Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
File: ecd45447-b567-4c62-b588-28bb50cce889.roa (raw, json)
Hash identifier: B62Sx+GC/SZY6ySJ/1EoZBuFQ/qxer5MAPG+DmcvcCg=
Subject key identifier: CE:D5:C0:42:3A:4D:98:F8:8A:17:E1:8D:A7:3D:9C:3F:ED:A9:D3:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26DCE516E218AA80A23CE6F45ADCAFF8B2F6D0F5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
Signing time: Fri 25 Apr 2025 20:31:23 +0000
ROA not before: Fri 25 Apr 2025 20:31:23 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:dc:e5:16:e2:18:aa:80:a2:3c:e6:f4:5a:dc:af:f8:b2:f6:d0:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:23 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=78bd2c101884cb59524c93496cb2ad4d92c1c3fb36a4b0761fc24824b0bd4f96, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:25:2a:44:e3:f7:f1:c5:78:4a:cc:a4:3a:d0:
81:e1:72:ce:78:4b:99:1f:1c:c8:db:85:98:c2:3b:
e1:3f:25:93:59:29:04:e9:f1:aa:22:82:a7:cb:78:
2e:6e:78:2e:69:cd:4b:ae:29:40:fb:d1:bf:ef:3a:
75:3b:81:42:b4:bd:7e:20:87:82:0b:aa:13:f3:e0:
dd:71:57:49:d6:7f:5a:50:7d:53:44:41:4a:d8:da:
99:ea:6b:80:af:92:f4:b2:dd:56:73:28:de:db:f8:
6f:67:13:de:3d:bb:9a:03:d1:e8:00:64:d5:d3:23:
9c:b4:fd:1c:ea:e1:0a:41:a9:36:ae:ea:d2:52:98:
f0:41:40:3c:42:26:05:16:54:ac:b4:b1:d1:af:16:
4f:2d:b9:93:d6:7a:57:a6:70:5e:89:5f:d4:6e:43:
02:1a:e8:40:40:c4:11:16:73:ee:ee:fe:ce:2e:c0:
2e:2b:dd:43:14:3f:36:39:4f:15:a6:94:51:c9:a5:
d8:b0:ac:2d:6b:9c:34:f9:d7:50:f5:13:2c:83:e2:
b6:ef:fa:d2:8b:30:81:47:e6:fb:ac:47:89:c4:cc:
25:a7:ab:09:71:dd:97:62:6e:ca:10:83:6d:99:d4:
12:bd:7a:7e:3c:0a:d8:b7:15:91:4c:42:e6:f5:85:
b4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D5:C0:42:3A:4D:98:F8:8A:17:E1:8D:A7:3D:9C:3F:ED:A9:D3:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
07:3c:a6:74:6b:1a:13:22:57:45:8c:40:b2:23:4a:11:f2:46:
29:74:90:e5:99:b6:5e:3f:2f:5f:57:a4:18:c3:c4:3e:ac:9f:
a4:88:1a:b9:2d:16:10:7b:78:7e:99:d3:3d:cc:95:43:d9:39:
ff:03:19:9c:d9:cb:88:68:c1:c0:eb:94:76:83:10:a5:e4:67:
28:2d:84:2f:62:f7:34:b9:80:91:73:78:41:be:26:74:62:f9:
27:8f:97:5f:0f:aa:5a:02:47:59:84:6c:ed:e2:f6:5e:82:6c:
18:9e:0e:e1:d8:75:fc:d3:f9:99:fa:da:f3:d1:17:35:84:e8:
b4:6c:45:34:3f:70:8a:ce:bb:99:c1:92:da:23:d3:39:c9:50:
5a:b5:64:28:ed:7e:37:d8:55:2e:71:56:cb:cd:a6:06:1c:f9:
61:9a:8a:08:12:ae:aa:42:f8:d8:27:a4:b2:0a:09:3a:ba:5a:
c8:10:b4:b2:a2:37:c5:0a:29:d5:6d:4d:27:ea:4a:99:96:97:
bc:6a:df:08:81:14:2b:94:0b:5a:7c:fc:42:34:ad:d0:bb:61:
39:6a:25:10:68:4b:ba:0e:6b:47:8b:d5:35:85:1b:9f:4e:cb:
87:73:54:91:b0:4b:81:2a:4d:93:81:2e:68:bf:7a:3e:fc:06:
19:c7:d5:be
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJtzlFuIYqoCiPOb0Wtyv+LL20PUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMjNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4YmQyYzEwMTg4NGNiNTk1MjRjOTM0OTZjYjJhZDRkOTJjMWMzZmIzNmE0
YjA3NjFmYzI0ODI0YjBiZDRmOTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPElKkTj9/HFeErMpDrQgeFyznhLmR8cyNuFmMI74T8lk1kpBOnxqiKCp8t4
Lm54LmnNS64pQPvRv+86dTuBQrS9fiCHgguqE/Pg3XFXSdZ/WlB9U0RBStjamepr
gK+S9LLdVnMo3tv4b2cT3j27mgPR6ABk1dMjnLT9HOrhCkGpNq7q0lKY8EFAPEIm
BRZUrLSx0a8WTy25k9Z6V6ZwXolf1G5DAhroQEDEERZz7u7+zi7ALivdQxQ/NjlP
FaaUUcml2LCsLWucNPnXUPUTLIPitu/60oswgUfm+6xHicTMJaerCXHdl2JuyhCD
bZnUEr16fjwK2LcVkUxC5vWFtDcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTO1cBC
Ok2Y+IoX4Y2nPZw/7anT/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNkNDU0NDctYjU2Ny00YzYyLWI1ODgtMjhiYjUwY2NlODg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQAHPKZ0axoTIldFjECyI0oR8kYpdJDlmbZePy9fV6QY
w8Q+rJ+kiBq5LRYQe3h+mdM9zJVD2Tn/Axmc2cuIaMHA65R2gxCl5GcoLYQvYvc0
uYCRc3hBviZ0Yvknj5dfD6paAkdZhGzt4vZegmwYng7h2HX80/mZ+trz0Rc1hOi0
bEU0P3CKzruZwZLaI9M5yVBatWQo7X432FUucVbLzaYGHPlhmooIEq6qQvjYJ6Sy
Cgk6ulrIELSyojfFCinVbU0n6kqZlpe8at8IgRQrlAtafPxCNK3Qu2E5aiUQaEu6
DmtHi9U1hRufTsuHc1SRsEuBKk2TgS5ov3o+/AYZx9W+
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:51:55 2025 by rpki-client