Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa
File: bfae711e-b0c4-404f-be1f-a99990818ac6.roa (raw, json)
Hash identifier: NUOoNSoeRHQMIzQNDCXwKyCAayB7IPHgylFQRzC3wG4=
Subject key identifier: 63:18:05:66:49:ED:54:1C:27:63:45:14:1B:36:F3:C4:12:BC:43:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02997B1F985354668F91D7D5204AE3135C2C9726
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa
Signing time: Tue 19 May 2026 05:30:12 +0000
ROA not before: Tue 19 May 2026 05:30:12 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:99:7b:1f:98:53:54:66:8f:91:d7:d5:20:4a:e3:13:5c:2c:97:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:12 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=2c6e08b953bc5b183bbeaee825a4d3b19da9eeefd59550ba7478bd5302fe54be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0a:ff:3d:81:2d:5f:b8:81:c7:bf:14:7e:dc:
b0:0d:a4:20:6b:f6:66:b3:3d:9a:ff:8e:5f:46:36:
f3:74:bc:73:00:78:5b:46:38:32:da:91:6a:43:97:
a9:86:63:d4:60:04:1b:50:eb:9c:69:3c:38:e6:c6:
61:a0:cf:2b:de:a3:3a:85:a9:99:0b:7f:e3:fb:a5:
44:05:3e:4b:1d:4d:6d:d3:a5:3b:a3:68:1b:cd:23:
fa:c3:3f:9c:6d:86:72:53:e3:5b:1d:8b:4f:e6:e4:
ac:28:8d:4d:b6:86:50:59:45:83:e2:8f:5b:2c:ff:
0c:bb:f6:dc:6a:02:41:22:89:3b:ec:72:25:0c:6b:
7b:5a:d9:64:5b:dd:73:6e:b0:7a:c8:1e:d1:90:c3:
19:99:14:9f:29:6b:dc:05:dc:0e:cf:c4:75:81:92:
b8:84:7b:10:68:52:d3:0a:90:a5:aa:b4:92:94:47:
fa:f7:88:e0:9c:ac:dd:98:67:c5:50:7b:b2:01:26:
91:c3:79:86:74:6d:f3:b1:3d:c0:28:27:8e:0d:c6:
38:f1:3a:8e:31:68:45:94:26:0e:c5:4a:14:39:1d:
20:63:1e:87:03:7d:e8:c1:d5:74:6c:57:e8:b2:1d:
7d:84:29:e1:be:47:a1:25:50:e8:84:7c:fb:46:36:
6c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:18:05:66:49:ED:54:1C:27:63:45:14:1B:36:F3:C4:12:BC:43:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bfae711e-b0c4-404f-be1f-a99990818ac6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:8d:41:20:1f:aa:3f:48:0c:16:b7:c7:09:15:5f:7b:02:47:
b0:5a:9d:57:70:7f:d6:9a:f7:57:1c:f0:f8:e3:ba:a6:01:2e:
ac:f4:ce:b3:ba:ca:cd:d6:8c:0a:d0:9a:ea:22:ac:39:46:c1:
98:81:46:fd:8a:98:69:c4:4b:b9:cc:a5:53:8d:41:ec:2b:fc:
0a:7f:2d:d1:33:54:e3:d5:67:c0:77:a2:93:b8:df:b0:08:4c:
24:97:47:a5:44:6f:da:e6:22:fc:cf:b4:60:d6:4c:08:4a:a8:
2d:95:16:84:c3:fa:94:8b:f9:ef:50:1e:22:b3:28:a0:44:a1:
87:bd:bf:81:7a:21:cb:09:12:5b:62:14:e7:25:cc:f2:2e:8c:
18:21:df:a0:ad:47:e9:9d:55:12:ec:b9:ad:65:48:e8:b0:06:
4a:cf:6a:09:1f:12:7a:4e:56:4c:d5:67:a6:18:9c:b5:c0:4d:
f1:03:37:a7:9f:8e:a8:07:fe:36:e0:ba:9f:1f:0d:bc:9c:1b:
07:1c:2e:ab:98:3f:6d:09:e4:92:4b:f6:90:eb:5c:64:7c:70:
1c:52:7f:a0:0f:ae:6a:59:a1:db:e7:b4:fd:ea:68:5d:2c:d3:
ae:89:02:76:02:2f:85:51:5e:3f:53:b4:71:c8:17:3c:d3:d3:
96:8f:82:16
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUApl7H5hTVGaPkdfVIErjE1wslyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwMTJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjNmUwOGI5NTNiYzViMTgzYmJlYWVlODI1YTRkM2IxOWRhOWVlZWZkNTk1
NTBiYTc0NzhiZDUzMDJmZTU0YmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0K/z2BLV+4gce/FH7csA2kIGv2ZrM9mv+OX0Y283S8cwB4W0Y4MtqRakOX
qYZj1GAEG1DrnGk8OObGYaDPK96jOoWpmQt/4/ulRAU+Sx1NbdOlO6NoG80j+sM/
nG2GclPjWx2LT+bkrCiNTbaGUFlFg+KPWyz/DLv23GoCQSKJO+xyJQxre1rZZFvd
c26wesge0ZDDGZkUnylr3AXcDs/EdYGSuIR7EGhS0wqQpaq0kpRH+veI4Jys3Zhn
xVB7sgEmkcN5hnRt87E9wCgnjg3GOPE6jjFoRZQmDsVKFDkdIGMehwN96MHVdGxX
6LIdfYQp4b5HoSVQ6IR8+0Y2bGECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRjGAVm
Se1UHCdjRRQbNvPEErxDJzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmZhZTcxMWUtYjBjNC00MDRmLWJlMWYtYTk5OTkwODE4YWM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAU99ADAN
BgkqhkiG9w0BAQsFAAOCAQEAb41BIB+qP0gMFrfHCRVfewJHsFqdV3B/1pr3Vxzw
+OO6pgEurPTOs7rKzdaMCtCa6iKsOUbBmIFG/YqYacRLucylU41B7Cv8Cn8t0TNU
49VnwHeik7jfsAhMJJdHpURv2uYi/M+0YNZMCEqoLZUWhMP6lIv571AeIrMooESh
h72/gXohywkSW2IU5yXM8i6MGCHfoK1H6Z1VEuy5rWVI6LAGSs9qCR8Sek5WTNVn
phictcBN8QM3p5+OqAf+NuC6nx8NvJwbBxwuq5g/bQnkkkv2kOtcZHxwHFJ/oA+u
almh2+e0/epoXSzTrokCdgIvhVFeP1O0ccgXPNPTlo+CFg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:34:03 2026 by rpki-client