Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
File: cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa (raw, json)
Hash identifier: O2RoEbJEQAWlTUXpv7qs0LuWUYkEBC72Q2ysgK1Upxc=
Subject key identifier: BC:AC:8A:D3:77:1F:FC:85:C0:17:72:1B:CE:1A:3F:8D:68:56:BE:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06260BE59D62A76C990D0EBC8026270AFB3F8BAD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
Signing time: Tue 10 Jun 2025 17:20:06 +0000
ROA not before: Tue 10 Jun 2025 17:20:06 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:26:0b:e5:9d:62:a7:6c:99:0d:0e:bc:80:26:27:0a:fb:3f:8b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:06 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=adb53eb84ee33dff985eac114f77050e87f7a3fa812df890e7752bf6070d2b99, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ed:e9:f2:04:89:77:d9:32:ea:83:f6:a1:de:
4c:44:0b:a7:79:68:ec:7e:e2:a6:64:3c:5b:da:db:
62:89:58:64:5e:d1:14:7b:59:f0:29:7b:7e:b4:0f:
53:fb:91:01:a9:42:e5:a9:db:48:91:69:24:58:32:
71:9c:07:d9:73:45:c4:1d:7f:38:71:47:ab:30:21:
15:b1:0e:aa:9c:24:30:c3:7b:62:b4:2c:7d:b8:c8:
fc:9f:34:e9:b9:8d:c2:7a:65:f0:d8:db:68:cc:46:
60:e2:10:84:c0:cc:18:0b:0e:05:30:e6:68:3d:b8:
1d:28:e7:d5:65:e8:59:8d:72:8c:29:95:6a:83:d8:
db:30:12:f5:e0:13:fa:c3:3b:06:06:90:92:57:7b:
b1:10:6a:bf:f5:88:a3:30:d8:96:ee:d0:da:07:f4:
51:b6:a2:c6:1b:a3:9d:bc:70:83:a7:9b:ec:0d:0a:
e6:9f:97:18:ce:66:14:80:a3:13:01:bb:a7:75:b9:
e6:d3:0b:77:26:85:56:48:cf:74:92:83:50:20:e1:
7f:08:8f:b2:d7:c7:aa:3d:ef:21:1d:84:34:f5:98:
5f:32:27:16:e1:0b:a3:cd:2e:05:af:10:c9:e0:2a:
46:ea:6c:42:95:82:af:65:28:0a:d4:e4:8d:d7:5d:
f5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AC:8A:D3:77:1F:FC:85:C0:17:72:1B:CE:1A:3F:8D:68:56:BE:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:840::/48
Signature Algorithm: sha256WithRSAEncryption
b6:d1:19:26:54:da:7d:cc:df:d7:4f:76:73:d3:af:c4:74:b1:
2c:74:1a:61:8b:21:22:2c:60:6b:b5:36:85:c6:14:1d:9d:bc:
37:d7:b2:ae:8c:cc:96:02:38:04:bd:08:e4:10:d5:d2:6e:a8:
d3:bd:a0:ae:fe:74:7b:c2:cc:86:6c:0a:60:7c:9c:8d:11:e9:
41:95:c0:8c:11:bc:ed:c3:0c:fd:9b:1d:b7:86:df:a8:b6:e3:
71:ff:4e:98:59:40:31:af:e4:98:10:77:05:89:80:64:d2:a1:
0e:ed:b5:08:23:4a:1d:a1:ff:c3:f9:14:e5:13:0d:f7:fd:01:
7e:82:e3:93:63:ee:3c:85:ad:77:0a:ad:07:72:b7:44:af:21:
3a:86:64:4d:64:9e:54:0f:42:8d:e4:6f:a6:c2:79:14:ff:e1:
2e:f4:fb:85:32:45:28:73:ae:7d:9b:a7:df:02:ca:22:1a:25:
25:03:1e:be:ac:f9:85:59:de:3c:9a:59:c8:25:a7:65:34:f6:
08:4d:ac:ca:85:23:88:25:cb:fe:f4:42:ea:53:17:dc:22:7e:
0e:69:7d:ba:24:2e:bc:27:ed:ea:60:25:85:58:d8:09:c6:ac:
54:ce:f5:c3:39:8d:7a:cc:86:c3:f8:0f:7d:fe:17:f0:e4:50:
ac:ae:90:68
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBiYL5Z1ip2yZDQ68gCYnCvs/i60wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwMDZaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkYjUzZWI4NGVlMzNkZmY5ODVlYWMxMTRmNzcwNTBlODdmN2EzZmE4MTJk
Zjg5MGU3NzUyYmY2MDcwZDJiOTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvt6fIEiXfZMuqD9qHeTEQLp3lo7H7ipmQ8W9rbYolYZF7RFHtZ8Cl7frQP
U/uRAalC5anbSJFpJFgycZwH2XNFxB1/OHFHqzAhFbEOqpwkMMN7YrQsfbjI/J80
6bmNwnpl8NjbaMxGYOIQhMDMGAsOBTDmaD24HSjn1WXoWY1yjCmVaoPY2zAS9eAT
+sM7BgaQkld7sRBqv/WIozDYlu7Q2gf0Ubaixhujnbxwg6eb7A0K5p+XGM5mFICj
EwG7p3W55tMLdyaFVkjPdJKDUCDhfwiPstfHqj3vIR2ENPWYXzInFuELo80uBa8Q
yeAqRupsQpWCr2UoCtTkjddd9e0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS8rIrT
dx/8hcAXchvOGj+NaFa+7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2MwYzM1N2MtNzBjNy00YTcxLWEzNGUtYmY2ZmQ4YTFkYzc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I
QDANBgkqhkiG9w0BAQsFAAOCAQEAttEZJlTafczf1092c9OvxHSxLHQaYYshIixg
a7U2hcYUHZ28N9eyrozMlgI4BL0I5BDV0m6o072grv50e8LMhmwKYHycjRHpQZXA
jBG87cMM/Zsdt4bfqLbjcf9OmFlAMa/kmBB3BYmAZNKhDu21CCNKHaH/w/kU5RMN
9/0BfoLjk2PuPIWtdwqtB3K3RK8hOoZkTWSeVA9CjeRvpsJ5FP/hLvT7hTJFKHOu
fZun3wLKIholJQMevqz5hVnePJpZyCWnZTT2CE2syoUjiCXL/vRC6lMX3CJ+Dml9
uiQuvCft6mAlhVjYCcasVM71wzmNesyGw/gPff4X8ORQrK6QaA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:33 2025 by rpki-client