Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: r8T6Zb0yMM/uv+Ap+WqqjZH8gfDM43ANTvJ835DmQY0=
Subject key identifier: 0F:5D:51:45:6B:95:87:2D:E7:96:6D:63:8B:C3:8D:5C:74:07:F5:5D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 391DE3418DDD0D057F994F35A8A288193328A8F7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Tue 20 May 2025 20:40:11 +0000
ROA not before: Tue 20 May 2025 20:40:11 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:1d:e3:41:8d:dd:0d:05:7f:99:4f:35:a8:a2:88:19:33:28:a8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:11 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=93952d166943beab6824aff2683e768add69ea035e5348607e7caf5379960cb4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ff:70:23:12:2a:35:7c:45:7c:13:8c:b7:b0:
57:bb:3d:1d:8d:41:d5:75:23:46:35:6e:f7:7f:90:
51:3f:d9:aa:74:5f:e1:c7:5b:99:55:c2:31:d7:a4:
e1:2f:83:80:cf:c2:2d:3f:d0:2c:e6:44:14:cf:69:
33:63:38:a9:98:d7:28:2f:96:b9:86:82:8e:7c:f1:
c3:64:9d:60:b3:fb:b0:b2:80:7a:20:90:bc:4c:0f:
a7:71:ba:5d:da:a4:41:c9:b6:90:cf:a6:c7:a3:e1:
3f:c0:67:19:04:96:5d:d0:fe:b7:ec:5d:70:af:b3:
6b:f7:b4:4d:7e:db:92:44:cd:5e:0a:c2:4a:c6:07:
8b:ce:f6:4e:3b:dd:59:62:fc:7f:c1:08:4c:90:7b:
05:09:93:6c:b0:1c:2d:a0:bd:cf:1e:81:af:e9:28:
4d:ef:14:7c:84:a5:58:0e:94:dd:36:4a:cc:77:b1:
5d:58:cb:7c:46:48:0d:bc:42:f4:66:cf:38:a8:39:
71:d7:f8:96:6f:61:00:46:41:74:20:b6:4e:bd:01:
8e:1e:fe:bc:bc:98:ef:f0:91:2c:66:36:7f:47:6a:
97:cb:ae:87:ea:84:a7:ea:c2:8a:25:72:bb:1d:85:
2e:7a:84:56:9a:a7:00:0f:0b:71:29:ad:de:6e:bd:
6f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:5D:51:45:6B:95:87:2D:E7:96:6D:63:8B:C3:8D:5C:74:07:F5:5D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b8:00:8b:6b:d5:94:15:c5:ab:3e:6a:9a:a6:68:37:c0:e0:7e:
d4:97:53:74:fc:10:31:2c:30:c0:ce:a6:30:9e:3f:bd:59:a5:
ec:b7:b7:51:d3:01:7c:19:a2:a2:50:71:10:e4:cb:4d:ec:70:
3b:03:0c:ef:ab:ed:04:bc:f8:89:16:ad:d8:a6:8d:5f:5d:50:
43:c4:a2:a2:a7:16:52:72:6f:4d:76:5d:6e:93:ff:a7:28:70:
eb:10:b5:6c:53:fa:95:9f:c5:4f:ad:8f:47:a7:83:bd:b8:b3:
2d:38:15:e4:a3:cc:9d:5f:fd:32:54:71:1a:a8:36:ed:2e:46:
c4:c6:36:01:f3:63:45:77:36:75:18:5f:2e:53:99:93:36:b9:
93:d1:d9:0b:2b:1e:8d:8e:1b:8e:f6:c0:26:09:00:68:f5:f6:
55:47:15:7b:01:69:6e:b7:4a:9b:06:7a:c4:52:2e:dc:e0:6c:
ab:3f:1a:61:f0:0a:cc:95:29:6d:38:7e:61:db:5e:ac:e2:95:
7a:a7:81:72:84:39:dc:1c:8d:78:69:47:6f:dd:f8:85:fd:1a:
92:51:c5:67:7a:7e:68:34:c3:b8:03:14:f6:42:1e:b7:3d:31:
4f:82:70:f7:70:66:67:d8:35:47:21:3e:f6:92:a6:c9:14:a4:
20:65:ca:c1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOR3jQY3dDQV/mU81qKKIGTMoqPcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMTFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzOTUyZDE2Njk0M2JlYWI2ODI0YWZmMjY4M2U3NjhhZGQ2OWVhMDM1ZTUz
NDg2MDdlN2NhZjUzNzk5NjBjYjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKn/cCMSKjV8RXwTjLewV7s9HY1B1XUjRjVu93+QUT/ZqnRf4cdbmVXCMdek
4S+DgM/CLT/QLOZEFM9pM2M4qZjXKC+WuYaCjnzxw2SdYLP7sLKAeiCQvEwPp3G6
XdqkQcm2kM+mx6PhP8BnGQSWXdD+t+xdcK+za/e0TX7bkkTNXgrCSsYHi872Tjvd
WWL8f8EITJB7BQmTbLAcLaC9zx6Br+koTe8UfISlWA6U3TZKzHexXVjLfEZIDbxC
9GbPOKg5cdf4lm9hAEZBdCC2Tr0Bjh7+vLyY7/CRLGY2f0dql8uuh+qEp+rCiiVy
ux2FLnqEVpqnAA8LcSmt3m69b0cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQPXVFF
a5WHLeeWbWOLw41cdAf1XTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQC4AItr1ZQVxas+apqmaDfA4H7Ul1N0/BAxLDDAzqYw
nj+9WaXst7dR0wF8GaKiUHEQ5MtN7HA7Awzvq+0EvPiJFq3Ypo1fXVBDxKKipxZS
cm9Ndl1uk/+nKHDrELVsU/qVn8VPrY9Hp4O9uLMtOBXko8ydX/0yVHEaqDbtLkbE
xjYB82NFdzZ1GF8uU5mTNrmT0dkLKx6NjhuO9sAmCQBo9fZVRxV7AWlut0qbBnrE
Ui7c4GyrPxph8ArMlSltOH5h216s4pV6p4FyhDncHI14aUdv3fiF/RqSUcVnen5o
NMO4AxT2Qh63PTFPgnD3cGZn2DVHIT72kqbJFKQgZcrB
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:55:00 2025 by rpki-client