Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa
File: 83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa (raw, json)
Hash identifier: NGCVWpby5S5j4Bh/ozoDevcOB93rytkDJl/DnNxH1b0=
Subject key identifier: 3B:CE:05:D5:3A:DE:CF:7D:61:88:06:2E:F5:43:7E:8A:4F:02:46:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63F8745735A4F90C7C9CC36F0A3F937AA3C5956E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa
Signing time: Sun 01 Mar 2026 00:00:37 +0000
ROA not before: Sun 01 Mar 2026 00:00:37 +0000
ROA not after: Sat 30 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:f8:74:57:35:a4:f9:0c:7c:9c:c3:6f:0a:3f:93:7a:a3:c5:95:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 1 00:00:37 2026 GMT
Not After : May 30 23:59:59 2026 GMT
Subject: serialNumber=c0e6e7c337b29df56d2c689e8e76bf83823e844064f3d06ba2daeed92f758681, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3e:97:fe:69:23:30:54:13:c2:ea:52:44:c1:
fb:91:2e:27:7d:39:5b:99:9f:38:96:b1:95:1c:34:
6c:2d:ee:92:8f:bf:33:09:96:9b:6d:5c:58:97:b1:
2e:1e:fc:8d:85:06:aa:57:67:32:11:a2:6d:09:38:
b6:89:68:40:04:de:a4:62:16:b7:6b:e8:de:d7:5b:
86:60:7b:03:18:45:2a:ea:d3:a7:bf:bd:7c:38:1c:
58:15:d8:45:13:e2:ac:22:1c:e9:5b:6c:a1:e8:34:
b3:58:3c:ea:a2:0e:c4:b4:fc:25:a9:b9:4c:ec:1b:
07:5a:41:35:7d:e3:4c:82:2b:92:83:52:2c:f7:4b:
00:04:d9:d3:64:08:04:8c:0c:90:a3:62:70:25:54:
0f:ef:24:d8:d3:87:e1:bb:7f:e7:da:40:5a:d2:70:
58:63:bc:fe:af:a7:ef:87:5a:39:20:49:28:cc:44:
dd:e8:18:be:69:de:17:15:99:36:6a:01:6a:63:c2:
32:bc:e8:26:09:9e:4e:68:ad:21:57:ff:24:d4:b2:
b1:c0:47:af:e7:76:e7:14:9b:e5:3c:bd:e6:b8:8d:
13:06:88:e4:32:22:54:84:57:c1:ec:6a:4f:81:a0:
22:10:c1:36:7f:4a:00:e7:81:ce:d5:9d:a6:e5:50:
01:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CE:05:D5:3A:DE:CF:7D:61:88:06:2E:F5:43:7E:8A:4F:02:46:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83509a5e-2ad7-421b-90ef-fcdfda3fdfc7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/18
Signature Algorithm: sha256WithRSAEncryption
c5:95:04:0b:f7:c9:e6:08:18:c5:3a:cf:11:c1:72:19:86:45:
42:1d:13:c8:b8:f6:3d:2a:18:29:f2:80:1d:ca:af:fd:61:02:
20:79:f5:fe:5e:51:9f:b5:74:ad:c4:96:50:a9:38:1d:3a:8b:
28:a0:20:12:d1:1c:53:94:c0:cd:f5:8d:12:ec:8c:35:35:25:
cf:6d:34:b5:35:53:46:44:f3:be:1f:ed:ff:89:03:7f:35:12:
82:6f:eb:74:36:8e:cb:4a:61:07:a0:b2:e8:83:d1:d3:c1:93:
fd:6f:e4:f9:19:6b:dd:2c:4c:0a:05:a5:ab:d8:a3:39:43:da:
f8:98:ac:38:43:c9:c9:ac:03:eb:6e:ac:35:f4:68:2e:35:d7:
50:77:77:34:7c:81:9d:95:7d:4f:c0:72:54:76:81:ba:d9:60:
b1:31:3a:38:80:0f:69:94:42:83:7a:7b:62:7f:ae:98:ca:bf:
56:47:76:be:f0:8c:69:aa:42:2b:88:6b:a6:f6:68:00:ae:c1:
ff:41:01:ee:b1:9a:f8:c4:5d:f9:89:3d:26:ff:29:7c:0c:bf:
dc:09:cd:d0:8c:8c:e5:9b:44:58:1d:77:cd:c8:ef:8c:6a:63:
72:f4:b2:9f:aa:48:e2:2d:e7:92:fa:85:44:68:c5:30:78:15:
a1:10:f1:ef
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUY/h0VzWk+Qx8nMNvCj+TeqPFlW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMDEwMDAwMzdaFw0yNjA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwZTZlN2MzMzdiMjlkZjU2ZDJjNjg5ZThlNzZiZjgzODIzZTg0NDA2NGYz
ZDA2YmEyZGFlZWQ5MmY3NTg2ODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALk+l/5pIzBUE8LqUkTB+5EuJ305W5mfOJaxlRw0bC3uko+/MwmWm21cWJex
Lh78jYUGqldnMhGibQk4toloQATepGIWt2vo3tdbhmB7AxhFKurTp7+9fDgcWBXY
RRPirCIc6Vtsoeg0s1g86qIOxLT8Jam5TOwbB1pBNX3jTIIrkoNSLPdLAATZ02QI
BIwMkKNicCVUD+8k2NOH4bt/59pAWtJwWGO8/q+n74daOSBJKMxE3egYvmneFxWZ
NmoBamPCMrzoJgmeTmitIVf/JNSyscBHr+d25xSb5Ty95riNEwaI5DIiVIRXwexq
T4GgIhDBNn9KAOeBztWdpuVQAZcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ7zgXV
Ot7PfWGIBi71Q36KTwJGzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODM1MDlhNWUtMmFkNy00MjFiLTkwZWYtZmNkZmRhM2ZkZmM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBk99ADAN
BgkqhkiG9w0BAQsFAAOCAQEAxZUEC/fJ5ggYxTrPEcFyGYZFQh0TyLj2PSoYKfKA
Hcqv/WECIHn1/l5Rn7V0rcSWUKk4HTqLKKAgEtEcU5TAzfWNEuyMNTUlz200tTVT
RkTzvh/t/4kDfzUSgm/rdDaOy0phB6Cy6IPR08GT/W/k+Rlr3SxMCgWlq9ijOUPa
+JisOEPJyawD626sNfRoLjXXUHd3NHyBnZV9T8ByVHaButlgsTE6OIAPaZRCg3p7
Yn+umMq/Vkd2vvCMaapCK4hrpvZoAK7B/0EB7rGa+MRd+Yk9Jv8pfAy/3AnN0IyM
5ZtEWB13zcjvjGpjcvSyn6pI4i3nkvqFRGjFMHgVoRDx7w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:14 2026 by rpki-client