63mYGMy8Ngqzh8nbqcgkBDhysfLYKdjH+QzYDVb5P0s
bsGEBeSN+cbor4uG6VEx1Q8infrSB+myiKAWnhPxtJS9k7QnzAN9bIuW+4z8NIin
SIkC13uUhg5z6Rot3mP3EJq5rrqhKZ/9UB2n8bAS7p8ae7MHr8zxu8r54XEYOOyZ
yJV0eEnC9YhUXGD0px1/bBZoUcwVDrz+/dh5WT4u+Pmt+w==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:55 2026 by rpki-client