Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
File: 0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa (raw, json)
Hash identifier: 41zCceKiZjS9P4nq8+iS1fPfGAzpdHYFLadShXLM6K0=
Subject key identifier: 7C:B9:9B:7B:2D:81:6F:28:4A:6E:4C:58:06:07:35:37:87:BF:F6:7F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C189921E389172281C152BA53A70E0FBF076708
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
Signing time: Tue 20 May 2025 20:41:30 +0000
ROA not before: Tue 20 May 2025 20:41:30 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:18:99:21:e3:89:17:22:81:c1:52:ba:53:a7:0e:0f:bf:07:67:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:30 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ace7267a044653f31028521cca7d3dd318819bed1fd8262a5fdcdd6db0b63f9b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:69:fd:44:b3:48:ef:78:a2:31:e5:c4:a9:46:
57:ce:38:84:63:c6:48:2d:d2:17:0b:54:dc:87:9c:
2c:40:a5:92:43:74:3b:c9:79:61:59:90:f5:20:c7:
70:82:10:87:d3:2f:a7:e8:27:c9:8a:b9:5e:c1:46:
28:22:fa:30:9d:e1:ed:62:1f:b2:6b:ad:66:cd:73:
06:fb:06:9e:66:98:3b:d3:65:05:ee:48:de:86:47:
6b:48:ba:d8:20:0f:34:cc:29:49:fd:81:d6:11:46:
c9:00:43:10:52:31:a7:73:6e:f1:ea:f5:07:10:36:
84:fb:c6:26:bf:54:93:85:91:79:2b:2a:27:37:95:
f0:94:ad:e7:e8:43:59:92:7e:d5:cc:60:49:4b:9e:
c4:23:fe:a1:94:d5:c5:28:37:0a:a6:e6:25:e4:c2:
b0:6b:1a:24:54:f1:cc:44:9d:af:5c:1e:0c:62:bf:
87:e0:0b:db:5d:aa:98:d3:85:61:be:5d:df:ac:09:
ec:00:39:bc:05:08:48:cc:e3:36:2d:00:be:cb:49:
0d:bf:25:39:89:79:32:2c:9b:e3:d4:17:05:7d:a3:
03:c9:22:f2:c7:5f:e8:f5:33:0e:31:61:08:41:74:
7c:d6:6d:bd:0b:c6:54:20:e8:04:29:4b:ae:82:de:
5a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B9:9B:7B:2D:81:6F:28:4A:6E:4C:58:06:07:35:37:87:BF:F6:7F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
93:6d:f9:d4:3c:f2:90:8f:c8:68:24:03:b2:88:83:2c:d3:35:
64:ee:bb:88:3d:d1:44:97:b9:9c:aa:29:55:c3:be:e2:be:88:
f3:ef:98:be:23:7f:7b:73:fb:fa:9f:7b:72:25:cf:53:a4:3a:
c3:8a:8f:c7:dc:ff:7d:2f:af:db:cc:a3:b5:0f:db:12:55:42:
eb:26:e5:98:68:ee:8b:7c:4d:f6:63:0d:6c:04:84:3d:bd:20:
4b:d0:3a:d6:e4:e1:96:47:57:6a:ae:b8:99:ab:fb:b3:aa:a1:
26:71:89:91:a9:93:87:fc:ac:3d:d3:b5:53:25:17:84:2d:bc:
02:4e:5a:ef:a5:5a:72:0f:92:66:07:3c:75:bc:4f:9b:0f:c8:
2c:27:bf:75:78:d7:3e:97:0b:24:15:6c:ee:c6:30:37:e6:fd:
52:e6:1d:8e:25:80:d5:4f:94:d6:20:41:a3:9d:7c:92:95:96:
65:32:ac:c2:85:a0:89:3b:5b:d0:47:35:0a:bd:57:a1:09:f3:
89:1d:2e:a4:44:33:c8:66:b3:a0:6d:4d:92:76:8f:f5:09:53:
52:44:9c:f7:3b:2e:65:a1:f9:8b:ea:58:8b:9e:3b:24:aa:0b:
4b:0d:03:ff:80:38:53:17:67:33:54:c4:fb:29:21:6e:7f:ce:
c9:8e:96:a2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHBiZIeOJFyKBwVK6U6cOD78HZwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMzBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjZTcyNjdhMDQ0NjUzZjMxMDI4NTIxY2NhN2QzZGQzMTg4MTliZWQxZmQ4
MjYyYTVmZGNkZDZkYjBiNjNmOWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtp/USzSO94ojHlxKlGV844hGPGSC3SFwtU3IecLEClkkN0O8l5YVmQ9SDH
cIIQh9Mvp+gnyYq5XsFGKCL6MJ3h7WIfsmutZs1zBvsGnmaYO9NlBe5I3oZHa0i6
2CAPNMwpSf2B1hFGyQBDEFIxp3Nu8er1BxA2hPvGJr9Uk4WReSsqJzeV8JSt5+hD
WZJ+1cxgSUuexCP+oZTVxSg3CqbmJeTCsGsaJFTxzESdr1weDGK/h+AL212qmNOF
Yb5d36wJ7AA5vAUISMzjNi0AvstJDb8lOYl5Miyb49QXBX2jA8ki8sdf6PUzDjFh
CEF0fNZtvQvGVCDoBClLroLeWqMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR8uZt7
LYFvKEpuTFgGBzU3h7/2fzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGJmYTI1ZGQtMzE5Zi00ZjJkLWI3ODYtOGFiMTlkNThlODExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQCTbfnUPPKQj8hoJAOyiIMs0zVk7ruIPdFEl7mcqilV
w77ivojz75i+I397c/v6n3tyJc9TpDrDio/H3P99L6/bzKO1D9sSVULrJuWYaO6L
fE32Yw1sBIQ9vSBL0DrW5OGWR1dqrriZq/uzqqEmcYmRqZOH/Kw907VTJReELbwC
TlrvpVpyD5JmBzx1vE+bD8gsJ791eNc+lwskFWzuxjA35v1S5h2OJYDVT5TWIEGj
nXySlZZlMqzChaCJO1vQRzUKvVehCfOJHS6kRDPIZrOgbU2Sdo/1CVNSRJz3Oy5l
ofmL6liLnjskqgtLDQP/gDhTF2czVMT7KSFuf87Jjpai
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:46:41 2025 by rpki-client