Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa
File: 301d1d15-dd00-41e7-9f44-49159e46a51a.roa (raw, json)
Hash identifier: Yd/6ph7AndOcYaftoGakWuue6HB+x+Pk7RB8e9chqqA=
Subject key identifier: 32:51:E8:0E:41:0E:A0:A2:A3:D7:4A:B5:3E:D7:A1:E2:4B:7B:C0:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71F04C075BFED7E7A3B8B4DBB16D967B51D11D54
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa
Signing time: Tue 20 May 2025 18:41:07 +0000
ROA not before: Tue 20 May 2025 18:41:07 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:f0:4c:07:5b:fe:d7:e7:a3:b8:b4:db:b1:6d:96:7b:51:d1:1d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:41:07 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=eaac57ea92f170417d9be3d4d835fe9d2bb2242864ead40e9ca5b6f500f9f648, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ff:dd:65:29:27:a5:7a:55:6e:75:16:78:74:
35:9a:2f:2c:94:cf:9f:57:2a:6c:9f:48:82:22:1b:
8c:c5:5b:84:df:93:6d:b2:93:f4:fd:42:b5:78:33:
55:7a:74:df:2c:e8:e1:48:df:98:37:41:91:f0:3d:
e3:93:69:e1:25:b3:4d:42:8f:43:83:73:b1:95:43:
4e:1f:de:8f:dd:8c:39:f9:74:a1:02:e0:1d:40:2e:
23:a3:06:5c:fd:f0:90:98:a2:c9:54:96:ec:b7:62:
61:e8:0e:11:1f:95:3b:f0:0d:61:5f:ca:f2:d3:42:
72:57:07:fe:2a:38:61:2e:a1:9b:3c:69:ed:f3:78:
0e:31:d3:55:ad:28:8e:49:09:67:0d:7e:17:1b:48:
65:83:fd:fa:d1:bd:b5:de:42:a9:04:70:74:d3:d1:
1a:53:ce:9e:68:06:49:ff:4a:65:96:30:9b:12:57:
14:0c:5e:92:cb:11:02:86:13:56:4c:3f:93:a5:04:
f8:17:9b:79:64:98:c2:8c:3f:30:a4:93:03:dc:77:
a2:44:84:8c:4b:52:27:30:6c:06:56:57:59:4d:7b:
a8:67:a9:5c:9c:c2:b2:cf:a0:67:2f:64:06:b3:b7:
77:f2:e0:ea:42:32:9c:d7:b8:d8:94:09:b6:70:b6:
2c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:51:E8:0E:41:0E:A0:A2:A3:D7:4A:B5:3E:D7:A1:E2:4B:7B:C0:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8040::/48
Signature Algorithm: sha256WithRSAEncryption
66:f5:1d:24:18:db:ef:9d:02:f5:4d:71:40:5c:28:35:56:50:
3d:dd:ea:1a:9e:d8:aa:ba:cb:08:74:9d:28:ca:a7:f5:cc:fe:
6a:d9:f9:80:fd:b9:3e:3f:3c:41:f2:ed:7f:fe:fa:56:fa:8c:
c8:8b:ea:b9:4a:8b:e3:c3:b8:0d:2e:a9:b4:94:c6:67:47:62:
88:51:9e:58:ad:c1:3a:ce:5d:09:b4:4d:05:b0:85:85:90:ad:
04:e1:c1:e8:c1:57:79:3f:00:ac:a3:37:8b:a2:41:11:3f:df:
c8:ee:09:6e:0b:42:87:16:0a:07:62:d0:1b:5d:fd:d0:90:30:
a3:cd:be:c3:de:8f:88:85:6d:cb:45:05:76:8a:0b:89:54:09:
c0:7e:19:91:dc:f0:e8:45:9c:f3:00:92:97:6e:59:d3:6d:55:
47:fa:2a:37:91:7a:df:85:07:09:a1:18:e2:9b:36:cc:43:7c:
ca:ac:f4:f3:2f:7c:75:0d:20:0a:c8:2a:a8:9f:67:71:48:ef:
bc:43:4a:64:de:d5:8b:4c:ce:be:c6:64:2f:34:b0:cb:23:cc:
66:8a:e1:4a:10:a4:df:35:62:c8:87:d2:43:d5:98:0b:75:4e:
92:ce:22:da:92:f5:22:3d:1f:8f:9a:a0:2f:1f:d5:83:16:59:
18:b9:8b:18
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcfBMB1v+1+ejuLTbsW2We1HRHVQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQxMDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhYWM1N2VhOTJmMTcwNDE3ZDliZTNkNGQ4MzVmZTlkMmJiMjI0Mjg2NGVh
ZDQwZTljYTViNmY1MDBmOWY2NDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJL/3WUpJ6V6VW51Fnh0NZovLJTPn1cqbJ9IgiIbjMVbhN+TbbKT9P1CtXgz
VXp03yzo4UjfmDdBkfA945Np4SWzTUKPQ4NzsZVDTh/ej92MOfl0oQLgHUAuI6MG
XP3wkJiiyVSW7LdiYegOER+VO/ANYV/K8tNCclcH/io4YS6hmzxp7fN4DjHTVa0o
jkkJZw1+FxtIZYP9+tG9td5CqQRwdNPRGlPOnmgGSf9KZZYwmxJXFAxekssRAoYT
Vkw/k6UE+BebeWSYwow/MKSTA9x3okSEjEtSJzBsBlZXWU17qGepXJzCss+gZy9k
BrO3d/Lg6kIynNe42JQJtnC2LOMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQyUegO
QQ6goqPXSrU+16HiS3vAqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzAxZDFkMTUtZGQwMC00MWU3LTlmNDQtNDkxNTllNDZhNTFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
QDANBgkqhkiG9w0BAQsFAAOCAQEAZvUdJBjb750C9U1xQFwoNVZQPd3qGp7YqrrL
CHSdKMqn9cz+atn5gP25Pj88QfLtf/76VvqMyIvquUqL48O4DS6ptJTGZ0diiFGe
WK3BOs5dCbRNBbCFhZCtBOHB6MFXeT8ArKM3i6JBET/fyO4JbgtChxYKB2LQG139
0JAwo82+w96PiIVty0UFdooLiVQJwH4Zkdzw6EWc8wCSl25Z021VR/oqN5F634UH
CaEY4ps2zEN8yqz08y98dQ0gCsgqqJ9ncUjvvENKZN7Vi0zOvsZkLzSwyyPMZorh
ShCk3zViyIfSQ9WYC3VOks4i2pL1Ij0fj5qgLx/VgxZZGLmLGA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:31 2025 by rpki-client