Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
File: a02f9994-3943-4a2f-8467-87935bf3bf9e.roa (raw, json)
Hash identifier: a0OUzFF//LbPlqIvEVCqaiBJpGliRh4ovDxgM+Zl4Ag=
Subject key identifier: D0:5F:86:E8:E5:D4:2E:00:02:3F:C0:D4:0E:CA:3E:C7:49:8E:D7:BD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6FEE140669BD73F1C8CDED4978BD4568A5FBCBEE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
Signing time: Tue 20 May 2025 20:50:04 +0000
ROA not before: Tue 20 May 2025 20:50:04 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:ee:14:06:69:bd:73:f1:c8:cd:ed:49:78:bd:45:68:a5:fb:cb:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:04 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c7c3550a427159f04ebeec33753771508263dd1aeefb0a6ccd6d814679384f3c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:2e:df:e7:ef:1b:0a:4b:2c:90:db:23:eb:2b:
8d:aa:06:58:85:cc:d3:28:ed:f3:b9:d9:15:f9:a0:
7d:08:14:11:a9:b2:d1:25:12:72:4f:41:7c:5f:de:
61:fb:d5:21:7c:67:b1:5f:0a:9f:97:d3:af:0b:3c:
f4:7d:f4:6d:46:0e:ae:18:2b:d0:93:15:ce:8d:4b:
fe:90:c5:32:12:1f:69:69:e6:23:23:60:06:9c:ea:
75:3d:bc:53:cc:fc:57:2e:4d:55:92:ab:4f:bb:58:
68:6e:a5:4d:6c:b8:4d:96:c6:30:ce:6e:86:c4:52:
34:59:88:12:9a:e9:ef:00:00:1d:15:e8:01:83:54:
ab:cf:a0:da:e0:2e:32:67:94:4d:04:9e:11:7f:e3:
8a:39:d2:63:cd:f9:c8:2d:82:0f:10:81:d9:92:ca:
63:3a:6d:f4:49:ea:4d:37:19:90:d1:be:55:41:dc:
a9:75:17:0f:b3:8c:ca:d1:a1:27:5c:0d:7a:b9:d1:
5c:34:34:57:68:db:fd:b5:0b:c4:58:f2:8b:01:a4:
e9:2a:c0:d7:c1:7e:21:55:db:25:ad:86:1a:ad:a1:
a4:35:ef:ca:ab:06:26:b8:28:cf:39:50:fd:30:ab:
1c:76:39:b4:b4:d7:31:66:cf:58:2f:9a:99:ab:6f:
1f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:5F:86:E8:E5:D4:2E:00:02:3F:C0:D4:0E:CA:3E:C7:49:8E:D7:BD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:d8:1f:58:cb:3f:b2:84:e8:19:65:be:cf:de:3b:53:85:f8:
de:b0:e2:03:3f:3b:af:a2:91:bc:a2:af:a3:34:6e:e4:f0:d0:
15:31:21:0e:3d:af:cf:ac:07:db:10:9e:66:67:d1:4e:14:bd:
91:df:21:60:66:27:e7:88:d7:da:c1:f9:e0:22:92:11:e3:f5:
5c:66:c3:4a:9d:4c:f7:bb:73:03:0b:30:f6:e1:16:5f:9e:a0:
c7:bc:99:50:41:0a:a1:42:b8:63:ed:f9:62:d9:12:98:e4:7c:
79:bf:b7:c3:d3:d6:72:44:90:4e:cb:4c:f4:93:0b:81:4a:02:
0d:5b:62:3e:58:45:c0:b3:06:f7:3b:18:6e:00:ab:71:16:da:
37:64:97:aa:45:0a:00:7c:06:26:ca:4b:37:6b:64:a7:4f:2c:
e0:67:55:27:27:7c:9f:01:ee:2c:0b:86:f5:0c:49:27:67:26:
ea:f3:d6:3e:f3:59:1d:2e:bf:3f:14:c9:b3:b5:4c:39:66:a2:
b4:e8:d5:00:45:68:3d:2b:ba:d1:6c:02:00:fa:a4:28:51:c2:
7c:8d:77:53:51:a5:78:a7:be:91:98:dd:c8:b1:b5:e4:50:0d:
25:bf:b9:cb:c6:db:f9:67:e9:83:8f:4a:bd:d4:16:6c:0f:ef:
85:f9:31:38
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUb+4UBmm9c/HIze1JeL1FaKX7y+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMDRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3YzM1NTBhNDI3MTU5ZjA0ZWJlZWMzMzc1Mzc3MTUwODI2M2RkMWFlZWZi
MGE2Y2NkNmQ4MTQ2NzkzODRmM2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPYu3+fvGwpLLJDbI+srjaoGWIXM0yjt87nZFfmgfQgUEamy0SUSck9BfF/e
YfvVIXxnsV8Kn5fTrws89H30bUYOrhgr0JMVzo1L/pDFMhIfaWnmIyNgBpzqdT28
U8z8Vy5NVZKrT7tYaG6lTWy4TZbGMM5uhsRSNFmIEprp7wAAHRXoAYNUq8+g2uAu
MmeUTQSeEX/jijnSY835yC2CDxCB2ZLKYzpt9EnqTTcZkNG+VUHcqXUXD7OMytGh
J1wNernRXDQ0V2jb/bULxFjyiwGk6SrA18F+IVXbJa2GGq2hpDXvyqsGJrgozzlQ
/TCrHHY5tLTXMWbPWC+amatvH4kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTQX4bo
5dQuAAI/wNQOyj7HSY7XvTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTAyZjk5OTQtMzk0My00YTJmLTg0NjctODc5MzViZjNiZjllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQA92B9Yyz+yhOgZZb7P3jtThfjesOIDPzuvopG8oq+j
NG7k8NAVMSEOPa/PrAfbEJ5mZ9FOFL2R3yFgZifniNfawfngIpIR4/VcZsNKnUz3
u3MDCzD24RZfnqDHvJlQQQqhQrhj7fli2RKY5Hx5v7fD09ZyRJBOy0z0kwuBSgIN
W2I+WEXAswb3OxhuAKtxFto3ZJeqRQoAfAYmyks3a2SnTyzgZ1UnJ3yfAe4sC4b1
DEknZybq89Y+81kdLr8/FMmztUw5ZqK06NUARWg9K7rRbAIA+qQoUcJ8jXdTUaV4
p76RmN3IsbXkUA0lv7nLxtv5Z+mDj0q91BZsD++F+TE4
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:07:26 2025 by rpki-client