Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
File: 42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa (raw, json)
Hash identifier: wKgEgE/4EE2NtQPWFtCYXHZSMGEjfZrI8hQ+HgZZ5P8=
Subject key identifier: E6:E0:15:FC:34:D6:8B:41:19:4E:BA:D7:38:2F:25:CD:36:BC:69:66
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6A70B11E395ABCEDC10072780BE091E8DB5CE4FA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
Signing time: Tue 20 May 2025 20:40:16 +0000
ROA not before: Tue 20 May 2025 20:40:16 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:70:b1:1e:39:5a:bc:ed:c1:00:72:78:0b:e0:91:e8:db:5c:e4:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:16 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=751535cb9b9ffcc7767c08a32275c293bd7c1d32e74418a5925eb45ec4f2ee40, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1c:9b:0d:14:bc:6a:18:0e:6b:84:ed:b6:59:
15:e2:e5:40:5c:c4:fd:4f:bf:77:e8:e8:45:5c:76:
f0:d9:c7:b9:73:70:c6:34:4d:07:42:1e:4f:c7:53:
bd:a3:f2:49:16:78:40:cd:94:d0:a9:cb:09:02:83:
0b:91:eb:59:77:b6:bd:3b:80:25:73:a5:2d:de:3b:
f6:1e:6c:30:4c:9e:96:34:f3:e9:5e:92:12:a6:36:
28:ee:0f:aa:30:a6:34:09:1c:20:0c:74:21:1f:49:
eb:e0:12:4b:c9:dd:a0:e9:49:d9:c8:7f:a2:ea:50:
d1:3a:39:b4:85:91:a8:0c:2a:50:a9:e2:67:dd:54:
9c:d1:c8:27:77:ba:06:a2:18:b5:c2:7c:dd:fb:e7:
6f:1d:a1:07:63:3a:e2:c7:5f:d7:eb:6e:c4:96:b5:
bf:ef:76:d2:de:c7:37:bf:63:76:c9:86:3a:e7:54:
d8:17:3d:e2:06:be:9b:c3:c3:2c:72:33:8c:5a:96:
86:b5:1b:d0:23:b3:6b:97:68:cc:29:30:03:f4:bc:
4d:81:6c:1c:96:20:e5:66:4d:22:94:d8:9a:29:4a:
e4:b4:b5:11:66:35:43:62:a5:29:f8:22:3a:af:eb:
65:17:3a:74:d0:5a:a2:15:fa:16:9f:90:7b:55:94:
7f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:E0:15:FC:34:D6:8B:41:19:4E:BA:D7:38:2F:25:CD:36:BC:69:66
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a7:8c:9a:0c:94:5d:38:51:4a:71:88:6c:15:1c:cb:12:8b:e3:
57:cc:9c:c1:f9:16:77:25:aa:2c:5f:48:fa:69:9d:29:7c:65:
b0:88:32:e1:79:81:ec:93:8a:33:7b:5a:26:d1:a4:6a:20:2f:
19:86:be:39:82:c3:26:95:8e:52:94:2e:8f:9f:1d:8f:c8:b6:
55:f3:21:b2:1b:db:78:a7:77:88:5c:d8:b7:2c:08:ec:0b:15:
cf:35:73:2b:b5:b0:14:b9:6e:7c:96:fe:b2:eb:8a:72:57:88:
11:83:e5:45:a7:ae:74:1c:97:41:c1:7c:30:f9:55:dd:37:04:
dd:62:19:46:bb:b7:50:ac:fa:1c:34:14:e2:ff:f9:11:40:79:
11:b2:6e:2d:40:18:f7:8b:63:60:2f:e3:1d:df:ed:03:33:63:
2c:39:6f:45:0b:a5:1d:00:47:5a:f1:7d:f8:86:74:88:1c:23:
ad:04:5f:c6:69:d1:3d:1b:63:05:54:b8:fb:e4:6a:6a:bf:17:
d7:18:26:8d:df:81:06:a9:39:e4:f7:f5:da:01:29:0e:28:3c:
6e:f9:05:5d:25:e0:76:31:e2:91:1c:db:40:a9:72:94:f7:74:
86:35:0d:87:9b:43:79:fb:4f:56:31:4c:db:ef:78:9d:65:26:
ee:50:6f:e3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUanCxHjlavO3BAHJ4C+CR6Ntc5PowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1MTUzNWNiOWI5ZmZjYzc3NjdjMDhhMzIyNzVjMjkzYmQ3YzFkMzJlNzQ0
MThhNTkyNWViNDVlYzRmMmVlNDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJEcmw0UvGoYDmuE7bZZFeLlQFzE/U+/d+joRVx28NnHuXNwxjRNB0IeT8dT
vaPySRZ4QM2U0KnLCQKDC5HrWXe2vTuAJXOlLd479h5sMEyeljTz6V6SEqY2KO4P
qjCmNAkcIAx0IR9J6+ASS8ndoOlJ2ch/oupQ0To5tIWRqAwqUKniZ91UnNHIJ3e6
BqIYtcJ83fvnbx2hB2M64sdf1+tuxJa1v+920t7HN79jdsmGOudU2Bc94ga+m8PD
LHIzjFqWhrUb0COza5dozCkwA/S8TYFsHJYg5WZNIpTYmilK5LS1EWY1Q2KlKfgi
Oq/rZRc6dNBaohX6Fp+Qe1WUf0kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTm4BX8
NNaLQRlOutc4LyXNNrxpZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJlZmExYTgtZjgwNC00N2M1LThhM2QtNmYzZWEwNWUxYTViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQCnjJoMlF04UUpxiGwVHMsSi+NXzJzB+RZ3JaosX0j6
aZ0pfGWwiDLheYHsk4oze1om0aRqIC8Zhr45gsMmlY5SlC6Pnx2PyLZV8yGyG9t4
p3eIXNi3LAjsCxXPNXMrtbAUuW58lv6y64pyV4gRg+VFp650HJdBwXww+VXdNwTd
YhlGu7dQrPocNBTi//kRQHkRsm4tQBj3i2NgL+Md3+0DM2MsOW9FC6UdAEda8X34
hnSIHCOtBF/GadE9G2MFVLj75GpqvxfXGCaN34EGqTnk9/XaASkOKDxu+QVdJeB2
MeKRHNtAqXKU93SGNQ2Hm0N5+09WMUzb73idZSbuUG/j
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:27:28 2025 by rpki-client