Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
File: 60c89335-41cc-407d-8ffe-34cda7e66bb7.roa (raw, json)
Hash identifier: jqiI/uV63Kxv6KWdSwFtcChDRYdb/fYkwqPi5pEyv54=
Subject key identifier: 70:FD:9D:A5:9B:07:45:3D:8A:E1:83:4C:2C:4B:48:D2:42:AC:37:66
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 657984FF95FF0C0D2AA4B1C53F869AA87D20B579
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
Signing time: Mon 28 Apr 2025 15:51:10 +0000
ROA not before: Mon 28 Apr 2025 15:51:10 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:79:84:ff:95:ff:0c:0d:2a:a4:b1:c5:3f:86:9a:a8:7d:20:b5:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:51:10 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=b01f9d624ae8298c65fa960aea802c468927443e129605d0e00c026d4b818d34, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f9:8f:51:e5:3e:94:ec:30:41:0a:2d:71:86:
1d:87:14:f2:19:6e:c3:8e:fe:34:8b:37:d5:06:b6:
f4:0a:0a:43:15:36:53:65:b1:e8:4b:f1:5e:56:80:
ed:7d:1e:db:45:97:c9:a1:aa:9a:06:e4:1a:53:c6:
17:de:eb:9e:12:cc:0b:20:8f:25:8e:d1:60:4a:c4:
c9:12:15:5d:8c:01:b1:6d:51:4a:dc:4e:46:8c:f4:
29:ae:d6:59:2d:36:af:e4:ae:a8:5f:60:d6:9e:14:
c4:c4:75:95:af:3e:1d:e6:f1:fb:dd:d7:3b:5c:3f:
09:54:99:3d:5d:90:1f:8b:c7:06:1f:12:c1:46:be:
00:31:70:2a:e7:c0:31:bf:84:0d:8b:6b:96:47:f5:
62:4d:da:bd:ba:d1:75:63:15:03:cd:58:38:71:25:
12:ba:33:3a:96:63:28:21:8e:27:04:37:dd:be:fe:
b2:74:cc:62:2b:ec:69:f1:46:db:3c:e0:3e:08:7c:
4c:8a:81:49:03:92:ae:68:6c:08:2a:cf:94:9c:28:
e9:f9:fa:dc:64:74:58:e4:4a:98:c3:ab:da:26:90:
f3:68:87:17:67:c0:dc:66:3d:85:f6:a0:32:25:a2:
29:90:c0:73:1f:6a:98:62:66:50:4a:0e:d5:ed:f1:
76:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:FD:9D:A5:9B:07:45:3D:8A:E1:83:4C:2C:4B:48:D2:42:AC:37:66
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
92:e4:bc:b9:22:35:94:49:e8:55:19:8f:e2:38:30:3c:fe:a9:
aa:bb:08:b2:83:5e:f4:83:81:74:ab:bf:fd:b0:ef:1e:f3:f4:
71:bb:7d:6f:06:7d:a3:74:ed:cb:9f:e7:03:bf:22:77:18:37:
dd:85:f7:1b:c8:27:dc:e7:e3:42:75:df:ee:86:47:87:6b:bb:
9e:67:61:c7:da:c9:24:df:b2:e2:b2:a5:75:dd:4f:3f:a3:6c:
b1:a0:f7:ee:e6:c3:00:e2:c3:09:e2:ac:ac:42:e3:f6:93:c2:
4a:af:2e:50:4c:84:90:59:2e:fa:ed:a1:3d:e4:7e:34:98:3c:
4a:8c:34:00:dd:8b:d2:72:78:22:ef:62:3e:ca:de:df:56:06:
b1:4c:78:b8:22:8c:ce:fb:5c:03:4b:74:31:30:33:20:b4:cb:
5f:42:40:b0:b1:3b:3b:b9:2d:0e:7c:45:3a:b2:d2:00:af:42:
58:95:47:ff:ff:59:1c:58:04:94:17:e4:33:dc:47:3c:14:a2:
c9:ea:8c:36:6e:fa:3d:e8:d2:a5:29:9b:97:05:ef:5e:f1:48:
52:35:ed:80:fc:d6:4a:69:b8:e0:d9:82:14:c7:23:f2:0f:30:
23:ea:78:62:1f:97:e4:8b:98:b4:b6:b8:99:65:e1:97:3c:f6:
ea:9d:63:a5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZXmE/5X/DA0qpLHFP4aaqH0gtXkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUxMTBaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwMWY5ZDYyNGFlODI5OGM2NWZhOTYwYWVhODAyYzQ2ODkyNzQ0M2UxMjk2
MDVkMGUwMGMwMjZkNGI4MThkMzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALb5j1HlPpTsMEEKLXGGHYcU8hluw47+NIs31Qa29AoKQxU2U2Wx6EvxXlaA
7X0e20WXyaGqmgbkGlPGF97rnhLMCyCPJY7RYErEyRIVXYwBsW1RStxORoz0Ka7W
WS02r+SuqF9g1p4UxMR1la8+Hebx+93XO1w/CVSZPV2QH4vHBh8SwUa+ADFwKufA
Mb+EDYtrlkf1Yk3avbrRdWMVA81YOHElErozOpZjKCGOJwQ33b7+snTMYivsafFG
2zzgPgh8TIqBSQOSrmhsCCrPlJwo6fn63GR0WORKmMOr2iaQ82iHF2fA3GY9hfag
MiWiKZDAcx9qmGJmUEoO1e3xdpcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRw/Z2l
mwdFPYrhg0wsS0jSQqw3ZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBjODkzMzUtNDFjYy00MDdkLThmZmUtMzRjZGE3ZTY2YmI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQCS5Ly5IjWUSehVGY/iODA8/qmquwiyg170g4F0q7/9
sO8e8/Rxu31vBn2jdO3Ln+cDvyJ3GDfdhfcbyCfc5+NCdd/uhkeHa7ueZ2HH2skk
37LisqV13U8/o2yxoPfu5sMA4sMJ4qysQuP2k8JKry5QTISQWS767aE95H40mDxK
jDQA3YvScngi72I+yt7fVgaxTHi4IozO+1wDS3QxMDMgtMtfQkCwsTs7uS0OfEU6
stIAr0JYlUf//1kcWASUF+Qz3Ec8FKLJ6ow2bvo96NKlKZuXBe9e8UhSNe2A/NZK
abjg2YIUxyPyDzAj6nhiH5fki5i0triZZeGXPPbqnWOl
-----END CERTIFICATE-----
Generated at Mon May 5 16:24:36 2025 by rpki-client