Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
File: 7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa (raw, json)
Hash identifier: dR+6YuNRmFQBUMS8W+BT/dmGLVoLIywYvPNt7y9mPOY=
Subject key identifier: 89:A6:AE:3C:44:8A:26:42:FA:DB:40:7E:0D:B5:42:E6:B9:48:38:8C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2B05EE57099FFA69F0C48570037E4C2D14B28E00
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
Signing time: Mon 31 Mar 2025 21:40:14 +0000
ROA not before: Mon 31 Mar 2025 21:40:14 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:05:ee:57:09:9f:fa:69:f0:c4:85:70:03:7e:4c:2d:14:b2:8e:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:40:14 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fd:09:a9:61:13:23:f2:bd:f0:2c:43:2f:6e:
8d:35:fd:54:99:f0:76:56:f0:39:bb:ca:d5:c2:a3:
ae:34:6c:50:0c:be:9a:a8:f8:21:3c:b9:c2:9a:a2:
7d:39:89:e0:0d:88:5c:d4:7b:0a:b9:46:38:89:28:
7e:79:5d:30:b7:7d:39:34:b6:7d:34:64:a2:34:c4:
89:be:30:4c:46:e9:d1:7b:da:1e:65:c4:78:f2:e4:
99:e1:ce:75:26:3e:6c:22:e7:1c:14:00:89:35:bc:
bd:72:a2:a4:37:a8:e3:37:3e:4c:19:fa:22:19:13:
c7:36:bd:ed:d5:99:03:e1:6d:71:89:8a:4e:9c:39:
2c:10:4d:b6:10:0a:81:b7:b4:3c:09:89:c4:73:bb:
ea:8c:17:f0:54:f0:9c:37:77:d4:f4:18:a2:ba:96:
d9:cc:f4:2e:be:41:ce:ee:0c:3a:be:0b:72:b7:52:
f3:79:3c:38:62:ec:f0:e8:ce:da:c1:27:92:21:57:
da:27:ed:2a:01:7a:11:f2:56:a7:4a:17:54:52:a4:
23:1d:0c:d0:c1:65:b4:57:2a:14:ed:3c:f2:94:8f:
e5:d8:5c:3a:da:37:f2:00:6b:0c:dd:8c:d9:c3:9d:
fe:13:9d:3a:3c:ab:03:64:21:6a:e9:49:e4:38:7e:
5f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A6:AE:3C:44:8A:26:42:FA:DB:40:7E:0D:B5:42:E6:B9:48:38:8C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1a:dd:06:30:55:90:d9:cb:ef:e8:5f:48:48:0c:fe:a6:53:ba:
6d:a6:f2:ea:70:fa:00:3b:6c:92:73:62:01:d5:cb:a1:98:a8:
84:09:25:bf:74:e1:14:d6:2c:7a:b7:3a:ed:a7:03:0c:a4:a0:
46:a1:38:b2:b9:df:47:b2:c6:3f:3f:41:2b:81:30:2a:a6:a9:
2b:e2:b7:72:2b:ed:ea:29:e2:a9:99:63:52:48:2c:ab:cf:44:
ce:38:10:0c:da:80:f9:d9:c2:ff:ea:1f:4a:5b:58:10:ba:a8:
a9:a9:9a:cb:69:55:27:11:49:ef:6c:e1:a0:eb:63:43:c5:66:
0f:1a:7a:2a:ee:fe:e6:47:cd:d8:cf:d0:f8:4a:1d:65:8d:4d:
d1:fb:76:a8:ef:c4:4e:b4:b7:88:d1:e0:06:39:ea:7c:07:54:
61:02:06:0c:e5:fd:91:29:8b:bf:f3:da:72:00:4b:01:5c:ae:
18:58:b1:dc:fb:c9:c5:5e:6b:a4:2f:08:04:ce:90:8d:03:ad:
02:c5:ac:f9:ad:70:d6:44:8e:d7:4f:cb:00:47:ce:b6:89:fb:
85:bd:21:e7:e4:fd:bc:d5:28:2c:c1:4a:ae:24:15:df:44:a0:
c8:85:03:6f:f0:44:94:e6:8b:6a:7b:35:03:6f:84:0f:e8:83:
6d:93:94:41
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKwXuVwmf+mnwxIVwA35MLRSyjgAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTQwMTRaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzY2U0MmMzZTgwNzg3YWQ0MGRlNjY1MTAxMTQ4OWYxNTFmMDlkMGM1YmYx
ODY2N2M4NzNiODYxOGExMDFlMzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALz9CalhEyPyvfAsQy9ujTX9VJnwdlbwObvK1cKjrjRsUAy+mqj4ITy5wpqi
fTmJ4A2IXNR7CrlGOIkofnldMLd9OTS2fTRkojTEib4wTEbp0XvaHmXEePLkmeHO
dSY+bCLnHBQAiTW8vXKipDeo4zc+TBn6IhkTxza97dWZA+FtcYmKTpw5LBBNthAK
gbe0PAmJxHO76owX8FTwnDd31PQYorqW2cz0Lr5Bzu4MOr4LcrdS83k8OGLs8OjO
2sEnkiFX2iftKgF6EfJWp0oXVFKkIx0M0MFltFcqFO088pSP5dhcOto38gBrDN2M
2cOd/hOdOjyrA2QhaulJ5Dh+X2MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSJpq48
RIomQvrbQH4NtULmuUg4jDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y1YzMwZDAtZWZhOC00MWMwLWFhN2QtYzUwMTZlOTMxNWQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQAa3QYwVZDZy+/oX0hIDP6mU7ptpvLqcPoAO2ySc2IB
1cuhmKiECSW/dOEU1ix6tzrtpwMMpKBGoTiyud9HssY/P0ErgTAqpqkr4rdyK+3q
KeKpmWNSSCyrz0TOOBAM2oD52cL/6h9KW1gQuqipqZrLaVUnEUnvbOGg62NDxWYP
Gnoq7v7mR83Yz9D4Sh1ljU3R+3ao78ROtLeI0eAGOep8B1RhAgYM5f2RKYu/89py
AEsBXK4YWLHc+8nFXmukLwgEzpCNA60Cxaz5rXDWRI7XT8sAR862ifuFvSHn5P28
1SgswUquJBXfRKDIhQNv8ESU5otqezUDb4QP6INtk5RB
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:00 2025 by rpki-client