
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
File: 277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa (raw, json)
Hash identifier: O7CvMaBTY4ZbRVAI98v4dobtMDW6I8x3J/sAZgqgnjE=
Subject key identifier: 36:1E:E9:29:E9:F7:F8:6A:33:FC:2F:8C:E8:6B:9C:5C:2C:4C:69:72
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4AA056DAEC5D20AB717B5381CAF85A867BA4E7E5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
Signing time: Mon 28 Jul 2025 16:10:02 +0000
ROA not before: Mon 28 Jul 2025 16:10:02 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:a0:56:da:ec:5d:20:ab:71:7b:53:81:ca:f8:5a:86:7b:a4:e7:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 28 16:10:02 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=f6e94e84fe7f5edb9aa40b2e2404acd0c58580708de1350423ed2136f78e1ef6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1a:e0:43:8e:1d:21:4b:99:43:5d:9c:f4:cc:
1d:9d:db:bf:0b:50:ef:5a:63:51:10:e2:9c:e2:24:
b5:4a:e8:f5:dd:bd:0b:39:e1:f4:a8:a0:8c:80:ac:
a4:32:16:77:ff:26:3e:35:c6:51:fb:a9:c3:a1:c7:
15:9d:3b:83:bb:ee:e0:cf:27:f0:9f:cb:48:42:01:
46:a5:fe:d8:55:a9:df:f1:06:fb:a0:b6:82:26:16:
fc:61:d7:e6:f7:0d:15:f5:6f:1e:41:f5:48:0c:9a:
82:cb:b8:ea:32:00:f7:1a:c1:f7:27:51:ef:e2:c1:
c9:d0:49:0e:d0:f5:95:e6:e0:66:1b:4a:11:12:e1:
97:e4:22:cf:70:63:3c:90:6b:4b:d2:03:e1:80:20:
b6:44:cd:d6:a9:70:16:60:ce:c8:b0:68:45:ac:f1:
33:fc:6e:bc:ec:2a:96:29:38:9c:3f:8f:30:81:e5:
c7:70:a6:87:24:e5:dd:55:ec:7c:e5:70:60:fe:ba:
c9:f9:d5:db:f2:97:86:f4:70:8a:df:dd:53:0d:76:
08:09:02:4c:8a:97:98:29:94:07:aa:7d:55:df:19:
76:f8:e8:39:48:3b:a6:c0:28:96:b1:7d:9a:25:d6:
84:e5:7e:3b:0e:14:ff:e3:61:2e:5a:a1:a9:53:24:
5a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:1E:E9:29:E9:F7:F8:6A:33:FC:2F:8C:E8:6B:9C:5C:2C:4C:69:72
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:4e:7a:51:f0:20:c3:cd:8c:ce:34:b1:74:36:7b:dd:0c:83:
e0:92:ee:db:f2:68:61:60:26:34:e2:80:74:72:32:6d:c8:79:
91:dd:35:c7:cc:c5:6d:99:23:27:c0:5f:17:3f:2b:6b:cc:34:
a8:6a:3e:85:fd:ed:62:3b:9f:e9:0c:d9:9d:f0:0b:c2:1b:bf:
1c:3f:41:29:7a:9c:33:60:c6:a3:e6:2c:f6:d5:3c:c7:3e:cf:
e5:89:d4:64:6f:37:ef:c7:8b:0b:ec:25:bd:74:d3:0e:c1:9a:
22:52:0f:ea:df:4b:99:67:1c:67:7d:b3:83:d5:fb:2f:77:9f:
78:bd:55:c5:92:d3:e0:f8:5c:5e:f0:54:6c:1f:01:e2:84:5c:
63:17:a8:21:6f:a2:47:51:28:db:66:34:fd:79:a0:ce:f3:31:
29:ad:c0:0a:01:8e:9d:4d:4b:d4:10:05:9b:e6:25:7d:82:94:
46:6f:8a:3a:15:92:99:c3:2a:20:ed:21:91:0a:2f:5e:c4:fe:
0c:8a:fd:20:1a:6c:18:32:7b:3c:f7:18:3c:71:99:4e:0e:a8:
0a:58:8e:7b:c1:7c:4d:1d:23:b1:72:93:6a:ae:30:c0:63:9c:
5e:12:74:33:a8:61:b2:af:74:ff:1f:3f:17:c9:17:ba:f5:27:
24:2a:3e:59
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSqBW2uxdIKtxe1OByvhahnuk5+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjgxNjEwMDJaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2ZTk0ZTg0ZmU3ZjVlZGI5YWE0MGIyZTI0MDRhY2QwYzU4NTgwNzA4ZGUx
MzUwNDIzZWQyMTM2Zjc4ZTFlZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANga4EOOHSFLmUNdnPTMHZ3bvwtQ71pjURDinOIktUro9d29Cznh9KigjICs
pDIWd/8mPjXGUfupw6HHFZ07g7vu4M8n8J/LSEIBRqX+2FWp3/EG+6C2giYW/GHX
5vcNFfVvHkH1SAyagsu46jIA9xrB9ydR7+LBydBJDtD1lebgZhtKERLhl+Qiz3Bj
PJBrS9ID4YAgtkTN1qlwFmDOyLBoRazxM/xuvOwqlik4nD+PMIHlx3CmhyTl3VXs
fOVwYP66yfnV2/KXhvRwit/dUw12CAkCTIqXmCmUB6p9Vd8ZdvjoOUg7psAolrF9
miXWhOV+Ow4U/+NhLlqhqVMkWv8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ2Hukp
6ff4ajP8L4zoa5xcLExpcjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc3ZDc0ZmQtMzEwMS00YTliLThmMmEtOWJmZDlkYzU1MjMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN2MA0G
CSqGSIb3DQEBCwUAA4IBAQCOTnpR8CDDzYzONLF0NnvdDIPgku7b8mhhYCY04oB0
cjJtyHmR3TXHzMVtmSMnwF8XPytrzDSoaj6F/e1iO5/pDNmd8AvCG78cP0Epepwz
YMaj5iz21TzHPs/lidRkbzfvx4sL7CW9dNMOwZoiUg/q30uZZxxnfbOD1fsvd594
vVXFktPg+Fxe8FRsHwHihFxjF6ghb6JHUSjbZjT9eaDO8zEprcAKAY6dTUvUEAWb
5iV9gpRGb4o6FZKZwyog7SGRCi9exP4Miv0gGmwYMns89xg8cZlODqgKWI57wXxN
HSOxcpNqrjDAY5xeEnQzqGGyr3T/Hz8XyRe69SckKj5Z
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:17:20 2025 by rpki-client