Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
File: 5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa (raw, json)
Hash identifier: yx9mbtyJM0XH5CDL0mxedgAH6O41FaSVRSAQ0PTyJw4=
Subject key identifier: E7:66:99:EE:F1:74:E4:46:6C:F6:7B:4E:BA:46:D1:12:C0:ED:BC:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37650737B000A8FD35560F39857C3C20EF4C5EFA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
Signing time: Sat 28 Feb 2026 05:50:43 +0000
ROA not before: Sat 28 Feb 2026 05:50:43 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:65:07:37:b0:00:a8:fd:35:56:0f:39:85:7c:3c:20:ef:4c:5e:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:50:43 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=e1447092584e12e1087f40ab2fe230816382e2c6d49534d0cec3ba3770c2fa91, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:09:38:83:9d:61:14:32:e2:5a:3d:d3:54:67:
93:32:c5:0b:ef:96:e4:fb:2a:7f:70:9c:41:cb:8e:
1b:f5:07:ab:ee:35:e3:e2:6d:95:9b:ce:43:60:a0:
a2:c5:99:0f:d1:97:69:9c:b6:c1:6b:3b:8e:64:c6:
de:e4:c8:8a:c2:64:64:74:dd:a0:35:58:f2:a7:b2:
c5:47:3a:85:4f:db:ea:39:25:92:a1:15:32:2b:12:
c3:0a:49:1e:31:1e:d6:19:48:8c:80:3d:f7:8f:0b:
b5:ca:31:c6:8f:79:db:0e:de:7b:1c:36:fb:40:53:
ef:61:ee:03:b2:e6:bf:8a:9c:a5:f7:2f:a4:4e:c2:
ed:a3:e5:a6:15:d2:88:6a:fd:2f:18:4e:dd:12:c6:
7a:23:df:8a:fd:ea:7f:ec:ec:b6:99:aa:65:fc:1c:
cf:4b:80:5c:31:f7:28:32:87:da:04:de:17:67:3e:
09:21:c6:70:25:23:dd:c7:04:e7:aa:6f:3c:e1:b4:
bf:e4:48:b8:e3:72:c8:2f:e0:df:5f:88:21:90:51:
8d:07:0d:7a:e5:f9:4e:38:a1:aa:b7:e0:b4:c5:54:
04:c3:d0:b1:c0:29:c4:c9:cd:81:de:56:37:a4:4e:
0b:1c:26:28:30:e7:22:c3:1d:7b:ed:cb:54:f1:ce:
93:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:66:99:EE:F1:74:E4:46:6C:F6:7B:4E:BA:46:D1:12:C0:ED:BC:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5dca02e6-03a4-4251-b6d3-5c96d22af7cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.24.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:e8:7c:45:76:b0:cb:98:7d:2e:60:2b:73:ef:9e:26:84:fc:
9f:7e:5b:d5:a6:6b:df:30:b3:12:fb:42:41:3b:57:c4:8e:c5:
19:94:74:68:8d:ac:03:71:db:36:5c:6d:3f:fc:76:4b:4b:78:
11:3f:1a:1f:a0:ca:52:88:6e:2f:33:9c:dc:9d:19:3f:88:f6:
53:da:10:17:ca:93:5e:ca:58:e3:1a:64:80:7a:6a:4d:e4:8b:
57:92:9a:ea:9a:bf:91:80:da:d6:66:fb:48:8d:27:f0:60:f0:
c3:d5:1f:39:38:2c:b0:40:04:21:e7:c6:cd:16:c5:c0:10:4f:
16:21:fb:16:1e:7e:20:bc:8d:54:64:54:10:65:86:22:1c:1a:
bd:c0:e0:57:3b:4f:75:e9:50:56:1d:60:06:75:e4:4d:d9:25:
ac:83:4c:d0:80:06:94:98:3d:44:b7:19:bc:46:fb:21:b8:61:
b5:ae:f3:a2:33:c0:49:5a:63:c6:d3:4d:5b:6a:68:c5:ab:58:
49:7e:ac:9e:b7:aa:b9:77:00:13:01:7f:ee:cf:86:28:7c:bb:
91:5b:ac:28:bf:7f:93:52:a8:a7:e3:30:d2:7f:a6:6b:e6:fc:
a4:2e:98:4e:c5:0b:cd:7d:99:cb:92:f7:5a:30:b3:82:7c:7e:
65:a1:f5:8e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUN2UHN7AAqP01Vg85hXw8IO9MXvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTUwNDNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxNDQ3MDkyNTg0ZTEyZTEwODdmNDBhYjJmZTIzMDgxNjM4MmUyYzZkNDk1
MzRkMGNlYzNiYTM3NzBjMmZhOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQJOIOdYRQy4lo901RnkzLFC++W5Psqf3CcQcuOG/UHq+414+JtlZvOQ2Cg
osWZD9GXaZy2wWs7jmTG3uTIisJkZHTdoDVY8qeyxUc6hU/b6jklkqEVMisSwwpJ
HjEe1hlIjIA9948Ltcoxxo952w7eexw2+0BT72HuA7Lmv4qcpfcvpE7C7aPlphXS
iGr9LxhO3RLGeiPfiv3qf+zstpmqZfwcz0uAXDH3KDKH2gTeF2c+CSHGcCUj3ccE
56pvPOG0v+RIuONyyC/g31+IIZBRjQcNeuX5TjihqrfgtMVUBMPQscApxMnNgd5W
N6ROCxwmKDDnIsMde+3LVPHOkx0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTnZpnu
8XTkRmz2e066RtESwO28ZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWRjYTAyZTYtMDNhNC00MjUxLWI2ZDMtNWM5NmQyMmFmN2NiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk99GDAN
BgkqhkiG9w0BAQsFAAOCAQEAHuh8RXawy5h9LmArc++eJoT8n35b1aZr3zCzEvtC
QTtXxI7FGZR0aI2sA3HbNlxtP/x2S0t4ET8aH6DKUohuLzOc3J0ZP4j2U9oQF8qT
XspY4xpkgHpqTeSLV5Ka6pq/kYDa1mb7SI0n8GDww9UfOTgssEAEIefGzRbFwBBP
FiH7Fh5+ILyNVGRUEGWGIhwavcDgVztPdelQVh1gBnXkTdklrINM0IAGlJg9RLcZ
vEb7Ibhhta7zojPASVpjxtNNW2poxatYSX6snrequXcAEwF/7s+GKHy7kVusKL9/
k1Kop+Mw0n+ma+b8pC6YTsULzX2Zy5L3WjCzgnx+ZaH1jg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:34:50 2026 by rpki-client