Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
File: 366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa (raw, json)
Hash identifier: oP9oemTBqIUcizYhNo/OR+JKjpbaHimvpG8Q9o15xtI=
Subject key identifier: DD:77:07:89:C4:4A:D4:7A:20:E8:2D:8C:A3:B2:4D:46:2A:7A:0E:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FC84C36BFA3CA04822F0BEF755384D3F34EA101
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
Signing time: Mon 16 Jun 2025 19:50:55 +0000
ROA not before: Mon 16 Jun 2025 19:50:55 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:c8:4c:36:bf:a3:ca:04:82:2f:0b:ef:75:53:84:d3:f3:4e:a1:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:50:55 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=2d0ec7966edea107de85319144be82d5150a9af2284326d74328efee36fb3034, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e9:49:11:72:b2:89:67:ba:b3:ce:6e:db:4c:
1d:96:e7:aa:f3:c7:c0:b7:e0:19:52:0a:06:f6:3d:
60:d7:83:d8:42:b6:4f:2a:8b:81:fc:4e:8f:36:1a:
cf:a3:6a:36:f3:fd:b9:36:30:1f:5c:5c:cb:72:f8:
25:09:d1:5d:87:96:74:44:50:b8:0f:8a:a0:b3:1e:
97:b7:b3:a1:53:d8:4c:6c:38:e5:46:64:1c:0b:a3:
2e:05:f6:f0:81:ef:7b:a5:6b:a6:38:b9:27:26:6a:
f0:2a:2a:6d:13:c2:7c:d0:00:c0:9b:ff:6c:d1:e6:
cf:95:79:51:62:5a:a9:02:e4:93:49:f0:c1:7a:e7:
1c:10:d3:e0:93:dc:eb:04:36:3c:3e:00:94:11:2b:
5f:b9:b4:cf:03:3e:1c:8e:f5:1f:b8:58:43:3d:ae:
8e:8d:61:7d:ce:4c:b2:b6:e5:4e:27:51:b0:20:ce:
03:49:15:b6:ee:b3:4d:75:46:d2:ff:15:ba:4f:5c:
cb:73:b5:17:e3:b0:bc:c7:19:4e:6a:0f:2b:e8:ba:
91:6c:de:38:5b:40:26:b8:c0:c1:f1:1e:a1:f8:2d:
d6:47:1c:b1:a8:15:ed:88:8d:b7:41:f4:c3:2b:2a:
51:2e:05:d1:d2:9b:23:b4:c0:07:21:69:3a:b0:89:
47:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:77:07:89:C4:4A:D4:7A:20:E8:2D:8C:A3:B2:4D:46:2A:7A:0E:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4040::/48
Signature Algorithm: sha256WithRSAEncryption
99:66:f2:63:7e:05:9b:79:5a:16:c1:e2:1b:06:0c:5d:c8:a1:
46:a9:eb:09:f9:d1:3f:53:59:dd:85:2e:fc:9e:04:ae:ff:c2:
0a:99:0f:74:89:76:5e:b9:53:23:f2:af:68:03:8f:4f:b9:73:
98:a2:d6:ce:5f:e0:d0:06:d6:9b:cb:2d:ed:f4:2f:e9:98:a9:
9a:32:9c:50:49:38:43:37:25:15:ba:03:99:fb:97:ff:ed:7e:
1e:af:6b:a6:77:cd:ed:6d:92:c5:65:d0:98:2a:12:4c:33:95:
ab:2e:07:5c:59:db:fb:8a:46:47:b0:71:6e:67:ec:70:e1:e1:
71:cd:92:cb:0e:01:8c:c4:35:e4:c6:ee:b1:1b:d8:66:4d:dd:
71:a4:ff:ce:d2:c1:36:eb:06:b8:b4:47:6a:47:9d:cb:ca:cb:
63:ee:9a:40:c0:d2:34:71:41:6a:fd:d3:09:f4:76:13:9a:78:
1e:4d:83:03:fa:39:8d:ab:8d:67:39:bb:6c:f8:2f:cb:20:25:
d2:8c:6f:6c:03:de:68:6b:de:2b:d5:d7:ac:4c:03:fe:aa:e7:
e9:0b:3f:65:77:1d:0b:62:73:5d:72:5c:5f:81:f5:13:37:80:
7f:dd:ab:98:f7:3f:e8:c4:4c:02:bf:c5:78:96:b1:af:a4:c0:
9b:92:4b:09
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUD8hMNr+jygSCLwvvdVOE0/NOoQEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTUwNTVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkMGVjNzk2NmVkZWExMDdkZTg1MzE5MTQ0YmU4MmQ1MTUwYTlhZjIyODQz
MjZkNzQzMjhlZmVlMzZmYjMwMzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvpSRFysolnurPObttMHZbnqvPHwLfgGVIKBvY9YNeD2EK2TyqLgfxOjzYa
z6NqNvP9uTYwH1xcy3L4JQnRXYeWdERQuA+KoLMel7ezoVPYTGw45UZkHAujLgX2
8IHve6Vrpji5JyZq8CoqbRPCfNAAwJv/bNHmz5V5UWJaqQLkk0nwwXrnHBDT4JPc
6wQ2PD4AlBErX7m0zwM+HI71H7hYQz2ujo1hfc5MsrblTidRsCDOA0kVtu6zTXVG
0v8Vuk9cy3O1F+OwvMcZTmoPK+i6kWzeOFtAJrjAwfEeofgt1kccsagV7YiNt0H0
wysqUS4F0dKbI7TAByFpOrCJR48CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTddweJ
xErUeiDoLYyjsk1GKnoOJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzY2YzM4MGYtN2YzYy00OTFmLWE3Y2ItYmZmYzYyYWVkMWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
QDANBgkqhkiG9w0BAQsFAAOCAQEAmWbyY34Fm3laFsHiGwYMXcihRqnrCfnRP1NZ
3YUu/J4Erv/CCpkPdIl2XrlTI/KvaAOPT7lzmKLWzl/g0AbWm8st7fQv6ZipmjKc
UEk4QzclFboDmfuX/+1+Hq9rpnfN7W2SxWXQmCoSTDOVqy4HXFnb+4pGR7Bxbmfs
cOHhcc2Syw4BjMQ15MbusRvYZk3dcaT/ztLBNusGuLRHakedy8rLY+6aQMDSNHFB
av3TCfR2E5p4Hk2DA/o5jauNZzm7bPgvyyAl0oxvbAPeaGveK9XXrEwD/qrn6Qs/
ZXcdC2JzXXJcX4H1EzeAf92rmPc/6MRMAr/FeJaxr6TAm5JLCQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:08 2025 by rpki-client