Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
File: 3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa (raw, json)
Hash identifier: hASC1m7vUgbNs5I55k4mLtnxa8DFF7otm2Pnf2yGHiw=
Subject key identifier: A8:B8:3C:2D:10:54:ED:B0:44:26:C0:0C:E3:25:21:C8:83:F6:1A:1D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 561EC4CE8ECA50935CE5FFBAE349EF909CB3835B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
Signing time: Wed 25 Jun 2025 00:50:33 +0000
ROA not before: Wed 25 Jun 2025 00:50:33 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:1e:c4:ce:8e:ca:50:93:5c:e5:ff:ba:e3:49:ef:90:9c:b3:83:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:33 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=b2afad307553829938a32d87c23db7a6457cce16d853ffd28e36f9f7eb4be77c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0c:2e:0c:5e:a3:74:60:06:3f:b4:13:17:6c:
1c:24:00:53:cc:b4:c9:0d:c5:24:a5:4d:c5:d6:28:
bf:ae:d8:1f:a4:98:90:a6:18:a5:3e:bb:de:5e:26:
49:e5:cd:d8:dc:77:72:ad:6d:55:45:41:91:ea:75:
fa:ef:b9:8b:88:d8:a8:e9:c7:05:a9:6c:be:84:d0:
71:d9:90:45:7b:36:7b:85:3f:be:f7:3f:eb:83:e0:
ce:d1:7d:7e:41:51:c9:50:1d:c1:08:b9:cd:d4:8c:
91:40:55:fa:bc:eb:3a:d6:ce:41:df:15:c5:4c:54:
f6:a2:b9:c0:6f:e1:59:90:00:a5:8e:84:17:dd:77:
d8:6a:cc:4b:2c:ce:fa:a7:65:cc:10:a3:bb:cd:90:
30:e7:0b:11:c0:d1:68:df:68:ff:6f:6e:c2:b3:21:
57:8d:4e:eb:fe:40:ad:f6:b6:c5:68:ea:3f:c0:cd:
ac:8f:21:6e:d2:9d:1d:d3:77:ea:2d:41:19:16:54:
14:2d:b2:bb:33:46:51:b7:54:11:71:53:87:dc:64:
db:3d:d8:47:ba:27:78:59:52:84:89:ad:e8:b7:64:
f1:47:d8:bf:97:47:c9:d8:26:ba:39:2b:f7:ca:2c:
26:6a:a3:a1:ba:30:7e:5a:59:82:ea:6b:8d:d2:01:
dd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B8:3C:2D:10:54:ED:B0:44:26:C0:0C:E3:25:21:C8:83:F6:1A:1D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
a9:c5:59:50:55:3d:56:da:65:9e:84:cd:8c:51:dd:fb:5f:51:
32:78:63:e7:94:2a:30:07:4a:ff:20:5a:3a:47:86:75:05:c2:
99:7a:11:dd:c0:10:ac:5a:47:a9:db:50:20:71:3d:1b:f0:a3:
3b:ae:db:9b:6d:3d:06:33:a2:52:aa:60:c5:d1:00:7c:1a:13:
15:3f:7b:c2:71:3f:05:a6:3d:f6:46:28:fb:f7:2c:28:29:1e:
6c:01:a7:81:0e:32:1a:09:88:1a:b1:2e:d9:4c:f7:18:6a:bf:
b1:9e:ca:4f:62:96:01:66:b0:17:a6:45:64:0c:f7:eb:c3:81:
35:4e:e9:d2:d4:e0:19:33:dc:1a:b7:24:19:b9:bf:45:88:d8:
2c:ec:79:66:08:03:22:14:34:5d:81:ae:fe:7a:45:a6:f6:b5:
fd:50:32:09:e0:37:ee:1d:2a:81:3f:bd:27:1b:de:42:72:f9:
4d:09:96:25:d9:6e:d3:ce:b8:27:eb:fc:d1:36:7d:8e:e5:2a:
01:90:26:6f:59:29:68:7f:c7:e0:1a:8b:9f:93:ba:be:11:e8:
bd:d1:85:bb:fe:b2:ef:3e:2f:c6:c1:a9:13:39:a2:b7:4f:95:
8b:34:44:5f:84:d4:85:c0:26:ca:e0:2d:e2:4b:2e:29:98:a7:
5a:07:19:1f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVh7Ezo7KUJNc5f+640nvkJyzg1swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMzNaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyYWZhZDMwNzU1MzgyOTkzOGEzMmQ4N2MyM2RiN2E2NDU3Y2NlMTZkODUz
ZmZkMjhlMzZmOWY3ZWI0YmU3N2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMoMLgxeo3RgBj+0ExdsHCQAU8y0yQ3FJKVNxdYov67YH6SYkKYYpT673l4m
SeXN2Nx3cq1tVUVBkep1+u+5i4jYqOnHBalsvoTQcdmQRXs2e4U/vvc/64PgztF9
fkFRyVAdwQi5zdSMkUBV+rzrOtbOQd8VxUxU9qK5wG/hWZAApY6EF9132GrMSyzO
+qdlzBCju82QMOcLEcDRaN9o/29uwrMhV41O6/5Arfa2xWjqP8DNrI8hbtKdHdN3
6i1BGRZUFC2yuzNGUbdUEXFTh9xk2z3YR7oneFlShImt6Ldk8UfYv5dHydgmujkr
98osJmqjobowflpZguprjdIB3akCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSouDwt
EFTtsEQmwAzjJSHIg/YaHTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2JiYTU4NGUtMmUwYi00NDkyLTk0YjAtZTcwMTc3YzhmMmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQCpxVlQVT1W2mWehM2MUd37X1EyeGPnlCowB0r/IFo6
R4Z1BcKZehHdwBCsWkep21AgcT0b8KM7rtubbT0GM6JSqmDF0QB8GhMVP3vCcT8F
pj32Rij79ywoKR5sAaeBDjIaCYgasS7ZTPcYar+xnspPYpYBZrAXpkVkDPfrw4E1
TunS1OAZM9watyQZub9FiNgs7HlmCAMiFDRdga7+ekWm9rX9UDIJ4DfuHSqBP70n
G95CcvlNCZYl2W7Tzrgn6/zRNn2O5SoBkCZvWSlof8fgGoufk7q+Eei90YW7/rLv
Pi/GwakTOaK3T5WLNERfhNSFwCbK4C3iSy4pmKdaBxkf
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:46:25 2025 by rpki-client