Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
File: 366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa (raw, json)
Hash identifier: xufGYXqj/JmFKr80lF3J5HMM9YPkP+rEI0azVEYmFYg=
Subject key identifier: C9:EC:8C:F7:A6:DC:F2:A1:E3:81:D6:3F:FE:73:4F:06:92:3F:E5:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E418E781EE2884B75E74C586911F144BC974FC7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
Signing time: Tue 20 May 2025 18:31:05 +0000
ROA not before: Tue 20 May 2025 18:31:05 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:41:8e:78:1e:e2:88:4b:75:e7:4c:58:69:11:f1:44:bc:97:4f:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:31:05 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=afb189ee7901c7783c3dc23fc1b4d14ec09ba322c7a131f9e7ba0d0c13f43e1f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:65:b2:72:b1:f5:40:0f:e7:e4:70:13:65:91:
63:f3:d5:06:4d:82:fa:11:60:3e:51:69:b5:19:81:
78:4e:bc:8a:d7:58:39:f6:b9:84:17:cf:75:0d:c6:
ed:60:5e:9b:8f:b7:65:a1:9e:75:4c:24:55:77:d5:
7e:c0:6a:9f:ef:ca:49:82:94:5b:a0:9e:5f:f9:2c:
ac:06:bf:f0:14:99:37:50:ed:0d:d8:02:d4:65:d2:
86:70:08:90:be:9f:eb:80:1f:86:56:0e:f9:21:d2:
f3:43:b9:f1:31:64:20:a5:02:58:2c:1b:c1:24:d0:
f3:db:a2:0f:dc:3d:4d:cf:fc:b2:71:53:97:a3:52:
1e:e1:8a:07:2f:ab:be:d7:3f:b3:76:7d:d2:8c:22:
48:28:8b:51:e5:8a:a0:59:7d:ff:ee:f3:7f:c9:9e:
e6:cb:f8:c3:5b:35:cd:8f:7c:f2:73:9c:95:79:04:
24:bf:de:41:cb:64:1b:bf:81:4f:1c:0a:e0:6a:9f:
64:32:0a:a9:65:10:64:ae:eb:a9:3e:21:c0:d1:a3:
30:ac:23:25:5a:e2:40:6b:b8:41:da:96:73:4a:2b:
c9:37:3e:95:42:79:fa:61:58:da:7e:e8:ba:e3:dc:
d6:4f:bc:99:63:ea:cd:7e:89:90:a8:e8:c8:91:85:
61:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:EC:8C:F7:A6:DC:F2:A1:E3:81:D6:3F:FE:73:4F:06:92:3F:E5:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/366c380f-7f3c-491f-a7cb-bffc62aed1e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4040::/48
Signature Algorithm: sha256WithRSAEncryption
68:22:56:8a:23:a7:41:55:22:ca:50:d8:dc:d1:a7:2c:a0:e2:
81:ea:23:5b:42:d5:59:a5:63:13:5a:89:89:4d:fb:79:c7:4f:
97:93:b0:85:72:9f:66:8e:24:19:8e:b8:a4:cd:e5:43:3b:ea:
8e:bf:68:66:2b:35:a0:68:93:8c:79:01:85:0a:27:a6:ce:4c:
49:77:5d:73:12:58:1b:15:08:cd:e0:e7:ad:79:fa:45:75:ce:
c6:26:37:e7:a6:c0:df:58:69:5f:27:b4:ba:9b:20:72:e8:90:
ee:c1:7e:5d:be:7d:2a:d6:02:a4:43:d4:98:a0:e4:1e:cb:a0:
6c:b6:c6:02:2c:0f:ad:8d:6c:19:d7:c2:ae:e8:4d:c8:b1:e9:
da:3c:15:e7:16:f1:e2:66:69:3d:70:4e:1f:a3:d5:c9:bc:f7:
60:e3:c7:50:67:bf:d4:0e:8e:ba:ee:49:37:e9:dc:d4:32:09:
70:c6:62:d4:84:3f:15:d9:58:5a:f8:fa:61:3d:30:16:c1:be:
c2:92:dd:f6:57:e5:4e:f0:d7:95:35:0f:72:b3:f3:aa:fa:d0:
90:06:82:9a:b5:4c:86:dc:0b:3b:0f:8a:b2:2a:88:14:14:72:
2d:58:03:d6:6b:1e:a3:5d:e1:4c:57:b7:b1:24:20:7d:ae:99:
14:18:9b:b1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbkGOeB7iiEt150xYaRHxRLyXT8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMxMDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmYjE4OWVlNzkwMWM3NzgzYzNkYzIzZmMxYjRkMTRlYzA5YmEzMjJjN2Ex
MzFmOWU3YmEwZDBjMTNmNDNlMWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhlsnKx9UAP5+RwE2WRY/PVBk2C+hFgPlFptRmBeE68itdYOfa5hBfPdQ3G
7WBem4+3ZaGedUwkVXfVfsBqn+/KSYKUW6CeX/ksrAa/8BSZN1DtDdgC1GXShnAI
kL6f64AfhlYO+SHS80O58TFkIKUCWCwbwSTQ89uiD9w9Tc/8snFTl6NSHuGKBy+r
vtc/s3Z90owiSCiLUeWKoFl9/+7zf8me5sv4w1s1zY988nOclXkEJL/eQctkG7+B
TxwK4GqfZDIKqWUQZK7rqT4hwNGjMKwjJVriQGu4QdqWc0oryTc+lUJ5+mFY2n7o
uuPc1k+8mWPqzX6JkKjoyJGFYd8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTJ7Iz3
ptzyoeOB1j/+c08Gkj/lmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzY2YzM4MGYtN2YzYy00OTFmLWE3Y2ItYmZmYzYyYWVkMWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
QDANBgkqhkiG9w0BAQsFAAOCAQEAaCJWiiOnQVUiylDY3NGnLKDigeojW0LVWaVj
E1qJiU37ecdPl5OwhXKfZo4kGY64pM3lQzvqjr9oZis1oGiTjHkBhQonps5MSXdd
cxJYGxUIzeDnrXn6RXXOxiY356bA31hpXye0upsgcuiQ7sF+Xb59KtYCpEPUmKDk
HsugbLbGAiwPrY1sGdfCruhNyLHp2jwV5xbx4mZpPXBOH6PVybz3YOPHUGe/1A6O
uu5JN+nc1DIJcMZi1IQ/FdlYWvj6YT0wFsG+wpLd9lflTvDXlTUPcrPzqvrQkAaC
mrVMhtwLOw+KsiqIFBRyLVgD1mseo13hTFe3sSQgfa6ZFBibsQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:58 2025 by rpki-client