Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
File: ec82a459-cf20-418a-8b9d-03c08dc90b73.roa (raw, json)
Hash identifier: j3MiCrkgAWhsUeltWTH0RTJciH8HD+uIqMKTX/CGIPM=
Subject key identifier: 02:11:39:39:E2:C3:E6:E5:5E:A8:8A:8E:CB:7B:86:B5:0D:65:47:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41DD9AB6318DECE0C1263C76ED3D313BF2412E95
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
Signing time: Sat 28 Feb 2026 05:31:12 +0000
ROA not before: Sat 28 Feb 2026 05:31:12 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:dd:9a:b6:31:8d:ec:e0:c1:26:3c:76:ed:3d:31:3b:f2:41:2e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 05:31:12 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=5712e4cc1788ad4a7b4b466d607cb964cad61fbf16e067d89ab4ed56261c6735, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2c:56:98:74:9e:1f:73:e2:a7:69:ab:25:96:
52:1e:de:96:9b:5d:0d:cb:61:f7:6a:c3:ab:61:4c:
e3:c6:4c:93:b3:cd:96:cd:00:8d:bd:ab:02:00:4f:
1f:52:33:26:8f:d0:7a:b2:a4:a8:99:bd:fc:67:58:
fc:db:89:a9:d7:87:9b:ff:36:9e:a7:dc:84:ee:38:
95:e3:99:5e:ca:1f:c9:23:fa:7e:df:3f:98:e9:d2:
6b:81:1d:e3:7b:54:f3:0b:a9:d4:9c:ac:69:fe:84:
f6:ab:b7:5b:8c:cb:93:9d:d3:9c:55:cd:f2:3c:9b:
3f:78:23:88:f7:9e:6a:d6:3b:05:0b:dc:33:3e:77:
f1:08:e5:02:e6:77:97:f5:b7:61:b9:8e:60:69:7e:
90:52:fe:30:de:f8:d0:b9:04:af:e5:7d:fa:62:d8:
e0:e1:34:8e:3c:c6:30:42:8c:46:b3:72:cb:85:8c:
c5:e0:2c:98:75:1f:c4:87:63:ea:cf:da:8d:b9:d8:
76:8d:d7:eb:a2:73:4d:ab:66:0b:3b:aa:08:df:ef:
aa:38:9c:e0:7f:41:df:4d:46:b2:fb:da:00:ba:c6:
6c:66:22:c5:51:af:6d:30:36:f0:e0:4c:be:8e:be:
f6:1e:b7:49:1f:ee:46:81:f0:e9:d3:7c:28:3b:29:
d2:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:11:39:39:E2:C3:E6:E5:5E:A8:8A:8E:CB:7B:86:B5:0D:65:47:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.3.0/24
Signature Algorithm: sha256WithRSAEncryption
58:a2:fb:b8:17:79:4e:da:fa:5c:72:20:87:6d:8f:24:3e:07:
e1:09:49:57:f0:c2:82:eb:df:de:52:08:7c:d0:ba:43:95:ef:
70:1d:5e:7b:25:53:40:20:d9:fe:74:cc:2d:0d:31:81:c5:77:
65:6c:1a:8b:6c:67:e0:38:7d:a4:ea:e9:2a:a5:b3:ff:c8:67:
e9:91:27:91:7f:0b:78:d3:02:de:e9:7e:8e:24:5b:a6:f2:90:
b9:ee:53:06:ad:f9:15:af:bf:6a:1f:52:5a:bf:ff:21:47:fa:
5a:ea:96:83:9d:fa:49:65:39:12:ca:57:05:07:6f:62:7f:a6:
11:54:27:0b:c2:3c:f6:b0:c8:1b:5a:f4:45:c4:18:14:dc:a5:
52:a8:94:9e:e7:97:1a:8e:84:a2:83:18:a4:c2:42:23:66:f8:
48:66:ea:81:87:9c:98:b1:ea:5f:b3:76:39:df:01:64:76:b0:
3b:5f:f5:79:20:da:b6:3d:b3:2d:0b:8f:b1:11:c1:83:e0:6b:
8e:8e:74:01:4e:c8:d1:ad:25:72:34:14:0e:0c:e1:1e:a9:b4:
b7:ec:8f:60:dd:cf:98:3d:43:c6:44:b5:03:ba:0e:7f:19:c8:
1d:75:1d:59:cf:b6:a2:79:85:4a:0b:9b:d8:5c:5d:cd:a3:8d:
05:ac:e1:80
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQd2atjGN7ODBJjx27T0xO/JBLpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNTMxMTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3MTJlNGNjMTc4OGFkNGE3YjRiNDY2ZDYwN2NiOTY0Y2FkNjFmYmYxNmUw
NjdkODlhYjRlZDU2MjYxYzY3MzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOcsVph0nh9z4qdpqyWWUh7elptdDcth92rDq2FM48ZMk7PNls0Ajb2rAgBP
H1IzJo/QerKkqJm9/GdY/NuJqdeHm/82nqfchO44leOZXsofySP6ft8/mOnSa4Ed
43tU8wup1Jysaf6E9qu3W4zLk53TnFXN8jybP3gjiPeeatY7BQvcMz538QjlAuZ3
l/W3YbmOYGl+kFL+MN740LkEr+V9+mLY4OE0jjzGMEKMRrNyy4WMxeAsmHUfxIdj
6s/ajbnYdo3X66JzTatmCzuqCN/vqjic4H9B301GsvvaALrGbGYixVGvbTA28OBM
vo6+9h63SR/uRoHw6dN8KDsp0qsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQCETk5
4sPm5V6oio7Le4a1DWVHkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM4MmE0NTktY2YyMC00MThhLThiOWQtMDNjMDhkYzkwYjczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE99AzAN
BgkqhkiG9w0BAQsFAAOCAQEAWKL7uBd5Ttr6XHIgh22PJD4H4QlJV/DCguvf3lII
fNC6Q5XvcB1eeyVTQCDZ/nTMLQ0xgcV3ZWwai2xn4Dh9pOrpKqWz/8hn6ZEnkX8L
eNMC3ul+jiRbpvKQue5TBq35Fa+/ah9SWr//IUf6WuqWg536SWU5EspXBQdvYn+m
EVQnC8I89rDIG1r0RcQYFNylUqiUnueXGo6EooMYpMJCI2b4SGbqgYecmLHqX7N2
Od8BZHawO1/1eSDatj2zLQuPsRHBg+Brjo50AU7I0a0lcjQUDgzhHqm0t+yPYN3P
mD1DxkS1A7oOfxnIHXUdWc+2onmFSgub2FxdzaONBazhgA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:27:33 2026 by rpki-client