Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
File: c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa (raw, json)
Hash identifier: 9P1JFRDumJDBlffry/O3RdvfgiqNCSpXu5V7jU2J/28=
Subject key identifier: 9B:AF:00:F7:33:5D:64:A4:63:8A:0F:00:95:6D:08:44:CC:56:70:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 119D38A416391E6F2A1205BEB54F37F28904705E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
Signing time: Wed 20 May 2026 00:00:04 +0000
ROA not before: Wed 20 May 2026 00:00:04 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:9d:38:a4:16:39:1e:6f:2a:12:05:be:b5:4f:37:f2:89:04:70:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 00:00:04 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=583aa6851b0bfa1699269fa5f0656ae1cbfd6780ee3b93c62cde741b538fb170, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:32:1e:27:7a:a5:d5:e0:38:7d:87:1a:a1:af:
bc:fa:64:81:44:7b:4d:02:7b:65:8b:0f:d6:b5:1d:
46:23:a6:57:56:12:58:92:bc:6b:cd:dd:6b:84:a0:
24:34:39:c9:10:2c:19:44:7b:15:07:ee:3e:60:ff:
c9:94:6b:3c:10:a2:60:d9:86:29:7d:4a:d8:42:75:
4b:88:66:15:9a:56:d7:f7:65:c9:cb:ca:cd:7f:19:
8a:0e:33:b8:dc:ce:04:64:4f:6a:09:46:77:18:71:
09:49:1d:5a:f9:fe:80:3d:3b:4a:76:25:29:25:30:
7f:c4:6e:76:c2:4d:0d:13:e7:30:8d:36:f5:8a:90:
03:99:50:13:21:ad:a9:1d:b5:49:5a:34:c3:c6:34:
e4:20:a2:32:c2:a8:b9:70:22:7e:a0:b4:e5:35:89:
cb:f4:2f:95:49:f4:49:dd:cb:21:df:3a:c7:c5:e1:
e8:97:f9:30:90:71:9b:85:5d:78:70:e6:3f:79:c4:
4a:1e:39:f5:cc:d7:80:c6:09:56:9f:17:00:eb:cc:
e0:ba:4d:c7:f7:45:51:c5:c0:c7:c5:f2:1a:5d:f6:
57:bf:fb:21:67:f7:e7:05:8e:53:94:69:83:0b:d4:
42:cc:20:b5:46:47:1f:e5:bb:18:3d:ee:01:51:fa:
aa:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:AF:00:F7:33:5D:64:A4:63:8A:0F:00:95:6D:08:44:CC:56:70:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4fedc04-24e0-41dc-a1f8-3bacae3d6615.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.32.0/19
Signature Algorithm: sha256WithRSAEncryption
67:a4:6b:bf:da:63:91:3d:72:df:b0:cc:d8:9d:95:de:64:46:
52:91:98:1f:ec:a5:dc:ab:df:2b:a6:53:a0:7f:05:38:98:ba:
35:f4:21:0c:0c:15:dd:a9:c0:ca:bf:bd:ab:8f:58:9d:90:ae:
0b:69:03:38:ac:f1:0a:ed:47:78:f1:20:65:7b:eb:b9:bb:1a:
6a:32:12:85:f7:96:fa:d7:c6:b5:a7:3a:ab:bf:f3:89:e9:f6:
91:31:d3:28:14:0e:09:4c:3a:ea:b9:c0:24:d1:94:0f:59:75:
bf:fc:77:01:b3:8c:4d:c4:a6:93:49:9a:16:4f:30:1f:2f:3e:
27:96:29:ba:3f:06:43:e2:52:0d:a7:2f:a3:76:23:da:7e:c0:
78:79:a8:44:5d:c6:da:13:ce:47:bc:cc:ab:81:05:24:f3:ef:
79:7c:3d:57:ce:f5:cc:56:03:54:e0:af:c3:a8:cb:7e:6f:a8:
b7:be:bf:81:f6:3c:9d:eb:19:dc:be:b0:f9:9e:38:3a:ee:63:
41:19:da:5b:8d:03:40:65:96:30:a4:0a:db:7a:36:fc:55:6f:
29:fe:ce:37:dc:b0:a7:2f:46:c0:60:44:bf:c1:9e:6d:e3:d1:
0d:8b:ad:b9:a2:7e:bd:38:72:77:11:12:c7:e4:0a:2a:3c:4b:
03:be:c9:e3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEZ04pBY5Hm8qEgW+tU838okEcF4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjAwMDAwMDRaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4M2FhNjg1MWIwYmZhMTY5OTI2OWZhNWYwNjU2YWUxY2JmZDY3ODBlZTNi
OTNjNjJjZGU3NDFiNTM4ZmIxNzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPgyHid6pdXgOH2HGqGvvPpkgUR7TQJ7ZYsP1rUdRiOmV1YSWJK8a83da4Sg
JDQ5yRAsGUR7FQfuPmD/yZRrPBCiYNmGKX1K2EJ1S4hmFZpW1/dlycvKzX8Zig4z
uNzOBGRPaglGdxhxCUkdWvn+gD07SnYlKSUwf8RudsJNDRPnMI029YqQA5lQEyGt
qR21SVo0w8Y05CCiMsKouXAifqC05TWJy/QvlUn0Sd3LId86x8Xh6Jf5MJBxm4Vd
eHDmP3nESh459czXgMYJVp8XAOvM4LpNx/dFUcXAx8XyGl32V7/7IWf35wWOU5Rp
gwvUQswgtUZHH+W7GD3uAVH6qiECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSbrwD3
M11kpGOKDwCVbQhEzFZwejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzRmZWRjMDQtMjRlMC00MWRjLWExZjgtM2JhY2FlM2Q2NjE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBU99IDAN
BgkqhkiG9w0BAQsFAAOCAQEAZ6Rrv9pjkT1y37DM2J2V3mRGUpGYH+yl3KvfK6ZT
oH8FOJi6NfQhDAwV3anAyr+9q49YnZCuC2kDOKzxCu1HePEgZXvrubsaajIShfeW
+tfGtac6q7/zien2kTHTKBQOCUw66rnAJNGUD1l1v/x3AbOMTcSmk0maFk8wHy8+
J5Ypuj8GQ+JSDacvo3Yj2n7AeHmoRF3G2hPOR7zMq4EFJPPveXw9V871zFYDVOCv
w6jLfm+ot76/gfY8nesZ3L6w+Z44Ou5jQRnaW40DQGWWMKQK23o2/FVvKf7ON9yw
py9GwGBEv8GebePRDYutuaJ+vThydxESx+QKKjxLA77J4w==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:26 2026 by rpki-client