Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
File: cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa (raw, json)
Hash identifier: PWvYjkcCPswY92fMBUqEXjKi66WW8Bq64OP1VZtGgrg=
Subject key identifier: FF:CE:55:CE:37:3D:00:EE:7C:0D:9E:FF:E4:11:DA:83:CF:D6:21:A1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01472337C769FD77FC9E9BCC53FF488560806B43
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
Signing time: Fri 01 Aug 2025 17:10:19 +0000
ROA not before: Fri 01 Aug 2025 17:10:19 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:47:23:37:c7:69:fd:77:fc:9e:9b:cc:53:ff:48:85:60:80:6b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:19 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=fdda77c362d77ba72523930635492df956f931c0d6091adc867fb830fa2e478f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:14:44:8a:c1:bc:80:28:6d:36:9f:44:72:08:
09:d8:08:91:44:31:9c:bd:a2:6b:42:f9:3b:10:05:
a4:52:de:64:e2:f6:e5:a0:70:f2:50:a5:38:68:f2:
5e:45:15:48:3d:81:5a:ae:0e:09:b8:3d:63:02:dc:
7d:7d:e9:20:b2:25:10:b7:f7:84:30:86:b8:38:62:
5c:68:d7:7f:18:52:64:66:7a:d8:e2:79:67:ae:e7:
ca:ae:fe:ab:a3:07:81:88:40:34:fb:3f:da:58:d9:
33:30:51:a9:21:66:bd:10:bb:86:0a:38:dc:ec:19:
73:a7:bd:03:05:f4:03:ce:f8:1e:37:ad:fd:62:bd:
a0:a9:76:54:2c:89:d5:73:6f:8f:29:32:1f:7c:6a:
32:2a:e5:c8:b9:2e:45:b8:d4:ac:07:16:b3:cf:c0:
a9:bd:4b:89:8a:b1:23:61:1c:fb:48:13:5c:f5:62:
69:ed:9a:10:9a:85:40:a0:37:28:0f:5f:41:2d:a4:
f0:83:0a:37:e5:f9:a1:6f:0f:41:2f:d2:5a:f8:3e:
3f:5d:d8:2c:5c:bc:11:42:cd:fd:67:3b:0a:62:ee:
6a:95:1b:8f:83:37:35:20:32:4a:e9:03:b2:77:02:
5e:56:01:e7:60:cc:e0:79:f9:ca:bd:52:ab:6e:f7:
c8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CE:55:CE:37:3D:00:EE:7C:0D:9E:FF:E4:11:DA:83:CF:D6:21:A1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:840::/48
Signature Algorithm: sha256WithRSAEncryption
10:ac:6f:f6:cb:a8:d4:c3:5c:93:0c:8a:97:c5:99:3a:71:23:
af:cc:e2:d5:70:c1:73:b0:db:c1:e0:32:db:34:25:49:ef:42:
a0:7f:c7:38:29:fd:fe:6d:48:a9:a4:0a:7a:b3:33:9f:ba:ea:
84:9a:c2:5e:07:d3:2e:17:75:91:99:1f:91:b9:19:19:e2:58:
7b:e9:36:5f:0e:51:2b:b1:c3:94:80:2e:6e:67:c0:70:c6:45:
c9:57:8f:56:33:f7:7b:cf:44:66:5a:3c:11:52:28:b4:97:c3:
ba:be:2c:6e:ec:13:50:1a:72:60:a0:5d:97:ec:4a:4d:6d:99:
cb:ea:a8:e8:a7:1c:4b:ad:35:d8:92:4f:81:22:14:6d:48:e3:
37:f7:01:3a:65:7c:58:14:25:9e:90:69:ba:e9:c2:06:35:dd:
97:0e:58:80:0a:ba:15:d5:62:f8:ee:66:3e:fd:4d:89:39:64:
89:02:dc:d9:7a:34:27:59:fa:5c:38:76:a1:03:14:bc:a3:e4:
e8:35:7e:84:b5:ef:04:5e:e7:59:2d:5a:a6:37:24:6c:2f:48:
c5:44:e4:7b:4a:8a:cd:18:89:dc:a1:33:11:bf:f0:c0:73:03:
a6:ed:18:28:85:d8:34:de:10:5a:9a:30:ca:9c:a4:92:f9:bb:
2f:2e:88:d6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAUcjN8dp/Xf8npvMU/9IhWCAa0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwMTlaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkZGE3N2MzNjJkNzdiYTcyNTIzOTMwNjM1NDkyZGY5NTZmOTMxYzBkNjA5
MWFkYzg2N2ZiODMwZmEyZTQ3OGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIwURIrBvIAobTafRHIICdgIkUQxnL2ia0L5OxAFpFLeZOL25aBw8lClOGjy
XkUVSD2BWq4OCbg9YwLcfX3pILIlELf3hDCGuDhiXGjXfxhSZGZ62OJ5Z67nyq7+
q6MHgYhANPs/2ljZMzBRqSFmvRC7hgo43OwZc6e9AwX0A874Hjet/WK9oKl2VCyJ
1XNvjykyH3xqMirlyLkuRbjUrAcWs8/Aqb1LiYqxI2Ec+0gTXPViae2aEJqFQKA3
KA9fQS2k8IMKN+X5oW8PQS/SWvg+P13YLFy8EULN/Wc7CmLuapUbj4M3NSAySukD
sncCXlYB52DM4Hn5yr1Sq273yNECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT/zlXO
Nz0A7nwNnv/kEdqDz9YhoTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2MwYzM1N2MtNzBjNy00YTcxLWEzNGUtYmY2ZmQ4YTFkYzc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I
QDANBgkqhkiG9w0BAQsFAAOCAQEAEKxv9suo1MNckwyKl8WZOnEjr8zi1XDBc7Db
weAy2zQlSe9CoH/HOCn9/m1IqaQKerMzn7rqhJrCXgfTLhd1kZkfkbkZGeJYe+k2
Xw5RK7HDlIAubmfAcMZFyVePVjP3e89EZlo8EVIotJfDur4sbuwTUBpyYKBdl+xK
TW2Zy+qo6KccS6012JJPgSIUbUjjN/cBOmV8WBQlnpBpuunCBjXdlw5YgAq6FdVi
+O5mPv1NiTlkiQLc2Xo0J1n6XDh2oQMUvKPk6DV+hLXvBF7nWS1apjckbC9IxUTk
e0qKzRiJ3KEzEb/wwHMDpu0YKIXYNN4QWpowypykkvm7Ly6I1g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:09 2025 by rpki-client