Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
File: 993731a0-abe8-41b9-bad3-ce7852d4f117.roa (raw, json)
Hash identifier: M/7irMhUQ8+l5MYGGKugjehk+R+KJV0pmFeOBFdfwqM=
Subject key identifier: BD:EE:87:E8:02:1F:E9:A3:58:C4:87:DB:6F:89:2A:FD:77:95:E3:76
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 731C1DFAA2101BCA4EB30EACD3924FA7FD1659D2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
Signing time: Fri 25 Apr 2025 20:40:18 +0000
ROA not before: Fri 25 Apr 2025 20:40:18 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:1c:1d:fa:a2:10:1b:ca:4e:b3:0e:ac:d3:92:4f:a7:fd:16:59:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:18 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=765c97dba8d2b770fcb915af2da30432779f7ba01b4d37fc1f6102d9000308f2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:46:3a:39:c0:2e:31:32:1b:ef:e9:8f:e0:f8:
6a:c7:08:7d:19:ed:98:0c:7b:b3:12:52:8f:4c:03:
30:73:5f:6a:fa:19:f5:d8:d2:32:d3:37:83:16:3c:
07:c5:c0:06:5c:f7:c3:a8:e4:72:34:95:ac:88:7d:
ac:c5:93:6d:68:e7:e6:aa:68:26:4c:de:02:e8:a8:
16:7a:cd:58:91:3a:e7:af:d6:f4:f2:90:18:54:80:
2f:f5:e0:eb:30:83:a9:b2:2d:0a:09:2e:82:95:d2:
69:a5:94:ed:c7:7c:98:26:91:0f:20:1f:93:c2:f2:
ab:c4:b0:85:c5:c4:72:76:05:9a:0a:c2:c4:69:f3:
22:5a:c5:55:d1:4e:bd:a9:22:b8:4a:37:21:44:7c:
41:1b:52:46:7b:90:91:95:7a:93:46:74:64:89:fe:
b7:d7:8a:bb:33:c6:94:d5:65:33:43:aa:88:78:e6:
db:69:3d:39:4c:f4:41:e0:70:1f:f2:aa:b3:94:6c:
85:a0:1e:88:32:e7:96:07:ec:7f:64:cd:7d:c6:54:
a3:41:a3:b9:4a:de:32:4a:7b:15:97:e9:b2:8f:b7:
06:56:01:f7:a4:24:a8:83:2e:66:a8:75:dd:68:4b:
7c:1e:84:74:a7:9f:8b:fa:14:8c:57:a0:99:f9:cb:
cd:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:EE:87:E8:02:1F:E9:A3:58:C4:87:DB:6F:89:2A:FD:77:95:E3:76
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
03:aa:06:58:e7:d0:f0:39:77:56:92:37:fe:de:60:8c:74:2a:
aa:0f:c5:1d:45:dc:25:fa:ae:23:da:78:ce:27:cc:77:e5:0f:
b2:70:9a:24:b0:b2:32:c1:b4:4c:9f:b0:4c:e3:85:eb:a5:e1:
21:0f:c2:82:52:d0:75:54:2d:6a:59:a7:62:75:6e:de:7f:05:
d7:95:65:17:9a:4e:7c:18:6a:3d:79:8e:06:2d:25:47:e3:26:
69:9f:87:00:4c:57:23:32:04:c1:ab:8a:cd:45:0a:92:74:31:
bd:04:1a:f7:9a:cd:f9:5e:2d:50:8f:41:07:34:77:00:c5:49:
a1:af:b0:7f:d3:46:bc:84:e9:f4:a6:9e:31:db:13:94:92:7d:
bf:02:96:f7:92:0f:76:ab:58:ac:b9:f7:bb:7b:b5:a1:f4:76:
70:78:8a:76:98:11:35:42:45:52:e4:52:55:ea:ff:6b:3f:2c:
0a:82:74:4b:08:d6:84:ed:25:77:25:5c:d3:85:ad:4c:d1:d1:
35:2e:15:8c:78:d5:62:31:b3:60:f6:6b:81:e2:0a:8c:5c:97:
66:c4:a6:cb:19:13:a6:08:df:c6:7a:e0:9d:8a:96:08:e6:fd:
a8:ea:6a:99:26:f4:19:95:1c:e3:53:a0:6f:e3:e5:b1:8d:0a:
0c:c7:83:5a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcxwd+qIQG8pOsw6s05JPp/0WWdIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMThaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2NWM5N2RiYThkMmI3NzBmY2I5MTVhZjJkYTMwNDMyNzc5ZjdiYTAxYjRk
MzdmYzFmNjEwMmQ5MDAwMzA4ZjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZGOjnALjEyG+/pj+D4ascIfRntmAx7sxJSj0wDMHNfavoZ9djSMtM3gxY8
B8XABlz3w6jkcjSVrIh9rMWTbWjn5qpoJkzeAuioFnrNWJE656/W9PKQGFSAL/Xg
6zCDqbItCgkugpXSaaWU7cd8mCaRDyAfk8Lyq8SwhcXEcnYFmgrCxGnzIlrFVdFO
vakiuEo3IUR8QRtSRnuQkZV6k0Z0ZIn+t9eKuzPGlNVlM0OqiHjm22k9OUz0QeBw
H/Kqs5RshaAeiDLnlgfsf2TNfcZUo0GjuUreMkp7FZfpso+3BlYB96QkqIMuZqh1
3WhLfB6EdKefi/oUjFegmfnLzdcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS97ofo
Ah/po1jEh9tviSr9d5XjdjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTkzNzMxYTAtYWJlOC00MWI5LWJhZDMtY2U3ODUyZDRmMTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQADqgZY59DwOXdWkjf+3mCMdCqqD8UdRdwl+q4j2njO
J8x35Q+ycJoksLIywbRMn7BM44XrpeEhD8KCUtB1VC1qWadidW7efwXXlWUXmk58
GGo9eY4GLSVH4yZpn4cATFcjMgTBq4rNRQqSdDG9BBr3ms35Xi1Qj0EHNHcAxUmh
r7B/00a8hOn0pp4x2xOUkn2/Apb3kg92q1isufe7e7Wh9HZweIp2mBE1QkVS5FJV
6v9rPywKgnRLCNaE7SV3JVzTha1M0dE1LhWMeNViMbNg9muB4gqMXJdmxKbLGROm
CN/GeuCdipYI5v2o6mqZJvQZlRzjU6Bv4+WxjQoMx4Na
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:40:08 2025 by rpki-client