Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
File: 9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa (raw, json)
Hash identifier: yZ2gChz3szqSfWgy8aavHeuejl4nKIAy/qz9HQyRte0=
Subject key identifier: 88:68:48:FC:0D:DB:CF:AA:89:C9:62:57:8C:45:1E:DE:F7:61:5C:DF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 29A7BE507C5A7D104ED713F39383DA23771BB93D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
Signing time: Fri 25 Apr 2025 20:30:53 +0000
ROA not before: Fri 25 Apr 2025 20:30:53 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:a7:be:50:7c:5a:7d:10:4e:d7:13:f3:93:83:da:23:77:1b:b9:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:53 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=48973d3768b34756ba1d9bdaed27fd5dd87d0238d94dfd8a2a8d46fea7ca169c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:74:27:df:f0:8f:88:49:78:f9:a1:0f:76:1c:
74:dd:23:ad:7b:11:ca:0c:9b:80:2a:03:4a:5c:22:
d3:4e:a2:fc:06:bc:cd:ed:0b:4c:5b:cf:d4:e3:bb:
c2:dc:10:66:fa:8e:e5:a2:c8:99:62:8d:80:39:bc:
c9:4d:a5:e1:ae:15:c0:6e:5a:ff:01:89:fb:10:ba:
7b:f3:8f:00:2e:ae:55:f9:cf:4e:11:10:b1:8e:76:
37:b1:01:1f:4d:cd:5e:89:4e:ee:de:b7:0a:01:44:
73:11:75:ed:c5:6a:d4:5d:05:a3:f6:f8:02:1e:06:
fd:07:28:c1:78:c8:d1:c0:37:ce:94:06:46:1a:04:
52:33:67:bb:7b:8d:2f:1b:a1:77:02:07:4c:f2:9d:
24:13:40:25:d5:b6:b3:d6:d0:3e:aa:0c:15:3c:d2:
4e:18:83:55:80:a0:f7:05:92:6b:e6:a2:c5:3e:5d:
9f:92:b8:e7:f7:0e:38:af:7a:db:89:47:ae:51:e7:
b4:70:af:b3:87:14:ab:e0:9f:59:be:e6:7c:2d:2a:
e5:8a:6f:78:dc:86:d3:e5:58:e3:f0:d9:54:d4:f7:
24:08:eb:d0:1c:27:67:73:76:fb:94:02:b9:06:50:
aa:b9:4e:6f:45:58:12:df:e3:90:88:ab:8e:31:53:
f6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:68:48:FC:0D:DB:CF:AA:89:C9:62:57:8C:45:1E:DE:F7:61:5C:DF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8a:91:fc:46:57:d6:e0:ff:a0:71:a0:13:65:a4:c0:e0:8d:99:
f2:e4:12:b8:94:42:f8:bc:f8:91:06:79:e9:8a:34:5a:2b:7f:
c5:2d:f5:99:15:06:92:05:02:d8:ae:56:34:06:57:aa:71:e3:
7b:d2:ee:ce:85:5d:31:6c:bf:64:97:07:93:2d:61:61:9c:4a:
43:d4:ef:55:a0:ac:5c:98:3b:f5:96:6c:b1:25:5f:78:e9:70:
4e:eb:73:06:89:33:0c:01:7c:3d:a8:31:35:9a:f3:96:4e:7c:
22:6c:49:90:2d:50:b1:d0:20:6a:dd:f4:0a:31:b8:13:55:78:
13:55:49:41:f9:0a:e4:2e:18:55:aa:7f:6a:d5:1c:d3:8d:47:
ab:29:0c:9a:70:43:1e:21:9b:f3:3c:e9:7e:a4:23:21:dd:70:
3c:38:d8:e1:29:9b:c2:38:0c:37:e2:fc:1d:d9:09:45:4c:3f:
a7:ad:25:9d:d7:09:60:d1:a3:78:a2:c3:4e:b4:be:57:a0:ea:
78:d3:81:10:4b:cc:23:45:ac:19:42:8f:29:6e:30:e0:ab:f6:
4e:48:90:d3:1e:74:53:1e:63:f9:5c:a8:b3:21:c7:03:38:7e:
52:22:70:29:ca:69:5b:8a:b9:59:c6:13:53:df:65:b4:bf:2b:
5b:91:12:97
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKae+UHxafRBO1xPzk4PaI3cbuT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwNTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4OTczZDM3NjhiMzQ3NTZiYTFkOWJkYWVkMjdmZDVkZDg3ZDAyMzhkOTRk
ZmQ4YTJhOGQ0NmZlYTdjYTE2OWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALh0J9/wj4hJePmhD3YcdN0jrXsRygybgCoDSlwi006i/Aa8ze0LTFvP1OO7
wtwQZvqO5aLImWKNgDm8yU2l4a4VwG5a/wGJ+xC6e/OPAC6uVfnPThEQsY52N7EB
H03NXolO7t63CgFEcxF17cVq1F0Fo/b4Ah4G/QcowXjI0cA3zpQGRhoEUjNnu3uN
LxuhdwIHTPKdJBNAJdW2s9bQPqoMFTzSThiDVYCg9wWSa+aixT5dn5K45/cOOK96
24lHrlHntHCvs4cUq+CfWb7mfC0q5YpveNyG0+VY4/DZVNT3JAjr0BwnZ3N2+5QC
uQZQqrlOb0VYEt/jkIirjjFT9kUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSIaEj8
DdvPqonJYleMRR7e92Fc3zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEwOGI5OWEtMjg0Zi00ZTY5LTgzYjEtZmJmYmE5NGU3ZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQCKkfxGV9bg/6BxoBNlpMDgjZny5BK4lEL4vPiRBnnp
ijRaK3/FLfWZFQaSBQLYrlY0BleqceN70u7OhV0xbL9klweTLWFhnEpD1O9VoKxc
mDv1lmyxJV946XBO63MGiTMMAXw9qDE1mvOWTnwibEmQLVCx0CBq3fQKMbgTVXgT
VUlB+QrkLhhVqn9q1RzTjUerKQyacEMeIZvzPOl+pCMh3XA8ONjhKZvCOAw34vwd
2QlFTD+nrSWd1wlg0aN4osNOtL5XoOp404EQS8wjRawZQo8pbjDgq/ZOSJDTHnRT
HmP5XKizIccDOH5SInApymlbirlZxhNT32W0vytbkRKX
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:14 2025 by rpki-client