Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
File: ec82a459-cf20-418a-8b9d-03c08dc90b73.roa (raw, json)
Hash identifier: EjqCb8pyfhBHXR3+6bTEYEqxr1uHW7BsHYC2knti1PE=
Subject key identifier: 50:66:7E:3A:14:5E:52:14:48:DD:3B:E4:09:C5:91:B0:DD:0A:FB:7E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B81FD962288EBB252222CCC10BCC52858BC418D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
Signing time: Tue 19 May 2026 04:50:40 +0000
ROA not before: Tue 19 May 2026 04:50:40 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:81:fd:96:22:88:eb:b2:52:22:2c:cc:10:bc:c5:28:58:bc:41:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:40 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=13cdbd0dc5d6a74f563a52efc4f9f7749bf522117b106aa28b1a7ed3aae3b5e6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:88:8e:2c:ac:ba:4b:73:04:d4:91:8d:84:ed:
eb:26:c9:0d:d2:74:f2:73:37:16:b4:35:78:ab:52:
19:89:d1:ee:87:06:73:3e:b9:bb:1d:6a:e6:7e:09:
6d:99:2e:23:16:5c:f7:15:63:4d:2d:0d:08:eb:b8:
83:76:66:dd:02:64:39:94:c1:a3:f4:c5:b2:31:7d:
4c:71:28:d0:b6:39:49:6e:56:4b:aa:a1:f3:b8:14:
53:f5:bf:18:ab:3f:09:7c:eb:54:2b:ab:d3:bf:e2:
2e:64:1c:0e:ec:79:9f:4c:48:90:01:8a:d0:57:4d:
f0:ab:32:3e:31:9b:5f:20:5d:56:5f:f2:2d:a9:1f:
a0:2d:f4:77:8f:36:8d:52:b5:7d:96:c1:3b:ec:4c:
57:45:ea:34:f1:fd:e6:26:3a:c6:b7:1c:db:c6:16:
a2:19:7d:9c:4c:bf:e5:8a:70:ff:0d:f1:0b:44:48:
3a:b9:94:7a:86:96:20:3c:77:8c:f8:d9:8d:34:5a:
02:49:81:de:f7:11:06:e9:e2:b5:00:6a:0b:fc:31:
f7:e0:67:53:36:33:ec:a1:f2:2b:51:c9:1b:40:a7:
23:cd:9f:8c:d5:2d:d2:a2:84:43:50:4a:82:cc:04:
76:14:b5:e7:31:59:7d:b6:2f:91:8a:b2:b5:90:ab:
d5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:66:7E:3A:14:5E:52:14:48:DD:3B:E4:09:C5:91:B0:DD:0A:FB:7E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ec82a459-cf20-418a-8b9d-03c08dc90b73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.3.0/24
Signature Algorithm: sha256WithRSAEncryption
34:4e:5c:f2:65:e5:6c:19:fe:18:fe:8e:60:92:e5:f3:90:35:
04:20:b3:83:72:23:1a:c4:c3:b7:ed:50:79:b7:0a:03:bc:1a:
aa:18:e1:0e:b6:46:c2:d9:6b:d4:55:dd:c4:25:c8:c7:6c:10:
5c:8b:d4:d3:81:35:2f:32:a4:d4:5a:51:30:f8:b9:eb:34:97:
44:4b:de:e1:dd:b2:bf:c8:6e:1b:ff:3a:25:0a:4b:d2:27:bb:
05:dc:69:db:74:1a:b7:f3:c6:45:76:7c:6f:a9:0a:95:7f:94:
cc:57:5d:c4:fa:5d:83:3d:15:dc:c6:e7:30:7d:fd:ae:f0:1f:
19:ec:2e:ef:f6:4e:7d:1d:8a:5c:9d:c7:a3:da:33:29:f1:c9:
97:bd:b8:06:51:bd:b1:9b:86:fd:f1:58:1b:3f:69:48:a6:9c:
7f:f7:5b:67:bc:76:6b:23:f2:41:f9:16:5b:99:ae:24:12:ce:
5f:ce:ff:a6:d0:8c:49:b9:a9:2b:2e:7e:4e:75:af:42:f3:57:
ee:7a:a7:c8:97:4b:47:2c:c4:ca:01:a1:ea:20:9d:06:1a:5e:
6e:00:13:47:28:56:2f:6b:e5:d7:1b:17:75:f9:d1:84:a1:1b:
4e:b5:6e:41:49:c9:95:21:26:03:77:39:d1:0a:2b:c4:c9:8b:
2c:0d:98:dc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUK4H9liKI67JSIizMELzFKFi8QY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwNDBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzY2RiZDBkYzVkNmE3NGY1NjNhNTJlZmM0ZjlmNzc0OWJmNTIyMTE3YjEw
NmFhMjhiMWE3ZWQzYWFlM2I1ZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOWIjiysuktzBNSRjYTt6ybJDdJ08nM3FrQ1eKtSGYnR7ocGcz65ux1q5n4J
bZkuIxZc9xVjTS0NCOu4g3Zm3QJkOZTBo/TFsjF9THEo0LY5SW5WS6qh87gUU/W/
GKs/CXzrVCur07/iLmQcDux5n0xIkAGK0FdN8KsyPjGbXyBdVl/yLakfoC30d482
jVK1fZbBO+xMV0XqNPH95iY6xrcc28YWohl9nEy/5Ypw/w3xC0RIOrmUeoaWIDx3
jPjZjTRaAkmB3vcRBunitQBqC/wx9+BnUzYz7KHyK1HJG0CnI82fjNUt0qKEQ1BK
gswEdhS15zFZfbYvkYqytZCr1ekCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRQZn46
FF5SFEjdO+QJxZGw3Qr7fjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWM4MmE0NTktY2YyMC00MThhLThiOWQtMDNjMDhkYzkwYjczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE99AzAN
BgkqhkiG9w0BAQsFAAOCAQEANE5c8mXlbBn+GP6OYJLl85A1BCCzg3IjGsTDt+1Q
ebcKA7waqhjhDrZGwtlr1FXdxCXIx2wQXIvU04E1LzKk1FpRMPi56zSXREve4d2y
v8huG/86JQpL0ie7Bdxp23Qat/PGRXZ8b6kKlX+UzFddxPpdgz0V3MbnMH39rvAf
Gewu7/ZOfR2KXJ3Ho9ozKfHJl724BlG9sZuG/fFYGz9pSKacf/dbZ7x2ayPyQfkW
W5muJBLOX87/ptCMSbmpKy5+TnWvQvNX7nqnyJdLRyzEygGh6iCdBhpebgATRyhW
L2vl1xsXdfnRhKEbTrVuQUnJlSEmA3c50QorxMmLLA2Y3A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:40 2026 by rpki-client