Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
File: cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa (raw, json)
Hash identifier: stRZjf60SSRGGkT4iHg+u+4FrQulFXcPIH2qaTbrsmo=
Subject key identifier: 07:80:EC:84:64:48:3F:9E:2F:37:21:AC:8C:7E:40:ED:39:F3:AF:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01165EBAB311EBB84156C4BED4311B21D23D5DD9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
Signing time: Fri 16 May 2025 17:30:17 +0000
ROA not before: Fri 16 May 2025 17:30:17 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:16:5e:ba:b3:11:eb:b8:41:56:c4:be:d4:31:1b:21:d2:3d:5d:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:30:17 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=ef1dd96b70db383de6e3d9c845fffe529b6c22a1782c978a823828ae0bac791e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:72:e1:7d:31:96:0e:2a:35:8a:41:f4:66:4d:
30:83:41:76:ce:28:80:d9:6a:95:09:01:21:12:14:
d5:f9:7a:cb:4b:ba:61:21:08:b2:ad:24:16:a4:cb:
a1:a2:85:f9:fd:76:b7:40:d1:88:66:a0:e8:e0:db:
71:b2:7b:e6:0c:24:e4:7a:59:7b:74:6d:87:8f:38:
4a:56:ed:b6:c7:c8:6d:f7:f1:91:64:48:a5:8c:50:
30:48:d7:c8:84:7f:8a:8c:25:64:c1:ed:2f:3e:d1:
3f:f0:66:b1:79:bf:ae:19:9a:fd:dd:61:a6:06:96:
cb:bc:f0:4f:71:84:11:fb:bc:ea:d6:c4:4c:ea:90:
fe:62:32:b2:c3:12:2d:1b:e3:e4:eb:87:5b:f9:70:
26:55:62:dc:a7:42:e3:60:27:b9:d7:0e:89:6b:ea:
c7:a1:c6:89:67:8e:95:57:c3:f6:1f:9c:82:0c:35:
13:59:66:6c:11:8c:1d:b7:c9:49:5d:8e:49:3e:49:
fc:f8:33:ea:dc:36:97:b1:41:da:e9:ae:0c:1c:69:
71:aa:7a:ad:39:73:ee:8a:2e:5b:9d:f5:ac:51:e3:
73:f2:75:8e:7b:c3:ce:5e:43:86:5d:39:9b:55:4f:
be:60:37:75:65:8c:e9:e9:81:91:ba:d0:65:37:ad:
99:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:80:EC:84:64:48:3F:9E:2F:37:21:AC:8C:7E:40:ED:39:F3:AF:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc0c357c-70c7-4a71-a34e-bf6fd8a1dc77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:840::/48
Signature Algorithm: sha256WithRSAEncryption
21:a1:44:e4:77:4a:d2:87:38:0d:7f:b3:5d:5c:d8:52:ce:a3:
39:75:62:05:f0:f7:ce:e1:a8:34:42:22:ab:0f:8c:7d:56:f3:
ff:0c:36:1c:13:9c:66:a7:b8:24:48:5e:21:3d:2d:9f:69:93:
e6:f3:ed:e0:5b:7a:0c:80:e7:77:4c:4d:fe:a6:db:e3:be:fc:
fd:b6:82:c1:53:1a:83:65:3a:e5:5a:98:f4:70:f7:13:d7:c4:
56:1c:c3:e8:a4:9a:4c:8d:b3:40:fd:86:ab:20:9f:98:da:a3:
5b:60:94:51:4d:f5:48:f7:f4:53:fb:e5:94:4a:4e:6e:87:bd:
88:84:07:f0:57:c7:81:46:82:a5:33:71:d0:76:f3:13:6b:eb:
31:a6:85:92:23:f0:50:ae:8c:59:dc:e0:ff:5a:c9:86:78:b9:
0a:b2:84:75:44:ba:40:b4:69:08:39:e7:af:91:12:02:a4:61:
3c:29:37:4f:90:6b:76:f8:9c:c6:59:f1:65:74:1a:fe:48:ff:
53:1d:4f:c8:c0:7a:9a:17:1b:06:2c:05:ab:a0:11:c7:4f:04:
9b:cb:8b:62:d0:9e:ed:59:c4:41:ed:c4:b8:f5:59:08:b6:f1:
e5:47:10:99:52:44:a4:70:0e:3d:79:db:c1:2b:65:5f:64:cf:
fd:ba:11:db
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUARZeurMR67hBVsS+1DEbIdI9XdkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzMwMTdaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmMWRkOTZiNzBkYjM4M2RlNmUzZDljODQ1ZmZmZTUyOWI2YzIyYTE3ODJj
OTc4YTgyMzgyOGFlMGJhYzc5MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBy4X0xlg4qNYpB9GZNMINBds4ogNlqlQkBIRIU1fl6y0u6YSEIsq0kFqTL
oaKF+f12t0DRiGag6ODbcbJ75gwk5HpZe3Rth484SlbttsfIbffxkWRIpYxQMEjX
yIR/iowlZMHtLz7RP/BmsXm/rhma/d1hpgaWy7zwT3GEEfu86tbETOqQ/mIyssMS
LRvj5OuHW/lwJlVi3KdC42AnudcOiWvqx6HGiWeOlVfD9h+cggw1E1lmbBGMHbfJ
SV2OST5J/Pgz6tw2l7FB2umuDBxpcap6rTlz7oouW531rFHjc/J1jnvDzl5Dhl05
m1VPvmA3dWWM6emBkbrQZTetmbsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQHgOyE
ZEg/ni83IayMfkDtOfOvJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2MwYzM1N2MtNzBjNy00YTcxLWEzNGUtYmY2ZmQ4YTFkYzc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I
QDANBgkqhkiG9w0BAQsFAAOCAQEAIaFE5HdK0oc4DX+zXVzYUs6jOXViBfD3zuGo
NEIiqw+MfVbz/ww2HBOcZqe4JEheIT0tn2mT5vPt4Ft6DIDnd0xN/qbb4778/baC
wVMag2U65VqY9HD3E9fEVhzD6KSaTI2zQP2GqyCfmNqjW2CUUU31SPf0U/vllEpO
boe9iIQH8FfHgUaCpTNx0HbzE2vrMaaFkiPwUK6MWdzg/1rJhni5CrKEdUS6QLRp
CDnnr5ESAqRhPCk3T5BrdvicxlnxZXQa/kj/Ux1PyMB6mhcbBiwFq6ARx08Em8uL
YtCe7VnEQe3EuPVZCLbx5UcQmVJEpHAOPXnbwStlX2TP/boR2w==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:34 2025 by rpki-client