Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/56bed115-4b3f-4354-a667-3c8f4273b676.roa
File: 56bed115-4b3f-4354-a667-3c8f4273b676.roa (raw, json)
Hash identifier: qBrpD4Q/eLF2e0fSyIoWqDjoUtz3x+noYLOfGSq9+1U=
Subject key identifier: 6C:85:FF:2D:AF:80:E5:64:33:C5:EA:43:F0:CD:C6:B7:75:37:67:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 289AC063C42E647A92359CE25495261B7531E5E6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/56bed115-4b3f-4354-a667-3c8f4273b676.roa
Signing time: Sun 31 May 2026 01:00:10 +0000
ROA not before: Sun 31 May 2026 01:00:10 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:9a:c0:63:c4:2e:64:7a:92:35:9c:e2:54:95:26:1b:75:31:e5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:00:10 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=9ad18476d495c66ea7194f5420ea2c6e2f939f7303ec871e07d1b936ebce624c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1d:e2:23:bd:1f:5d:86:1d:19:6a:e9:c3:ea:
38:c4:48:2e:f9:ed:9f:a3:cb:3a:ff:e6:b1:ae:94:
53:f7:d4:ed:da:ab:4a:74:b4:18:01:fd:61:83:a6:
d3:4b:80:cf:5a:d3:9b:52:80:54:34:96:b4:c9:3b:
1e:cc:df:05:59:c1:50:b5:87:47:b1:2c:29:d4:b4:
bc:3c:38:71:a9:60:2a:30:a7:d4:f5:53:a6:df:2e:
a6:2f:6b:bb:f0:64:88:32:32:23:ba:49:00:dc:c3:
e9:f8:8c:22:7c:78:05:2d:0d:a7:b5:ae:c7:26:b1:
08:9b:ca:36:5b:f6:8e:76:f3:0c:f4:a2:1c:59:ad:
62:73:07:68:a6:95:a8:f5:a5:a2:d5:96:91:a5:25:
3d:95:62:e4:2d:79:3b:64:83:04:f0:74:45:71:d3:
ba:51:23:9e:61:2d:a2:b8:99:57:7d:97:5e:b0:52:
e3:db:86:a3:85:e0:8a:63:93:fe:4c:c5:ae:bf:26:
4b:5b:66:4a:56:fc:5d:eb:a8:3f:0f:a4:29:dc:22:
41:8c:32:45:a0:2e:28:97:f1:d6:97:16:b8:65:d2:
af:33:ac:61:9e:e1:77:3a:6a:24:8d:f6:c2:b5:39:
d7:f4:3e:81:f3:70:38:a9:09:50:16:cc:a6:7c:ab:
fe:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:85:FF:2D:AF:80:E5:64:33:C5:EA:43:F0:CD:C6:B7:75:37:67:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/56bed115-4b3f-4354-a667-3c8f4273b676.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:840::/48
Signature Algorithm: sha256WithRSAEncryption
01:b6:d0:66:c3:fa:db:e4:be:7e:3d:48:d6:e2:f4:c8:d5:98:
6e:7e:a3:ce:3b:f2:e3:aa:e8:5c:1f:59:46:38:c3:1f:8b:e9:
a3:0a:09:74:85:8f:3b:c9:8d:7b:c4:65:a9:3c:ae:64:f6:26:
1b:af:4b:97:4c:48:aa:0c:ae:e6:f7:84:4b:10:ed:36:36:16:
89:6a:16:b7:b9:64:d7:d5:e0:cb:43:a2:db:6f:4a:3b:6b:0b:
bd:e8:a2:29:48:27:40:54:57:cd:79:40:8d:43:ab:45:44:1a:
d0:4b:f3:49:94:64:f9:4e:03:c2:ac:f5:fb:35:48:be:f0:ff:
de:20:11:f5:f8:65:a8:0a:c6:7c:e0:4e:d8:b2:36:5e:25:01:
81:0c:8b:3c:1e:20:e7:a6:6c:08:d1:09:22:d7:7c:ab:ec:9f:
22:fd:a7:d0:17:de:f6:a4:c2:e4:df:85:69:19:2e:a0:89:83:
80:b9:94:8e:8e:d1:fd:23:01:6e:fb:bd:b9:05:87:83:2c:6f:
c8:a9:23:32:40:a8:e6:4e:e1:76:44:a7:9b:6a:fb:14:e6:5b:
28:c1:d0:54:c4:89:5a:f4:69:9c:fb:64:82:47:ec:38:e7:66:
f1:db:eb:13:eb:bc:53:ac:af:c2:66:62:6f:42:b0:10:d8:57:
30:7a:b1:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKJrAY8QuZHqSNZziVJUmG3Ux5eYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTAwMTBaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhZDE4NDc2ZDQ5NWM2NmVhNzE5NGY1NDIwZWEyYzZlMmY5MzlmNzMwM2Vj
ODcxZTA3ZDFiOTM2ZWJjZTYyNGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8d4iO9H12GHRlq6cPqOMRILvntn6PLOv/msa6UU/fU7dqrSnS0GAH9YYOm
00uAz1rTm1KAVDSWtMk7HszfBVnBULWHR7EsKdS0vDw4calgKjCn1PVTpt8upi9r
u/BkiDIyI7pJANzD6fiMInx4BS0Np7WuxyaxCJvKNlv2jnbzDPSiHFmtYnMHaKaV
qPWlotWWkaUlPZVi5C15O2SDBPB0RXHTulEjnmEtoriZV32XXrBS49uGo4XgimOT
/kzFrr8mS1tmSlb8XeuoPw+kKdwiQYwyRaAuKJfx1pcWuGXSrzOsYZ7hdzpqJI32
wrU51/Q+gfNwOKkJUBbMpnyr/lUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRshf8t
r4DlZDPF6kPwzca3dTdnKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTZiZWQxMTUtNGIzZi00MzU0LWE2NjctM2M4ZjQyNzNiNjc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H0I
QDANBgkqhkiG9w0BAQsFAAOCAQEAAbbQZsP62+S+fj1I1uL0yNWYbn6jzjvy46ro
XB9ZRjjDH4vpowoJdIWPO8mNe8RlqTyuZPYmG69Ll0xIqgyu5veESxDtNjYWiWoW
t7lk19Xgy0Oi229KO2sLveiiKUgnQFRXzXlAjUOrRUQa0EvzSZRk+U4Dwqz1+zVI
vvD/3iAR9fhlqArGfOBO2LI2XiUBgQyLPB4g56ZsCNEJItd8q+yfIv2n0Bfe9qTC
5N+FaRkuoImDgLmUjo7R/SMBbvu9uQWHgyxvyKkjMkCo5k7hdkSnm2r7FOZbKMHQ
VMSJWvRpnPtkgkfsOOdm8dvrE+u8U6yvwmZib0KwENhXMHqxrg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:17 2026 by rpki-client