Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
File: 366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa (raw, json)
Hash identifier: 2xtcXTbOoPR4VUROMJWNKM8QB7kYo4g3aZnuRW4vbXM=
Subject key identifier: DB:95:20:C6:FA:EE:1B:0E:FC:35:0C:DC:0C:4D:67:79:1C:78:8E:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4888BFBCE5BD76E5BB346ADFAB349CBB5992EBD8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
Signing time: Fri 26 Sep 2025 18:41:02 +0000
ROA not before: Fri 26 Sep 2025 18:41:02 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:88:bf:bc:e5:bd:76:e5:bb:34:6a:df:ab:34:9c:bb:59:92:eb:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:41:02 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=408aa0d7d968269407a4e0875a96b6608319709ade126afebffe4e6b33bb0492, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:16:de:b6:03:60:3d:0f:f0:a2:40:ad:e3:0b:
a6:f4:4a:79:f4:4f:47:84:34:ab:49:6f:ee:04:91:
ac:c2:8d:37:46:0c:19:c3:ee:c9:f5:e1:51:19:b8:
6d:80:4c:04:ed:b8:be:56:6d:c6:ce:8e:a0:b3:a9:
1e:a8:ff:2f:6c:eb:76:2c:a9:48:bf:7c:6f:41:4c:
6e:4f:04:42:8f:be:0a:45:81:09:84:d5:65:b1:39:
2a:86:e9:4c:92:42:be:e8:a7:67:67:6e:a4:b3:db:
ad:9f:a0:75:21:f7:18:22:04:91:88:0a:a6:bb:db:
f4:c8:f4:ee:ad:3e:0b:7f:e2:a8:7d:97:44:0a:3b:
94:2b:0c:42:c2:a9:73:eb:a6:c3:17:dc:81:bd:04:
94:cf:a6:89:70:66:a2:ec:6f:ff:a3:da:6f:dd:71:
09:36:4c:89:a8:93:69:dc:a2:78:1d:c5:9f:2a:b1:
b2:a3:17:e1:05:f5:47:93:21:50:5a:7c:cb:b2:7d:
9b:b6:ca:43:e7:02:5e:ba:00:81:84:4a:1d:a4:54:
4f:68:73:9e:95:88:59:2d:60:7a:38:21:5c:3a:04:
c0:c6:98:03:e5:40:e5:f1:7a:b6:19:6a:bd:6d:2c:
c4:4b:15:29:e9:7a:a8:71:d9:a8:63:1f:ff:6a:af:
ef:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:95:20:C6:FA:EE:1B:0E:FC:35:0C:DC:0C:4D:67:79:1C:78:8E:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4040::/48
Signature Algorithm: sha256WithRSAEncryption
45:23:07:6f:3d:02:c5:a2:67:c5:ee:17:bc:e6:f4:e5:3c:2d:
87:3b:4c:16:b4:bc:60:2b:5d:2b:9e:da:b6:37:83:83:04:dd:
71:d6:b7:5a:2f:95:33:49:97:c0:66:b1:f8:e7:73:1b:7d:d6:
58:25:a8:ac:07:39:95:c1:a1:47:f0:96:3c:b5:f1:aa:11:22:
56:cd:e7:53:73:20:29:03:6c:cf:f7:98:d4:6c:b5:d1:82:24:
bd:37:b8:5a:6c:60:2d:88:25:e4:d2:01:f3:21:3a:0f:91:db:
5d:7e:ac:67:3a:b3:66:9d:a4:f1:65:b0:a0:e9:55:d4:13:3d:
e8:cc:e9:67:8a:3e:12:b4:40:3b:61:ec:70:d8:09:97:dc:7d:
24:1f:47:d6:2e:c4:6f:fb:52:02:d7:eb:9e:61:c8:9b:08:21:
6c:df:80:37:65:78:09:fb:b7:59:78:bd:bd:79:76:fd:f2:ab:
0c:a2:75:7d:35:11:4a:02:11:d9:3d:54:0d:4c:dd:95:be:e9:
f3:99:be:87:42:ce:f0:3f:60:4f:1c:51:5f:77:69:46:38:e1:
0a:d7:7b:34:03:ee:37:4f:f4:f9:e6:36:6f:78:cc:79:6d:e2:
a7:e9:fc:f8:1c:7a:63:70:17:ac:5f:80:f0:4f:af:d2:5c:22:
fb:46:b3:4d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSIi/vOW9duW7NGrfqzScu1mS69gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQxMDJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwOGFhMGQ3ZDk2ODI2OTQwN2E0ZTA4NzVhOTZiNjYwODMxOTcwOWFkZTEy
NmFmZWJmZmU0ZTZiMzNiYjA0OTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYW3rYDYD0P8KJAreMLpvRKefRPR4Q0q0lv7gSRrMKNN0YMGcPuyfXhURm4
bYBMBO24vlZtxs6OoLOpHqj/L2zrdiypSL98b0FMbk8EQo++CkWBCYTVZbE5Kobp
TJJCvuinZ2dupLPbrZ+gdSH3GCIEkYgKprvb9Mj07q0+C3/iqH2XRAo7lCsMQsKp
c+umwxfcgb0ElM+miXBmouxv/6Pab91xCTZMiaiTadyieB3FnyqxsqMX4QX1R5Mh
UFp8y7J9m7bKQ+cCXroAgYRKHaRUT2hznpWIWS1gejghXDoEwMaYA+VA5fF6thlq
vW0sxEsVKel6qHHZqGMf/2qv74cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTblSDG
+u4bDvw1DNwMTWd5HHiO+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzY2YzM4MGYtN2YzYy00OTFmLWE3Y2ItYmZmYzYyYWVkMWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
QDANBgkqhkiG9w0BAQsFAAOCAQEARSMHbz0CxaJnxe4XvOb05TwthztMFrS8YCtd
K57atjeDgwTdcda3Wi+VM0mXwGax+OdzG33WWCWorAc5lcGhR/CWPLXxqhEiVs3n
U3MgKQNsz/eY1Gy10YIkvTe4WmxgLYgl5NIB8yE6D5HbXX6sZzqzZp2k8WWwoOlV
1BM96MzpZ4o+ErRAO2HscNgJl9x9JB9H1i7Eb/tSAtfrnmHImwghbN+AN2V4Cfu3
WXi9vXl2/fKrDKJ1fTURSgIR2T1UDUzdlb7p85m+h0LO8D9gTxxRX3dpRjjhCtd7
NAPuN0/0+eY2b3jMeW3ip+n8+Bx6Y3AXrF+A8E+v0lwi+0azTQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:53:10 2025 by rpki-client