Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json)
Hash identifier: Z8+anCsjFiEDEzo00aIpHhXer25CYM58G/1voZMUkfY=
Subject key identifier: 24:63:87:1B:E0:58:68:02:C5:8C:D0:E4:77:D5:5D:37:C4:0E:93:9B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 587C5590235BBDC697A78C551FEC36F4E2C1A444
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
Signing time: Tue 20 May 2025 20:50:07 +0000
ROA not before: Tue 20 May 2025 20:50:07 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:7c:55:90:23:5b:bd:c6:97:a7:8c:55:1f:ec:36:f4:e2:c1:a4:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:07 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=4c6e07b3bf8bd8b9a9cd2f58a4048a91d96a00e51794c5e387c49f666d219214, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ae:44:e4:71:74:0e:ef:a2:ed:2a:2b:13:f9:
d0:ac:e7:8f:0d:a6:6c:fc:f2:01:12:0a:5e:a6:a0:
15:c3:cb:fa:6a:ed:e0:23:44:cd:a1:cd:97:a7:50:
36:ee:e1:20:ea:54:78:9f:04:cb:b9:bc:c2:af:c4:
ff:a9:ed:3f:9d:c0:ff:6c:12:5c:7a:7a:c8:64:8d:
de:af:1e:e1:8d:85:d6:ee:49:01:ae:d9:3b:fb:2f:
4d:c8:03:f0:23:52:f9:e3:00:45:66:52:1e:7c:2b:
c8:b9:de:ea:78:8d:ae:7b:94:fa:ff:ee:32:1d:8f:
3f:8b:76:be:db:40:1a:d0:9a:02:6d:8a:1c:98:53:
a0:3f:b6:59:d8:6c:61:aa:a9:73:5a:6f:83:16:a7:
f8:cc:5c:3f:5c:11:c9:90:10:5a:22:79:fa:fb:44:
4a:27:a1:e9:34:90:c8:76:ca:d9:99:d3:16:f2:e2:
14:48:79:45:d5:0e:b7:3c:3c:aa:0a:5b:e3:73:e3:
8a:a7:38:97:d4:13:56:ec:82:ba:68:23:12:6e:d5:
fa:20:62:c7:e5:40:ea:92:a9:5b:09:83:1c:5d:97:
4c:53:55:d0:25:81:d4:55:a1:03:8a:44:d2:10:96:
01:77:e1:b9:29:7e:09:1c:d3:c5:e4:a7:9d:87:d8:
5a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:63:87:1B:E0:58:68:02:C5:8C:D0:E4:77:D5:5D:37:C4:0E:93:9B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
be:f0:11:de:cb:36:72:42:87:d1:e2:86:ec:0b:97:e4:76:c1:
86:fb:07:14:08:1d:80:81:a0:7c:b5:5d:4c:bd:eb:d3:02:49:
ab:b7:51:1e:71:aa:c8:14:81:72:60:25:b4:16:9a:67:ac:11:
d3:14:18:a3:3a:39:4f:1b:0c:b4:c3:eb:e5:b6:e1:0b:f5:5b:
21:31:40:be:c3:67:4d:eb:e8:5d:5a:c7:c5:bb:a8:b0:ac:58:
ec:59:68:40:f9:c9:93:8e:00:64:b9:f6:4f:8c:25:53:c7:92:
c9:ac:eb:20:a9:7d:32:24:ae:9d:3d:a5:60:35:27:a4:6b:8a:
01:33:ae:90:bd:6f:bd:9f:af:76:aa:b6:bf:36:22:8e:a9:f1:
b0:db:ec:cb:ed:c9:23:55:a4:dc:48:38:93:25:4e:09:1d:1b:
e6:36:cd:a5:01:cc:a8:60:58:33:e3:20:4e:f6:69:da:03:79:
66:4b:72:4d:4e:16:76:38:6c:7c:d7:d5:9e:62:b5:a5:a7:07:
d6:50:b8:7a:12:05:3e:fc:76:a3:c0:54:63:5b:ff:26:6b:ba:
8c:3a:51:53:8c:69:f7:63:48:5c:d6:0b:61:f2:d1:43:6c:d4:
70:4f:20:6a:69:ca:ab:4d:1c:3a:79:31:10:1e:ba:31:ed:1d:
1d:68:84:c5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWHxVkCNbvcaXp4xVH+w29OLBpEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjNmUwN2IzYmY4YmQ4YjlhOWNkMmY1OGE0MDQ4YTkxZDk2YTAwZTUxNzk0
YzVlMzg3YzQ5ZjY2NmQyMTkyMTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPSuRORxdA7vou0qKxP50Kznjw2mbPzyARIKXqagFcPL+mrt4CNEzaHNl6dQ
Nu7hIOpUeJ8Ey7m8wq/E/6ntP53A/2wSXHp6yGSN3q8e4Y2F1u5JAa7ZO/svTcgD
8CNS+eMARWZSHnwryLne6niNrnuU+v/uMh2PP4t2vttAGtCaAm2KHJhToD+2Wdhs
Yaqpc1pvgxan+MxcP1wRyZAQWiJ5+vtESieh6TSQyHbK2ZnTFvLiFEh5RdUOtzw8
qgpb43Pjiqc4l9QTVuyCumgjEm7V+iBix+VA6pKpWwmDHF2XTFNV0CWB1FWhA4pE
0hCWAXfhuSl+CRzTxeSnnYfYWjcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQkY4cb
4FhoAsWM0OR31V03xA6TmzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQC+8BHeyzZyQofR4obsC5fkdsGG+wcUCB2AgaB8tV1M
vevTAkmrt1EecarIFIFyYCW0FppnrBHTFBijOjlPGwy0w+vltuEL9VshMUC+w2dN
6+hdWsfFu6iwrFjsWWhA+cmTjgBkufZPjCVTx5LJrOsgqX0yJK6dPaVgNSeka4oB
M66QvW+9n692qra/NiKOqfGw2+zL7ckjVaTcSDiTJU4JHRvmNs2lAcyoYFgz4yBO
9mnaA3lmS3JNThZ2OGx819WeYrWlpwfWULh6EgU+/HajwFRjW/8ma7qMOlFTjGn3
Y0hc1gth8tFDbNRwTyBqacqrTRw6eTEQHrox7R0daITF
-----END CERTIFICATE-----
Generated at Fri Jun 6 04:40:14 2025 by rpki-client