Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
File: 60c89335-41cc-407d-8ffe-34cda7e66bb7.roa (raw, json)
Hash identifier: sm1iN9LJl2RWTe/Hf8t+9qYRqI7lvlIY9iToXiV7T4w=
Subject key identifier: 44:38:70:0E:AD:62:2C:D3:12:D4:7B:1E:02:5A:F8:15:D9:EF:26:C1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 272414EDEA6B42424A80BCD22AE42D367EECBFF8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
Signing time: Tue 17 Jun 2025 00:50:38 +0000
ROA not before: Tue 17 Jun 2025 00:50:38 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:24:14:ed:ea:6b:42:42:4a:80:bc:d2:2a:e4:2d:36:7e:ec:bf:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:38 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=e1172f47de6535f686eef4c5303c156ad389ce9807d2f2463df3e1faa92051c5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:36:13:52:23:3a:0a:93:a1:71:e8:84:9b:85:
b9:65:1d:d4:7e:c0:2f:49:24:9e:5b:98:61:43:1a:
40:2e:42:d0:f4:27:68:98:89:4c:47:a5:89:c3:9c:
67:be:bb:2e:28:13:dd:cd:7d:c5:c0:5b:f4:98:f0:
3b:1d:1f:08:ad:a2:a8:18:dc:b3:7b:9a:5e:e5:42:
38:ed:1e:4f:c0:01:d4:f7:cc:e7:21:44:6b:ba:5d:
bf:fb:d1:e2:2a:bc:9e:1b:19:39:6d:b1:ea:80:c1:
83:7c:bd:07:bc:5f:43:ae:7d:c0:60:7d:b3:a9:8a:
4b:8a:e8:b6:c9:7d:d4:48:db:ff:79:e2:b7:e2:19:
51:8b:96:de:cf:88:fd:16:c8:28:6f:14:84:d0:c3:
39:cf:99:50:2f:b5:e3:ae:95:67:34:93:89:0b:93:
bf:13:06:b2:04:a1:03:10:a9:eb:da:bc:1b:26:84:
3b:2a:e4:be:89:28:75:4e:c3:83:d4:f9:e0:70:f7:
62:a2:dc:8c:ab:01:83:d1:77:49:4b:43:4c:37:27:
7e:f1:cd:69:d2:60:33:47:a4:4d:39:e4:a5:8b:d0:
68:8c:0b:7f:69:1f:78:7a:84:d0:7c:94:b7:cf:9d:
57:8e:ef:6b:78:b7:d6:0f:ad:73:c1:b7:b2:2d:bb:
02:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:38:70:0E:AD:62:2C:D3:12:D4:7B:1E:02:5A:F8:15:D9:EF:26:C1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
34:e3:18:04:2f:11:45:f6:4a:1b:8e:de:e5:28:d8:bd:33:fa:
fd:33:cd:c5:aa:d0:bd:29:ef:7c:28:01:41:98:69:92:91:73:
19:6e:b4:29:04:2e:87:e0:8a:54:ee:3d:9c:da:5b:09:7f:84:
84:99:97:54:7b:68:6b:c8:53:10:cf:bd:5f:fc:7a:47:91:3f:
75:ed:e5:b2:d0:d0:73:0c:cd:79:b0:4e:5b:8b:ca:8c:4f:f1:
19:46:48:f7:1d:1c:29:0e:b9:02:65:db:84:40:15:d8:8e:6c:
14:e4:45:c2:83:fb:a2:d5:f5:d5:ac:64:2e:14:b3:17:91:0a:
63:0e:67:0b:92:6b:09:9d:f3:0a:81:17:73:8d:c7:5b:68:91:
a4:3f:f4:89:38:39:3b:48:99:66:df:ff:c1:e7:8e:4e:52:0c:
e2:00:f6:bf:34:1f:65:24:0a:31:22:24:b6:e4:08:dd:55:0a:
6d:56:7e:ff:c9:fa:15:8d:a7:3b:bc:89:36:5a:12:40:f4:31:
f5:af:c4:27:4b:b5:f8:ff:cb:93:7f:27:1c:e9:0e:bb:d1:b0:
77:0b:5c:f8:b9:a3:36:bb:c4:d9:b7:f8:f3:fe:12:09:86:b7:
2d:fe:62:2f:a0:00:b9:3b:a1:d9:ac:2f:b5:aa:15:98:10:2a:
46:13:28:06
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJyQU7eprQkJKgLzSKuQtNn7sv/gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMzhaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxMTcyZjQ3ZGU2NTM1ZjY4NmVlZjRjNTMwM2MxNTZhZDM4OWNlOTgwN2Qy
ZjI0NjNkZjNlMWZhYTkyMDUxYzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANI2E1IjOgqToXHohJuFuWUd1H7AL0kknluYYUMaQC5C0PQnaJiJTEelicOc
Z767LigT3c19xcBb9JjwOx0fCK2iqBjcs3uaXuVCOO0eT8AB1PfM5yFEa7pdv/vR
4iq8nhsZOW2x6oDBg3y9B7xfQ659wGB9s6mKS4rotsl91Ejb/3nit+IZUYuW3s+I
/RbIKG8UhNDDOc+ZUC+1466VZzSTiQuTvxMGsgShAxCp69q8GyaEOyrkvokodU7D
g9T54HD3YqLcjKsBg9F3SUtDTDcnfvHNadJgM0ekTTnkpYvQaIwLf2kfeHqE0HyU
t8+dV47va3i31g+tc8G3si27AlECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBREOHAO
rWIs0xLUex4CWvgV2e8mwTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBjODkzMzUtNDFjYy00MDdkLThmZmUtMzRjZGE3ZTY2YmI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQA04xgELxFF9kobjt7lKNi9M/r9M83FqtC9Ke98KAFB
mGmSkXMZbrQpBC6H4IpU7j2c2lsJf4SEmZdUe2hryFMQz71f/HpHkT917eWy0NBz
DM15sE5bi8qMT/EZRkj3HRwpDrkCZduEQBXYjmwU5EXCg/ui1fXVrGQuFLMXkQpj
DmcLkmsJnfMKgRdzjcdbaJGkP/SJODk7SJlm3//B545OUgziAPa/NB9lJAoxIiS2
5AjdVQptVn7/yfoVjac7vIk2WhJA9DH1r8QnS7X4/8uTfycc6Q670bB3C1z4uaM2
u8TZt/jz/hIJhrct/mIvoAC5O6HZrC+1qhWYECpGEygG
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:58:27 2025 by rpki-client