Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
File: 366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa (raw, json)
Hash identifier: /u/dwKTmI2WokK/ZKP/sTQIvaHxNmQSJBW8ndC344VM=
Subject key identifier: 24:D5:15:5A:DD:95:AC:5C:76:3D:88:BE:FD:60:88:54:6E:BF:F3:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A962A1F5B67B807869CA277ED1C33FE3AD6AC1C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
Signing time: Tue 05 Aug 2025 18:50:39 +0000
ROA not before: Tue 05 Aug 2025 18:50:39 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:96:2a:1f:5b:67:b8:07:86:9c:a2:77:ed:1c:33:fe:3a:d6:ac:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:50:39 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=6171ded42e6b7431b46c9f461437a573fd37a9269147cddcbe6effb714f04f84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:61:28:5c:0c:57:33:d1:ca:35:ca:e2:ac:9c:
4b:a2:f6:12:e6:1b:ea:a6:4e:0c:6c:1c:d4:26:43:
58:d4:15:f4:a2:c5:28:08:3c:d2:4c:26:5a:bf:4e:
b2:cd:39:81:21:cc:c5:f4:d6:26:e9:87:90:90:fe:
83:77:fa:3b:64:c8:1c:3e:83:c1:5c:9a:78:22:66:
42:52:ec:ae:4d:c6:91:cc:46:ec:72:19:d2:c8:e6:
70:58:cd:6e:de:3d:db:6b:13:b8:c0:fe:e9:23:69:
7e:8b:94:b4:71:45:08:69:4e:80:a8:54:5d:a4:67:
01:05:fc:cb:6d:f4:a8:d1:49:58:13:e3:5f:e0:14:
74:f4:f7:6b:c2:9d:db:2a:1d:ad:d5:10:07:6c:45:
1c:15:bc:42:75:e8:28:8b:5c:6a:97:63:38:e8:cd:
a3:19:5e:f9:22:6f:76:04:14:f4:ca:f0:db:57:2e:
10:37:eb:7e:c4:cd:c6:24:a5:7f:31:21:20:07:80:
0f:f1:53:07:d7:6a:88:c2:b0:df:97:69:3f:3c:b1:
96:45:e6:75:4a:fe:60:f8:a8:a4:84:ba:29:8a:13:
a7:cf:d2:6e:05:56:aa:ab:cb:50:36:f0:fa:1a:9c:
a7:84:b3:fe:c0:15:24:44:f9:27:c9:75:ee:1f:93:
8e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D5:15:5A:DD:95:AC:5C:76:3D:88:BE:FD:60:88:54:6E:BF:F3:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4040::/48
Signature Algorithm: sha256WithRSAEncryption
48:db:b8:3f:42:e6:d1:bd:36:67:4c:10:79:f5:01:37:3c:03:
aa:6f:3f:54:cc:b9:a1:70:9a:8f:14:8e:32:c1:90:27:d2:a6:
eb:5f:e5:e5:be:5c:67:16:e2:3f:4a:48:01:a2:cb:b0:31:9e:
da:a7:7e:4f:51:f5:cb:a5:11:87:0c:69:ac:6b:22:4b:57:5c:
78:58:20:41:9a:3a:51:55:d3:7c:5c:60:8c:b8:c0:cd:5f:da:
be:4b:86:ea:ef:ab:b7:cb:1b:49:3b:ce:75:9e:7c:ff:8c:74:
ed:2a:c0:f1:ea:4a:13:11:84:09:9f:e0:c9:6c:b3:bf:61:9c:
4a:77:43:a1:06:fb:de:85:70:8e:5b:f0:bb:f0:31:2d:bc:f3:
62:16:9f:0d:7f:b8:07:d4:a2:43:96:6c:44:f7:83:f4:7b:f9:
c1:78:be:be:78:d3:c6:b1:6b:3a:00:3e:be:c5:aa:2e:4f:c2:
a4:8e:f3:f2:71:a4:dd:4e:d4:d5:a5:0c:ed:79:a7:14:ab:5b:
a2:b3:9e:31:6e:87:08:26:21:cb:f4:d9:0a:5a:2d:ac:53:72:
af:8d:5f:7b:74:61:f3:d0:d5:c0:8a:5a:0c:fc:c1:78:e5:eb:
81:c6:9f:60:c7:8f:f1:4d:cc:34:3c:0a:16:43:72:67:de:df:
c9:1a:a3:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKpYqH1tnuAeGnKJ37Rwz/jrWrBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUwMzlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxNzFkZWQ0MmU2Yjc0MzFiNDZjOWY0NjE0MzdhNTczZmQzN2E5MjY5MTQ3
Y2RkY2JlNmVmZmI3MTRmMDRmODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOxhKFwMVzPRyjXK4qycS6L2EuYb6qZODGwc1CZDWNQV9KLFKAg80kwmWr9O
ss05gSHMxfTWJumHkJD+g3f6O2TIHD6DwVyaeCJmQlLsrk3GkcxG7HIZ0sjmcFjN
bt4922sTuMD+6SNpfouUtHFFCGlOgKhUXaRnAQX8y230qNFJWBPjX+AUdPT3a8Kd
2yodrdUQB2xFHBW8QnXoKItcapdjOOjNoxle+SJvdgQU9Mrw21cuEDfrfsTNxiSl
fzEhIAeAD/FTB9dqiMKw35dpPzyxlkXmdUr+YPiopIS6KYoTp8/SbgVWqqvLUDbw
+hqcp4Sz/sAVJET5J8l17h+TjlkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQk1RVa
3ZWsXHY9iL79YIhUbr/zhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzY2YzM4MGYtN2YzYy00OTFmLWE3Y2ItYmZmYzYyYWVkMWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
QDANBgkqhkiG9w0BAQsFAAOCAQEASNu4P0Lm0b02Z0wQefUBNzwDqm8/VMy5oXCa
jxSOMsGQJ9Km61/l5b5cZxbiP0pIAaLLsDGe2qd+T1H1y6URhwxprGsiS1dceFgg
QZo6UVXTfFxgjLjAzV/avkuG6u+rt8sbSTvOdZ58/4x07SrA8epKExGECZ/gyWyz
v2GcSndDoQb73oVwjlvwu/AxLbzzYhafDX+4B9SiQ5ZsRPeD9Hv5wXi+vnjTxrFr
OgA+vsWqLk/CpI7z8nGk3U7U1aUM7XmnFKtborOeMW6HCCYhy/TZClotrFNyr41f
e3Rh89DVwIpaDPzBeOXrgcafYMeP8U3MNDwKFkNyZ97fyRqjjw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:14 2025 by rpki-client