Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
File: 8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa (raw, json)
Hash identifier: W0JmtKFU2EIlXRcvcGOmr7vJXWYdp85RKH+b6TkTHew=
Subject key identifier: C3:71:68:1F:9E:64:AE:4E:A2:A9:83:5B:44:ED:28:C4:B9:FF:2D:40
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7440C654B36B18A15F4625DD59A97F9A1F449F66
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
Signing time: Wed 05 Feb 2025 00:00:00 +0000
ROA not before: Wed 05 Feb 2025 00:00:00 +0000
ROA not after: Wed 12 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:40:c6:54:b3:6b:18:a1:5f:46:25:dd:59:a9:7f:9a:1f:44:9f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 5 00:00:00 2025 GMT
Not After : Mar 12 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4d:d8:f1:a3:01:3d:9f:3d:61:0b:65:25:5a:
b8:0b:52:54:41:16:49:76:81:7f:ac:e4:85:13:71:
bb:ab:ee:ab:85:06:9a:25:38:75:34:db:0c:e8:00:
28:8a:4c:4f:20:84:bd:4e:ad:30:bd:8d:7b:8d:ec:
b2:cb:f6:6b:bc:b5:8c:b8:60:09:15:6f:70:20:45:
e1:34:59:92:9e:2b:58:8e:3f:be:65:96:33:71:d6:
35:90:c3:09:02:28:43:00:e0:96:d1:b1:d4:44:a6:
2e:38:7c:31:c9:1a:13:8b:cc:4c:fd:28:39:f6:55:
62:f6:f9:c1:14:65:8b:12:95:b6:c5:71:01:9f:1a:
32:04:8f:56:1f:13:29:1f:46:47:36:b2:7a:91:16:
01:81:9a:a3:4c:2f:b7:92:7a:ef:45:d9:74:9b:93:
84:c2:6a:b0:05:e7:2e:c3:32:7e:6b:b0:7d:14:3c:
f7:74:21:d5:dc:ba:bc:48:50:87:3c:6f:23:32:19:
6c:d3:1c:fe:bd:01:7a:17:6f:3b:ad:1a:1a:a7:8d:
b1:69:db:68:12:66:93:02:ef:dd:e0:4b:1a:98:33:
9e:c4:61:f6:06:16:66:a1:05:70:9c:d8:4b:a4:a8:
31:00:27:57:21:eb:37:b7:9d:d7:33:cb:77:26:fd:
69:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:71:68:1F:9E:64:AE:4E:A2:A9:83:5B:44:ED:28:C4:B9:FF:2D:40
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9f:af:77:38:3a:74:78:8d:8e:6a:01:02:52:c2:cf:6b:1c:78:
1a:0a:b9:af:5b:72:33:36:16:fd:f7:01:70:87:f2:0e:62:24:
6c:6e:63:58:10:6b:67:9b:f5:ad:3e:f6:f8:11:0f:75:48:6b:
bb:7f:c9:77:79:89:83:5f:6e:1b:e7:c6:76:b5:fa:ee:45:8d:
2e:41:1d:6d:58:35:1c:2c:88:4d:8d:bc:01:69:5f:6d:a0:09:
ce:09:55:28:ee:a9:f0:4a:ac:22:57:13:0d:62:b6:50:71:64:
61:67:9f:6c:33:ce:18:94:94:80:29:dd:b7:6b:46:63:77:c6:
90:a3:e3:0d:a8:1e:ee:3a:bc:83:97:d4:56:22:da:e0:6b:e8:
74:9e:b5:87:99:8f:3d:bc:a1:ef:81:18:b0:64:89:39:b2:90:
08:e0:fb:5d:08:58:a4:3c:ee:73:9e:70:04:f8:35:4d:16:e2:
71:7f:37:49:0f:7a:48:02:63:a8:15:a8:ba:3d:8f:fe:3d:21:
bf:53:0c:d1:85:d6:2e:71:3a:37:db:f6:34:3f:0e:69:9b:fd:
ee:ca:c2:d6:17:e1:e9:8a:60:c4:5f:a8:99:1b:23:da:d3:ea:
48:3b:ba:90:56:0b:13:37:fa:7c:ed:f6:8a:53:ab:47:70:d3:
ab:b0:40:21
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdEDGVLNrGKFfRiXdWal/mh9En2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAyMDUwMDAwMDBaFw0yNTAzMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5YWQzZjJjMmM2MGM5MTljNWQwOTIxZGEzZTdjMWIzM2M1MDI1NzQzYjZl
YjVlNTk4ZmE1YWMwNWYwMzc1MDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdN2PGjAT2fPWELZSVauAtSVEEWSXaBf6zkhRNxu6vuq4UGmiU4dTTbDOgA
KIpMTyCEvU6tML2Ne43sssv2a7y1jLhgCRVvcCBF4TRZkp4rWI4/vmWWM3HWNZDD
CQIoQwDgltGx1ESmLjh8MckaE4vMTP0oOfZVYvb5wRRlixKVtsVxAZ8aMgSPVh8T
KR9GRzayepEWAYGao0wvt5J670XZdJuThMJqsAXnLsMyfmuwfRQ893Qh1dy6vEhQ
hzxvIzIZbNMc/r0BehdvO60aGqeNsWnbaBJmkwLv3eBLGpgznsRh9gYWZqEFcJzY
S6SoMQAnVyHrN7ed1zPLdyb9aZ0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTDcWgf
nmSuTqKpg1tE7SjEuf8tQDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZDEwMzEtMGM4ZC00ZWU0LTk1NjMtNTdkZGI2M2UxNjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQCfr3c4OnR4jY5qAQJSws9rHHgaCrmvW3IzNhb99wFw
h/IOYiRsbmNYEGtnm/WtPvb4EQ91SGu7f8l3eYmDX24b58Z2tfruRY0uQR1tWDUc
LIhNjbwBaV9toAnOCVUo7qnwSqwiVxMNYrZQcWRhZ59sM84YlJSAKd23a0Zjd8aQ
o+MNqB7uOryDl9RWItrga+h0nrWHmY89vKHvgRiwZIk5spAI4PtdCFikPO5znnAE
+DVNFuJxfzdJD3pIAmOoFai6PY/+PSG/UwzRhdYucTo32/Y0Pw5pm/3uysLWF+Hp
imDEX6iZGyPa0+pIO7qQVgsTN/p87faKU6tHcNOrsEAh
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:48 2025 by rpki-client