Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
File: 709c8cf6-9d5d-47d6-8b70-40eff8390658.roa (raw, json)
Hash identifier: jECRXvkmxo5UkzReHrdBBgfe61iHp+EA53S6/NW64ZY=
Subject key identifier: 77:0C:82:16:51:3A:81:B0:C7:2B:C8:C2:B8:59:96:00:6B:05:2A:81
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 31A9262E3F665650B138BC00EABB8CFF7DD72681
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
Signing time: Tue 20 May 2025 20:50:41 +0000
ROA not before: Tue 20 May 2025 20:50:41 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:a9:26:2e:3f:66:56:50:b1:38:bc:00:ea:bb:8c:ff:7d:d7:26:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:41 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=7b389992007a4907bd9d9a967fd17338d8e3a77272913706aab27e9eda44e12f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:26:32:da:74:24:a2:01:c4:3e:23:f6:c0:fb:
84:de:a1:e1:c5:ef:e6:1c:b6:28:a8:f4:26:94:99:
72:3f:62:a8:eb:b6:20:fe:81:f9:d6:16:03:60:8f:
4c:76:6f:00:61:30:cf:12:89:34:a1:8a:63:fc:e0:
f8:37:b1:da:47:1e:34:de:7f:14:ad:85:f2:ac:89:
f8:8c:f6:66:91:c5:d0:32:c6:bb:d8:74:ef:ef:7c:
07:dc:1c:7c:17:6c:2d:59:cf:60:72:90:4c:7a:2a:
c5:5b:bc:2a:6d:5d:6b:13:e5:60:34:0d:e8:79:2f:
ab:6e:ef:7b:7d:06:6f:b2:c0:1c:79:df:57:b7:3e:
60:5d:e4:77:64:d0:35:82:75:1e:79:f1:d0:be:7b:
a5:de:92:e5:7a:ef:ea:77:2b:c9:1a:7a:54:96:66:
93:cd:31:af:7e:13:71:af:ca:88:a6:b0:93:33:d8:
85:24:95:58:1a:7d:be:fa:7f:ab:d5:5d:ef:10:19:
5a:b7:f6:38:ce:ea:84:b0:a1:3f:a8:c7:c0:10:d8:
79:c9:c2:a5:22:df:70:a9:e8:47:90:35:81:0c:ea:
5b:ef:51:30:e1:94:c3:f3:0b:88:22:a3:c3:c6:cb:
b3:79:e0:b8:f3:40:ba:69:04:d3:89:db:1c:00:14:
14:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:0C:82:16:51:3A:81:B0:C7:2B:C8:C2:B8:59:96:00:6B:05:2A:81
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5b:59:6d:cd:a5:55:d7:ef:fe:81:9a:bc:87:76:26:a1:aa:c7:
df:ac:df:16:70:da:19:5f:87:c4:c7:95:4d:e8:88:3c:15:3a:
e7:fe:6d:b7:a4:99:32:2f:8b:94:77:d5:aa:d7:5a:90:7e:e4:
e5:e7:f1:ee:6f:77:0e:3e:7c:47:83:4e:09:1f:bf:40:c1:ac:
5a:94:8c:6d:e6:23:ed:2c:6e:8a:b0:50:ce:e7:77:a2:2f:3f:
5e:3b:46:2c:99:4a:2e:9a:03:66:6e:df:1f:c0:e9:96:d0:2d:
fa:7a:38:1a:0c:28:e1:ab:b5:fa:f6:ac:76:54:79:82:48:5a:
8b:8c:b7:57:06:41:3c:28:6c:ad:ac:2e:f1:90:21:c8:7d:94:
d4:3d:6d:f4:54:e4:8c:fb:89:0a:c6:77:f1:85:2e:1a:d7:43:
ad:7a:a4:6b:5d:36:8b:a7:28:0d:3a:d6:2d:e9:20:c3:25:85:
e3:b2:b7:45:33:9d:de:cd:47:4c:a3:f0:c7:9a:9b:9f:eb:f7:
27:43:18:15:6a:66:45:f3:d4:5c:5e:ac:80:47:46:0d:76:f0:
89:5e:f4:5d:04:1e:5c:2b:56:d9:48:eb:0b:65:09:af:87:66:
c8:36:b1:a6:30:81:2c:04:0a:f9:d6:41:81:ed:78:a4:18:69:
84:14:e0:a8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMakmLj9mVlCxOLwA6ruM/33XJoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwNDFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiMzg5OTkyMDA3YTQ5MDdiZDlkOWE5NjdmZDE3MzM4ZDhlM2E3NzI3Mjkx
MzcwNmFhYjI3ZTllZGE0NGUxMmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOAmMtp0JKIBxD4j9sD7hN6h4cXv5hy2KKj0JpSZcj9iqOu2IP6B+dYWA2CP
THZvAGEwzxKJNKGKY/zg+Dex2kceNN5/FK2F8qyJ+Iz2ZpHF0DLGu9h07+98B9wc
fBdsLVnPYHKQTHoqxVu8Km1daxPlYDQN6Hkvq27ve30Gb7LAHHnfV7c+YF3kd2TQ
NYJ1Hnnx0L57pd6S5Xrv6ncryRp6VJZmk80xr34Tca/KiKawkzPYhSSVWBp9vvp/
q9Vd7xAZWrf2OM7qhLChP6jHwBDYecnCpSLfcKnoR5A1gQzqW+9RMOGUw/MLiCKj
w8bLs3nguPNAumkE04nbHAAUFP0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR3DIIW
UTqBsMcryMK4WZYAawUqgTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzA5YzhjZjYtOWQ1ZC00N2Q2LThiNzAtNDBlZmY4MzkwNjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQBbWW3NpVXX7/6BmryHdiahqsffrN8WcNoZX4fEx5VN
6Ig8FTrn/m23pJkyL4uUd9Wq11qQfuTl5/Hub3cOPnxHg04JH79AwaxalIxt5iPt
LG6KsFDO53eiLz9eO0YsmUoumgNmbt8fwOmW0C36ejgaDCjhq7X69qx2VHmCSFqL
jLdXBkE8KGytrC7xkCHIfZTUPW30VOSM+4kKxnfxhS4a10OteqRrXTaLpygNOtYt
6SDDJYXjsrdFM53ezUdMo/DHmpuf6/cnQxgVamZF89RcXqyAR0YNdvCJXvRdBB5c
K1bZSOsLZQmvh2bINrGmMIEsBAr51kGB7XikGGmEFOCo
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:32:17 2025 by rpki-client