Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
File: 9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa (raw, json)
Hash identifier: s6Ua6kCsW/Q56dnySC/DJZyw4/4qiEcHt+AexlOyVS4=
Subject key identifier: 21:3C:C1:F7:DD:6B:CB:EF:9A:E8:53:F9:BE:1B:9E:B5:CF:EA:FA:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1333DB0E434A1E84534DEB5206F3E94F7AA4C908
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
Signing time: Fri 25 Apr 2025 20:30:13 +0000
ROA not before: Fri 25 Apr 2025 20:30:13 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.139.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:33:db:0e:43:4a:1e:84:53:4d:eb:52:06:f3:e9:4f:7a:a4:c9:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:13 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=51eeb18802fd3f5486917a3dbc924e60afeae39cb209f80529e23610a5da74aa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9b:80:79:f5:bc:b5:49:62:70:56:bb:c7:2f:
d3:c1:6e:96:40:03:c2:63:b8:bf:47:df:7c:5b:df:
fb:0a:3a:01:0d:2c:c2:8e:89:d5:88:13:63:0e:a3:
08:97:18:52:82:da:21:52:9a:77:00:13:c7:10:4b:
a3:0b:ab:d9:17:e2:a6:7e:cd:1f:66:d5:94:f0:f6:
ae:cc:8a:d3:35:f4:7f:b1:d1:65:5b:b2:5c:73:90:
cc:5a:37:da:52:c7:e8:65:0f:b0:bd:d0:7e:63:07:
b4:b4:4c:0f:16:c4:dc:4d:57:df:e0:67:97:78:a7:
47:7f:26:92:82:70:54:4a:39:fd:74:e2:91:45:25:
68:bd:0e:ee:b1:12:0f:5c:cb:ec:03:b1:94:88:5c:
9e:4d:c9:1c:5f:22:45:42:3d:b6:f5:08:83:2d:45:
48:e6:7e:20:e2:c2:10:25:56:a0:ea:ab:39:7c:b4:
bd:de:22:0d:67:d2:dd:f8:53:cb:d7:79:41:b7:a0:
19:bb:e1:ac:f9:e3:40:92:5a:e9:91:eb:2f:4d:fe:
70:40:47:f5:a2:7b:bb:b0:ce:d3:e3:b2:17:49:ae:
de:3d:63:56:ca:aa:8d:df:80:e1:bb:5f:62:3c:92:
d9:bb:b8:62:39:71:fd:01:32:1e:b0:c6:ad:b6:06:
bc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:3C:C1:F7:DD:6B:CB:EF:9A:E8:53:F9:BE:1B:9E:B5:CF:EA:FA:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
85:b2:51:22:8b:4b:e2:62:9a:fa:65:ad:00:fe:60:60:7a:e3:
7b:69:b8:99:7a:71:f2:55:1d:b2:49:e1:f4:b1:37:5b:b5:cc:
89:b4:4c:e1:4f:3e:da:cc:41:46:52:eb:77:27:75:73:9a:2b:
3a:b2:00:af:37:97:d0:99:a9:58:c3:26:bc:d6:d2:98:0b:ff:
0e:33:3a:ce:65:80:72:33:7d:90:0c:48:99:c3:0e:ff:14:56:
51:79:c0:30:e9:50:f1:4c:e6:fe:d0:9b:61:b6:91:c9:10:7c:
7b:e8:91:7f:0e:9e:2f:7e:bf:e6:52:33:bd:72:cc:eb:74:c7:
4c:b1:9d:f2:cf:d4:fa:a7:13:dd:ae:08:9a:42:9c:0f:c2:fe:
aa:e2:f8:11:a4:04:96:44:0d:4f:61:f2:fb:5c:8c:fc:59:e2:
42:b7:fd:26:cd:59:10:3e:8e:9c:39:ff:7b:b5:6b:41:2e:b5:
e1:78:6b:a4:e3:0d:3c:9d:fc:69:99:70:da:0c:5d:3d:0a:2e:
ed:72:20:24:52:1a:ad:7f:b2:18:8d:9d:b2:78:65:e3:f1:68:
19:48:32:76:8c:76:19:c4:f3:1b:f4:54:d7:90:76:91:a2:9a:
7e:ba:1f:52:31:35:c2:8b:fe:52:a6:09:2b:4a:a9:d0:fe:3c:
97:76:e1:25
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEzPbDkNKHoRTTetSBvPpT3qkyQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxZWViMTg4MDJmZDNmNTQ4NjkxN2EzZGJjOTI0ZTYwYWZlYWUzOWNiMjA5
ZjgwNTI5ZTIzNjEwYTVkYTc0YWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIqbgHn1vLVJYnBWu8cv08FulkADwmO4v0fffFvf+wo6AQ0swo6J1YgTYw6j
CJcYUoLaIVKadwATxxBLowur2Rfipn7NH2bVlPD2rsyK0zX0f7HRZVuyXHOQzFo3
2lLH6GUPsL3QfmMHtLRMDxbE3E1X3+Bnl3inR38mkoJwVEo5/XTikUUlaL0O7rES
D1zL7AOxlIhcnk3JHF8iRUI9tvUIgy1FSOZ+IOLCECVWoOqrOXy0vd4iDWfS3fhT
y9d5QbegGbvhrPnjQJJa6ZHrL03+cEBH9aJ7u7DO0+OyF0mu3j1jVsqqjd+A4btf
YjyS2bu4Yjlx/QEyHrDGrbYGvC0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQhPMH3
3WvL75roU/m+G561z+r6wzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEzZWFlNWMtMDI3ZS00YzM4LWFiOGUtMzMwYjNlNWJhZDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOLMA0G
CSqGSIb3DQEBCwUAA4IBAQCFslEii0viYpr6Za0A/mBgeuN7abiZenHyVR2ySeH0
sTdbtcyJtEzhTz7azEFGUut3J3Vzmis6sgCvN5fQmalYwya81tKYC/8OMzrOZYBy
M32QDEiZww7/FFZRecAw6VDxTOb+0JthtpHJEHx76JF/Dp4vfr/mUjO9cszrdMdM
sZ3yz9T6pxPdrgiaQpwPwv6q4vgRpASWRA1PYfL7XIz8WeJCt/0mzVkQPo6cOf97
tWtBLrXheGuk4w08nfxpmXDaDF09Ci7tciAkUhqtf7IYjZ2yeGXj8WgZSDJ2jHYZ
xPMb9FTXkHaRopp+uh9SMTXCi/5SpgkrSqnQ/jyXduEl
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:04 2025 by rpki-client