Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
File: cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa (raw, json)
Hash identifier: hhHWYQQVtPbr+NRz4/IIzHioQ0w+n84OMs/DmMNpQf4=
Subject key identifier: 08:DD:C2:B6:7C:57:C6:DD:94:78:BD:5F:02:61:8B:78:23:5A:2F:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6780E98722EC63E6AEDDE36B859EB911135530D2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
Signing time: Tue 26 Aug 2025 17:10:41 +0000
ROA not before: Tue 26 Aug 2025 17:10:41 +0000
ROA not after: Tue 30 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:80:e9:87:22:ec:63:e6:ae:dd:e3:6b:85:9e:b9:11:13:55:30:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 26 17:10:41 2025 GMT
Not After : Sep 30 23:59:59 2025 GMT
Subject: serialNumber=d1cdf500bcb9b65d6f5204c9ce6293a9edab795d95c30138c170bff106e2c5b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:31:2e:2b:17:64:f0:ce:e0:44:61:9c:ab:15:
12:44:bd:33:45:cf:5f:98:7e:21:f5:b1:61:ca:9c:
eb:e7:17:fd:7e:8c:e4:9d:11:eb:f5:0f:30:98:e5:
20:b2:ec:c3:ff:1b:69:1c:3f:6f:4f:c5:68:03:c2:
41:18:7f:1e:1d:d5:c9:3f:27:dc:b4:0f:28:82:c1:
ca:4a:00:83:c1:80:f0:f4:27:d5:48:48:ca:93:97:
15:7d:1d:55:03:e6:56:6a:00:0d:98:e1:76:8f:84:
4a:25:a4:62:b7:f8:13:2c:51:ce:39:6c:e5:56:58:
0e:02:c0:69:65:39:c2:33:e0:53:1e:77:f0:e9:92:
50:4a:b1:b2:ad:4b:1f:b7:dd:e1:cc:8f:c8:8a:47:
e0:06:97:04:eb:3c:12:8e:b9:12:e9:70:a1:4d:44:
3c:5c:4a:63:20:47:1b:11:1e:b0:4a:c5:ce:4d:5d:
4c:23:5f:6d:1e:94:80:f5:6b:58:c6:c7:00:67:38:
83:cc:b9:ea:f0:66:07:52:da:17:df:d6:7e:ec:98:
15:51:33:51:94:e0:83:ce:c6:26:b1:65:15:f7:26:
fe:12:d9:8f:b0:c6:b4:8c:5b:08:f2:98:38:a8:e0:
96:75:11:ea:39:a9:c2:44:e8:a7:a0:13:e5:c3:60:
93:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:DD:C2:B6:7C:57:C6:DD:94:78:BD:5F:02:61:8B:78:23:5A:2F:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:840::/48
Signature Algorithm: sha256WithRSAEncryption
a8:4b:6b:81:7f:da:24:c6:f1:5b:67:98:d3:86:01:40:b6:c5:
05:08:f5:b1:53:36:43:20:eb:a0:19:bc:1f:fe:38:eb:7f:bb:
a7:f5:04:1c:b2:da:0c:38:93:e1:86:8b:eb:41:f9:c3:79:dc:
fc:f1:38:6c:c6:21:8f:54:4c:97:ee:42:3f:df:ff:92:fd:49:
24:05:14:a4:e2:2c:3c:0c:70:c9:67:36:53:fa:b9:07:a1:82:
fe:0f:b5:06:b5:4a:c5:63:63:c2:51:48:2c:d4:28:f0:0b:43:
4f:da:28:a9:fb:77:01:6d:35:a8:9a:fb:08:b5:9e:3a:dc:78:
6a:01:51:8a:a0:bf:c8:29:e6:14:a2:de:f7:4b:45:f2:fb:86:
52:d2:51:84:7c:0d:f9:fd:6d:38:99:13:99:e4:52:79:bd:b7:
9e:47:46:08:23:f8:61:dc:81:24:cc:fd:ce:00:33:f8:38:8c:
47:73:2a:a5:62:7b:3e:9c:f3:e2:1b:b9:fb:be:8d:20:3e:f8:
5b:e8:64:f9:18:8b:28:ba:ed:67:3b:79:ec:8b:90:f6:12:f5:
2d:e4:79:51:a5:d8:67:22:c9:41:f1:5c:ba:fb:f5:24:4d:88:
a8:d8:26:74:f0:46:72:33:1e:9e:d3:1e:d8:76:04:3a:ae:78:
64:04:06:29
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZ4DphyLsY+au3eNrhZ65ERNVMNIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjYxNzEwNDFaFw0yNTA5MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxY2RmNTAwYmNiOWI2NWQ2ZjUyMDRjOWNlNjI5M2E5ZWRhYjc5NWQ5NWMz
MDEzOGMxNzBiZmYxMDZlMmM1YjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMxLisXZPDO4ERhnKsVEkS9M0XPX5h+IfWxYcqc6+cX/X6M5J0R6/UPMJjl
ILLsw/8baRw/b0/FaAPCQRh/Hh3VyT8n3LQPKILBykoAg8GA8PQn1UhIypOXFX0d
VQPmVmoADZjhdo+ESiWkYrf4EyxRzjls5VZYDgLAaWU5wjPgUx538OmSUEqxsq1L
H7fd4cyPyIpH4AaXBOs8Eo65EulwoU1EPFxKYyBHGxEesErFzk1dTCNfbR6UgPVr
WMbHAGc4g8y56vBmB1LaF9/WfuyYFVEzUZTgg87GJrFlFfcm/hLZj7DGtIxbCPKY
OKjglnUR6jmpwkTop6AT5cNgkwUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQI3cK2
fFfG3ZR4vV8CYYt4I1ovVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2MwYzM1N2MtNzBjNy00YTcxLWEzNGUtYmY2ZmQ4YTFkYzc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I
QDANBgkqhkiG9w0BAQsFAAOCAQEAqEtrgX/aJMbxW2eY04YBQLbFBQj1sVM2QyDr
oBm8H/4463+7p/UEHLLaDDiT4YaL60H5w3nc/PE4bMYhj1RMl+5CP9//kv1JJAUU
pOIsPAxwyWc2U/q5B6GC/g+1BrVKxWNjwlFILNQo8AtDT9ooqft3AW01qJr7CLWe
Otx4agFRiqC/yCnmFKLe90tF8vuGUtJRhHwN+f1tOJkTmeRSeb23nkdGCCP4YdyB
JMz9zgAz+DiMR3MqpWJ7Ppzz4hu5+76NID74W+hk+RiLKLrtZzt57IuQ9hL1LeR5
UaXYZyLJQfFcuvv1JE2IqNgmdPBGcjMentMe2HYEOq54ZAQGKQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:10 2025 by rpki-client