Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
File: 1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa (raw, json)
Hash identifier: ZAPChK34kIaV2RKXvZZ8CyXKcdaESIe4eJH2Scfur/4=
Subject key identifier: 05:2C:68:CA:2C:3A:27:9A:0A:53:48:1F:70:1A:EC:27:39:6F:16:08
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C4C338588DF3C639B5E25AF958AB01D06D1A6FB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
Signing time: Mon 16 Jun 2025 21:51:19 +0000
ROA not before: Mon 16 Jun 2025 21:51:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:4c:33:85:88:df:3c:63:9b:5e:25:af:95:8a:b0:1d:06:d1:a6:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:51:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e60bff552acc73b2a6aa20afbbb23624956d34e1903a5a5026b3a0368a0e00e8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:16:f2:0e:53:22:ab:cb:d1:14:32:fe:96:15:
ae:69:0e:43:ff:e3:0c:0f:05:f6:ce:36:38:3b:05:
ac:cb:53:08:4f:78:93:b2:2f:65:76:04:ab:b3:42:
74:70:63:f6:63:67:21:4f:c3:fc:6b:ff:d4:02:7f:
f5:c7:fd:42:ba:f2:e0:a8:3b:5e:17:7a:fb:26:54:
6f:34:81:26:c7:c2:dd:cc:99:aa:85:b8:f5:c0:4a:
be:1c:68:52:57:1c:55:45:58:35:b1:06:d6:dc:b0:
81:70:46:29:1c:41:1a:8c:88:6f:80:ad:0b:f0:e1:
ef:c9:9b:91:15:18:e8:80:01:4a:79:76:59:c6:b3:
cc:ca:98:ca:a1:77:b5:1e:0c:85:f2:c8:6b:2d:e3:
81:7e:e0:ca:7f:fc:0b:c7:89:69:02:69:5e:23:de:
28:f9:ed:11:0b:b7:f5:ea:7a:a5:8f:88:d2:f8:3a:
07:f6:45:5f:d1:65:e5:59:cf:39:ec:85:7c:3c:71:
2f:38:eb:a4:0a:cc:df:9f:63:fa:68:77:eb:15:fb:
72:af:73:16:d0:4f:b7:2e:c7:01:44:d9:80:42:a1:
b8:c5:f3:f1:bf:dc:97:42:e4:36:3c:b8:1d:59:e8:
4f:12:b6:2b:d3:43:a5:ad:10:ac:3a:06:b6:06:9e:
00:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:2C:68:CA:2C:3A:27:9A:0A:53:48:1F:70:1A:EC:27:39:6F:16:08
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1a:56:96:23:6d:14:f6:da:c6:d0:fc:c4:fe:d3:ab:7a:68:6d:
f2:40:c7:41:b0:51:21:97:4b:8c:c7:f6:37:e8:fc:1b:46:15:
fe:f0:66:cb:f9:a0:3a:b2:1f:7e:4b:93:f8:53:78:bb:c7:90:
a0:08:ed:de:6c:46:2e:14:39:b2:8d:53:fb:7b:64:f7:df:ad:
3e:85:99:1c:4d:d1:9f:18:c3:76:86:41:38:71:34:0c:5a:11:
fd:1d:05:a0:57:b5:a6:71:a5:a0:ec:9f:b9:cb:de:59:df:bb:
70:fb:b0:ce:ee:df:38:fa:1d:db:e6:23:ca:03:2e:61:29:58:
56:05:51:30:db:c0:ec:2f:7c:09:21:1b:e9:c5:bd:da:7e:00:
7a:16:fe:3b:93:55:be:60:14:54:36:d1:be:02:c7:c8:28:0e:
08:32:6f:98:d9:fa:6c:32:f0:c1:08:3b:bf:ff:34:3a:11:da:
b5:53:cb:82:e5:82:04:90:25:5a:89:4f:29:ec:02:21:a7:78:
76:9e:07:94:8f:6f:22:0b:69:fc:80:8b:02:f4:1b:27:91:0c:
6f:88:28:d8:be:db:9e:02:2c:d4:1c:02:b1:7c:ba:7c:f8:f4:
cd:77:a0:9e:06:4c:e7:ce:9d:75:ee:8d:15:4a:b0:b3:03:f5:
81:65:f7:5d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDEwzhYjfPGObXiWvlYqwHQbRpvswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUxMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2MGJmZjU1MmFjYzczYjJhNmFhMjBhZmJiYjIzNjI0OTU2ZDM0ZTE5MDNh
NWE1MDI2YjNhMDM2OGEwZTAwZTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgW8g5TIqvL0RQy/pYVrmkOQ//jDA8F9s42ODsFrMtTCE94k7IvZXYEq7NC
dHBj9mNnIU/D/Gv/1AJ/9cf9Qrry4Kg7Xhd6+yZUbzSBJsfC3cyZqoW49cBKvhxo
UlccVUVYNbEG1tywgXBGKRxBGoyIb4CtC/Dh78mbkRUY6IABSnl2WcazzMqYyqF3
tR4MhfLIay3jgX7gyn/8C8eJaQJpXiPeKPntEQu39ep6pY+I0vg6B/ZFX9Fl5VnP
OeyFfDxxLzjrpArM359j+mh36xX7cq9zFtBPty7HAUTZgEKhuMXz8b/cl0LkNjy4
HVnoTxK2K9NDpa0QrDoGtgaeAHcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQFLGjK
LDonmgpTSB9wGuwnOW8WCDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWIzOWU5YTctNGYzZC00Y2ZjLTk3NWYtZDllYWNlZWQwZWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOGMA0G
CSqGSIb3DQEBCwUAA4IBAQAaVpYjbRT22sbQ/MT+06t6aG3yQMdBsFEhl0uMx/Y3
6PwbRhX+8GbL+aA6sh9+S5P4U3i7x5CgCO3ebEYuFDmyjVP7e2T3360+hZkcTdGf
GMN2hkE4cTQMWhH9HQWgV7WmcaWg7J+5y95Z37tw+7DO7t84+h3b5iPKAy5hKVhW
BVEw28DsL3wJIRvpxb3afgB6Fv47k1W+YBRUNtG+AsfIKA4IMm+Y2fpsMvDBCDu/
/zQ6Edq1U8uC5YIEkCVaiU8p7AIhp3h2ngeUj28iC2n8gIsC9BsnkQxviCjYvtue
AizUHAKxfLp8+PTNd6CeBkznzp117o0VSrCzA/WBZfdd
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:08 2025 by rpki-client