Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
File: cf51afdd-468d-4999-b2cd-4c6517505aee.roa (raw, json)
Hash identifier: sDTrwe04PU3Kf7754HGUn0dRXqXtdBBUPbUjk8Pvn/Q=
Subject key identifier: 34:59:A3:87:96:4B:41:B7:7C:B8:A4:86:88:3A:6E:1C:35:8A:3A:4D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 610427A02152F6E8931FCDE0F53D5C165A8500E7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
Signing time: Fri 25 Apr 2025 20:40:05 +0000
ROA not before: Fri 25 Apr 2025 20:40:05 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:04:27:a0:21:52:f6:e8:93:1f:cd:e0:f5:3d:5c:16:5a:85:00:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:05 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=bd6b4fa991b9d26f26321438f47a2bc3e00179d964c5801d1ba8ba72161fc5b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cb:0e:2b:eb:4c:de:09:02:d5:d3:d3:5a:38:
33:79:49:5a:12:6a:a7:26:06:32:8f:2f:3d:f7:39:
24:d6:1f:42:dc:5a:76:2e:1a:dd:1f:bb:76:4c:44:
40:c8:fe:85:42:48:77:89:5b:61:b6:f2:57:d1:10:
0d:41:4a:44:4e:dc:70:1b:54:89:e0:78:9e:4d:88:
89:a9:91:f9:c4:c1:d5:02:39:57:0f:92:dd:ad:20:
09:eb:e2:4e:71:c4:4d:c1:ea:a7:bc:cf:7c:10:98:
50:a9:72:d0:7a:4a:ba:02:70:3d:a2:ed:14:67:96:
20:a7:74:a1:58:b8:64:17:e9:08:c0:df:da:29:a0:
94:5b:64:2b:14:67:3e:c6:0c:7c:ca:1a:00:29:3a:
18:61:db:3b:d9:0a:0a:5e:d2:37:70:53:9e:34:28:
96:87:56:4d:c5:a2:f3:cb:08:e3:ce:b6:4a:e6:97:
cf:e5:97:54:db:3c:64:39:e4:41:a1:f6:3d:d8:94:
6a:97:ef:98:39:81:df:93:09:3a:0c:1f:03:29:6f:
b4:92:4c:7b:71:c9:77:5e:e6:f9:47:b7:5c:e0:23:
3c:cc:97:49:d0:20:9b:b0:17:fc:5a:69:70:83:d9:
c2:2e:e0:c2:6e:80:d7:63:18:6e:e9:2a:e2:f1:40:
3c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:59:A3:87:96:4B:41:B7:7C:B8:A4:86:88:3A:6E:1C:35:8A:3A:4D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9f:b7:77:7d:83:de:91:fe:20:d8:24:a7:84:00:c5:44:70:a8:
20:ce:11:2e:85:41:a9:d0:dc:d9:c0:2f:f8:0b:e6:71:f3:65:
7d:3f:71:4b:df:50:1f:3e:10:1b:c2:ae:66:27:40:d7:00:e3:
7b:64:3e:bd:fb:14:b6:4d:fa:05:4c:e8:6b:03:42:8a:f5:84:
e2:7c:a6:1b:82:04:4c:5b:eb:29:a7:06:69:c5:0f:ac:e9:19:
c0:0d:8b:f3:47:b1:4c:95:b4:e0:fd:b2:51:27:9e:96:99:54:
20:f2:ba:cb:d5:0e:c9:d1:90:76:ea:95:f1:56:92:94:09:b4:
bf:e8:b5:7e:f7:1e:8f:43:4c:68:f7:ed:fa:45:24:93:3a:97:
a4:07:66:4c:7d:a2:55:75:0f:b4:77:5d:d4:37:de:4b:17:ba:
ad:f0:a2:46:c7:14:4d:77:d5:44:fb:d7:12:0e:6c:17:22:25:
07:fd:ca:0a:24:a0:62:58:a7:b0:f3:3c:60:18:e5:86:08:19:
98:47:10:80:2e:8b:47:ad:4c:a6:80:f6:c3:6f:00:8c:2f:ec:
7c:44:31:79:a8:15:02:b0:61:4d:8b:43:fa:05:36:d4:1c:bd:
44:54:cc:31:80:9d:88:c7:56:56:85:cc:53:12:d6:71:7e:a5:
f7:dd:f6:fe
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYQQnoCFS9uiTH83g9T1cFlqFAOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMDVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkNmI0ZmE5OTFiOWQyNmYyNjMyMTQzOGY0N2EyYmMzZTAwMTc5ZDk2NGM1
ODAxZDFiYThiYTcyMTYxZmM1YjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJjLDivrTN4JAtXT01o4M3lJWhJqpyYGMo8vPfc5JNYfQtxadi4a3R+7dkxE
QMj+hUJId4lbYbbyV9EQDUFKRE7ccBtUieB4nk2IiamR+cTB1QI5Vw+S3a0gCevi
TnHETcHqp7zPfBCYUKly0HpKugJwPaLtFGeWIKd0oVi4ZBfpCMDf2imglFtkKxRn
PsYMfMoaACk6GGHbO9kKCl7SN3BTnjQolodWTcWi88sI4862SuaXz+WXVNs8ZDnk
QaH2PdiUapfvmDmB35MJOgwfAylvtJJMe3HJd17m+Ue3XOAjPMyXSdAgm7AX/Fpp
cIPZwi7gwm6A12MYbukq4vFAPAMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ0WaOH
lktBt3y4pIaIOm4cNYo6TTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1MWFmZGQtNDY4ZC00OTk5LWIyY2QtNGM2NTE3NTA1YWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQCft3d9g96R/iDYJKeEAMVEcKggzhEuhUGp0NzZwC/4
C+Zx82V9P3FL31AfPhAbwq5mJ0DXAON7ZD69+xS2TfoFTOhrA0KK9YTifKYbggRM
W+sppwZpxQ+s6RnADYvzR7FMlbTg/bJRJ56WmVQg8rrL1Q7J0ZB26pXxVpKUCbS/
6LV+9x6PQ0xo9+36RSSTOpekB2ZMfaJVdQ+0d13UN95LF7qt8KJGxxRNd9VE+9cS
DmwXIiUH/coKJKBiWKew8zxgGOWGCBmYRxCALotHrUymgPbDbwCML+x8RDF5qBUC
sGFNi0P6BTbUHL1EVMwxgJ2Ix1ZWhcxTEtZxfqX33fb+
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:04:25 2025 by rpki-client