Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json)
Hash identifier: lae4/zWZqBAesr3necMGHR7SQrme63NUx1PhTxYz2Rc=
Subject key identifier: 21:0E:51:9E:CB:9B:F0:8A:C5:FA:82:77:3A:B1:34:F5:A6:15:66:6C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7CAEFD8CB90D49705F00B53258C8C0F42CB7D1F9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
Signing time: Tue 20 May 2025 20:50:01 +0000
ROA not before: Tue 20 May 2025 20:50:01 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:ae:fd:8c:b9:0d:49:70:5f:00:b5:32:58:c8:c0:f4:2c:b7:d1:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:01 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ac939a52f4bfaa0f221bb5f66798fc1853970dadf87cc5120157561bb3b2b874, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:4d:17:61:34:df:c4:84:cd:f8:17:a2:89:03:
c6:ec:5f:f8:a1:0d:e2:80:b8:08:69:f6:20:f9:3e:
07:88:27:99:4c:20:7a:78:eb:1b:64:d2:6c:c4:64:
76:c9:f1:1c:77:13:27:9e:7f:c9:ae:82:fa:fe:96:
49:9c:d4:40:b9:92:fb:67:4a:b0:6e:3a:4c:1c:ca:
99:dc:98:a1:67:25:66:c8:a8:db:58:d9:c2:25:7f:
d0:cb:35:70:b0:df:81:37:04:53:a0:17:8e:b2:25:
7a:14:85:f2:e4:51:fb:2c:fa:c9:e9:dc:c4:7d:75:
da:e5:03:3d:88:36:70:18:9a:bc:f3:45:66:be:d6:
a4:6a:96:92:7b:6b:95:aa:c9:3a:2a:71:a5:c4:e2:
53:ed:11:cb:b2:eb:b0:99:e0:15:74:e2:2a:b3:d4:
96:66:f8:c1:37:d7:94:a8:b9:6c:75:c9:d9:7e:58:
70:d0:5c:b5:1c:e4:ec:92:04:21:21:97:1c:c3:58:
ef:c0:65:f5:52:2a:4e:cd:a4:88:da:86:ef:21:aa:
81:71:15:b7:4f:dd:50:ed:dd:b5:11:b5:1b:93:36:
06:54:66:9c:fc:bf:1e:c9:7e:a4:c4:8b:23:ba:0e:
db:ac:a0:cf:9a:61:d9:d9:65:cf:ea:d6:31:dd:f5:
9e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:0E:51:9E:CB:9B:F0:8A:C5:FA:82:77:3A:B1:34:F5:A6:15:66:6C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:ae:f3:c9:3b:83:47:39:96:ee:9e:d8:0b:55:b1:09:00:bd:
62:b1:58:4e:95:c7:3d:bf:6d:dd:e8:2e:a8:d2:f6:2e:f7:95:
7c:8b:83:66:77:4a:e6:ad:6e:b2:21:5a:3c:7c:2d:03:39:7a:
ff:7a:19:06:f6:c1:61:db:9e:1b:bb:58:ae:d1:2c:96:b8:e2:
60:66:c6:ad:35:6a:b3:12:cd:6e:85:9f:24:0c:37:b5:98:b2:
05:e1:d8:b4:37:fc:59:89:f7:6e:e5:36:e4:d8:64:70:e5:b8:
31:ef:2e:fb:e6:96:47:f8:a1:e4:3d:b6:60:5b:bc:b7:39:f4:
6d:a0:2a:a4:c9:a9:04:04:99:33:b9:93:ac:88:41:79:25:87:
14:de:a1:9a:f6:a8:25:cf:64:5c:8f:a4:76:28:97:cf:3f:30:
5c:16:cd:a9:49:1e:39:d0:3a:79:f3:57:47:e0:05:83:51:4f:
5b:29:c9:ea:5b:a9:61:70:c5:34:b4:9c:54:17:db:98:8f:c2:
d1:64:20:ee:2e:e5:61:bb:d8:cf:c4:3c:ad:2a:56:e2:d2:c0:
ef:d2:15:c3:28:7c:9b:54:28:28:4f:64:df:21:64:11:f9:3b:
5a:e7:ea:71:1e:6a:bd:29:1c:62:97:08:ba:c5:90:47:3e:b2:
19:d0:d9:3d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfK79jLkNSXBfALUyWMjA9Cy30fkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMDFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjOTM5YTUyZjRiZmFhMGYyMjFiYjVmNjY3OThmYzE4NTM5NzBkYWRmODdj
YzUxMjAxNTc1NjFiYjNiMmI4NzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAINNF2E038SEzfgXookDxuxf+KEN4oC4CGn2IPk+B4gnmUwgenjrG2TSbMRk
dsnxHHcTJ55/ya6C+v6WSZzUQLmS+2dKsG46TBzKmdyYoWclZsio21jZwiV/0Ms1
cLDfgTcEU6AXjrIlehSF8uRR+yz6yencxH112uUDPYg2cBiavPNFZr7WpGqWkntr
larJOipxpcTiU+0Ry7LrsJngFXTiKrPUlmb4wTfXlKi5bHXJ2X5YcNBctRzk7JIE
ISGXHMNY78Bl9VIqTs2kiNqG7yGqgXEVt0/dUO3dtRG1G5M2BlRmnPy/Hsl+pMSL
I7oO26ygz5ph2dllz+rWMd31nv8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQhDlGe
y5vwisX6gnc6sTT1phVmbDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQA9rvPJO4NHOZbuntgLVbEJAL1isVhOlcc9v23d6C6o
0vYu95V8i4Nmd0rmrW6yIVo8fC0DOXr/ehkG9sFh254bu1iu0SyWuOJgZsatNWqz
Es1uhZ8kDDe1mLIF4di0N/xZifdu5Tbk2GRw5bgx7y775pZH+KHkPbZgW7y3OfRt
oCqkyakEBJkzuZOsiEF5JYcU3qGa9qglz2Rcj6R2KJfPPzBcFs2pSR450Dp581dH
4AWDUU9bKcnqW6lhcMU0tJxUF9uYj8LRZCDuLuVhu9jPxDytKlbi0sDv0hXDKHyb
VCgoT2TfIWQR+Tta5+pxHmq9KRxilwi6xZBHPrIZ0Nk9
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:35:47 2025 by rpki-client