Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
File: 8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa (raw, json)
Hash identifier: YKDcxQRErcsw203bV0X8wklQe0bsOBGS+6+J5J2NH2s=
Subject key identifier: DA:31:9A:07:E8:03:28:6F:B3:5A:04:A5:96:5C:DF:D0:31:43:98:00
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 25A90351C82279F2F7A7673D3B80DE4427DCE461
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
Signing time: Tue 01 Apr 2025 15:10:23 +0000
ROA not before: Tue 01 Apr 2025 15:10:23 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:a9:03:51:c8:22:79:f2:f7:a7:67:3d:3b:80:de:44:27:dc:e4:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 15:10:23 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=a480d45563ba16ee1adf01d05f696a6d0cab5a3fdcecd347980722d1b88e69f3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:81:3e:ff:b5:6e:cf:fc:69:91:67:5d:2a:a5:
fa:04:09:83:ab:78:b6:6e:c5:3e:d3:b8:af:96:d9:
47:a8:3e:97:1f:6b:32:34:b5:00:9f:b3:9b:8c:50:
5e:cd:00:4e:c5:c1:4f:47:97:c1:fe:84:43:c3:5f:
33:05:43:c9:91:82:01:92:a7:ba:e1:f4:6f:e3:98:
d6:5c:0e:f4:1b:2f:80:5a:8f:0f:44:fb:5c:7b:01:
a6:f5:0a:59:7e:1f:35:d6:d3:fd:c5:d4:dc:ea:5c:
29:2a:69:fc:70:b1:f7:f0:c6:2e:15:dc:6b:45:c8:
f7:64:da:25:b2:30:9a:6c:c3:ab:92:56:52:30:1d:
78:fb:76:fc:1b:67:86:f9:bf:d5:91:99:a6:05:b3:
c5:2b:0a:d8:ec:eb:8d:de:68:98:67:18:21:f3:e1:
4a:0e:3f:d4:64:b8:7c:44:54:fe:9a:d0:cb:15:1a:
35:de:30:ca:63:51:f7:96:f7:21:26:4a:15:4f:21:
22:5c:8d:6b:65:ac:d5:98:29:c1:cb:49:94:db:9e:
79:ea:1b:5a:c9:48:4c:6a:b9:14:b0:83:ed:57:01:
a1:f6:80:12:ec:99:27:59:8e:ed:61:2a:3c:9d:0f:
42:e4:69:ac:89:28:e5:56:ff:ec:88:d2:ee:7b:54:
82:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:31:9A:07:E8:03:28:6F:B3:5A:04:A5:96:5C:DF:D0:31:43:98:00
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7b:91:02:30:69:77:8c:32:1c:38:2e:a6:c6:f4:d9:4a:8f:f9:
90:44:3e:44:87:00:e2:de:c1:ba:ec:4b:36:b4:13:67:09:f4:
6b:ad:28:4a:00:24:b7:51:67:75:62:fc:49:b1:cc:bc:dc:8e:
d5:35:e4:a9:85:d4:f5:d8:56:0b:09:24:90:c3:7b:4e:c1:5b:
b3:ea:3b:b5:c4:67:41:ab:0c:6e:1f:d4:df:b9:b8:da:32:0e:
0b:86:5f:51:d5:af:35:2c:b8:d5:fc:09:b5:51:40:32:16:e4:
9e:11:93:37:10:4d:97:fd:b8:a3:68:82:7a:00:0e:53:b4:50:
71:1e:8b:39:2b:6e:94:55:c4:17:8e:dd:6e:f8:60:ef:a0:08:
26:fe:18:61:e7:0d:44:b6:c2:5d:c0:78:b8:18:4d:bc:04:f7:
f8:b3:d9:0e:c9:62:20:57:ba:72:e6:67:e3:b3:aa:8b:4a:e2:
c8:ab:30:b2:81:53:5b:d6:55:d2:00:e9:8a:fa:c3:f3:b7:26:
2f:7f:87:74:aa:b6:c0:e9:e9:28:d5:03:9e:e0:5a:b4:bb:e8:
b2:b1:38:79:63:ff:6a:25:c4:00:4c:b7:0c:ed:a4:88:0a:c4:
b0:2c:bb:60:4f:c3:c9:45:56:da:4c:bd:b9:ef:e8:1b:3a:6e:
a0:ba:e6:50
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJakDUcgiefL3p2c9O4DeRCfc5GEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MDExNTEwMjNaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0ODBkNDU1NjNiYTE2ZWUxYWRmMDFkMDVmNjk2YTZkMGNhYjVhM2ZkY2Vj
ZDM0Nzk4MDcyMmQxYjg4ZTY5ZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKBPv+1bs/8aZFnXSql+gQJg6t4tm7FPtO4r5bZR6g+lx9rMjS1AJ+zm4xQ
Xs0ATsXBT0eXwf6EQ8NfMwVDyZGCAZKnuuH0b+OY1lwO9BsvgFqPD0T7XHsBpvUK
WX4fNdbT/cXU3OpcKSpp/HCx9/DGLhXca0XI92TaJbIwmmzDq5JWUjAdePt2/Btn
hvm/1ZGZpgWzxSsK2Ozrjd5omGcYIfPhSg4/1GS4fERU/prQyxUaNd4wymNR95b3
ISZKFU8hIlyNa2Ws1ZgpwctJlNueeeobWslITGq5FLCD7VcBofaAEuyZJ1mO7WEq
PJ0PQuRprIko5Vb/7IjS7ntUgscCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTaMZoH
6AMob7NaBKWWXN/QMUOYADAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGM3NzEwYzctNmFiOC00NTQ1LWIwNGMtMGJiZWFhNTczZWFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNwMA0G
CSqGSIb3DQEBCwUAA4IBAQB7kQIwaXeMMhw4LqbG9NlKj/mQRD5EhwDi3sG67Es2
tBNnCfRrrShKACS3UWd1YvxJscy83I7VNeSphdT12FYLCSSQw3tOwVuz6ju1xGdB
qwxuH9TfubjaMg4Lhl9R1a81LLjV/Am1UUAyFuSeEZM3EE2X/bijaIJ6AA5TtFBx
Hos5K26UVcQXjt1u+GDvoAgm/hhh5w1EtsJdwHi4GE28BPf4s9kOyWIgV7py5mfj
s6qLSuLIqzCygVNb1lXSAOmK+sPztyYvf4d0qrbA6eko1QOe4Fq0u+iysTh5Y/9q
JcQATLcM7aSICsSwLLtgT8PJRVbaTL257+gbOm6guuZQ
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:19 2025 by rpki-client