Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
File: 277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa (raw, json)
Hash identifier: Qh6jiqoX8Wscdu66wxfHeKl5d6WpZxk9PIFidk7WOnI=
Subject key identifier: 0C:C0:01:63:F3:0B:0D:F5:F2:6C:0A:30:BF:BF:D1:C4:AA:A9:A0:E3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3883BC20518572F7E1EC3C6FA6047418ED544EE2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
Signing time: Tue 15 Apr 2025 15:10:06 +0000
ROA not before: Tue 15 Apr 2025 15:10:06 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:83:bc:20:51:85:72:f7:e1:ec:3c:6f:a6:04:74:18:ed:54:4e:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 15 15:10:06 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=63cb42c26ab32490af437adbb81a67dab2315ebd7ac6547f96e18e2d20cb0979, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7c:3f:7e:da:43:65:8c:db:2b:75:6e:63:e8:
d0:b1:d0:b1:3d:ec:05:bb:b2:b1:0b:e1:6a:a2:c6:
1e:ab:22:fb:cb:6e:18:70:e3:46:fe:8f:1d:be:1f:
22:2d:90:89:13:f6:83:e8:21:ee:48:16:25:9e:a1:
86:64:1c:87:f5:a3:3e:93:e6:a2:70:a7:b1:63:fd:
b9:6a:54:0d:ce:21:bd:9f:7f:3d:ce:de:9f:3d:fc:
06:46:4d:53:4f:3d:44:fe:06:b5:96:53:6f:9f:e5:
11:5a:79:b7:a8:71:e0:e9:8e:3d:0b:83:9e:ce:40:
1b:2e:93:6c:66:1e:f7:da:2e:2a:09:b4:be:51:65:
54:55:e0:25:6f:6c:da:bc:0c:f0:85:6f:fe:87:0f:
af:1b:b0:ad:e1:ca:72:e9:97:4f:7f:91:9a:5d:6e:
9d:fb:6d:41:d8:fa:a5:30:d0:b3:fe:4b:51:09:a9:
94:0c:77:68:aa:4e:b8:07:8e:87:62:ae:9f:a5:11:
04:e7:85:e6:2b:c3:be:23:e3:52:7c:a6:6c:18:16:
3e:b2:96:e7:1f:d8:9e:9b:94:22:23:90:5d:3b:bd:
1e:b2:9c:b7:14:6d:c9:d5:72:c7:3f:f9:5c:12:88:
ae:02:75:df:0e:75:60:ef:d6:b4:fd:a5:c0:3d:2d:
61:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C0:01:63:F3:0B:0D:F5:F2:6C:0A:30:BF:BF:D1:C4:AA:A9:A0:E3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/16
Signature Algorithm: sha256WithRSAEncryption
58:7d:74:ca:e5:26:d5:c0:cd:dc:54:06:14:99:6e:ac:82:ff:
cd:bf:0f:dd:ea:73:3c:b6:e4:b0:e7:1b:7a:4d:11:21:d3:38:
f1:03:77:f0:12:42:96:17:9e:3c:65:02:4c:f9:69:00:ba:69:
ba:88:c6:1c:f7:aa:29:06:54:a9:a3:8c:e5:17:b4:75:f6:c9:
d1:f3:19:e4:bc:58:b9:ef:df:03:c9:c3:90:6f:ec:85:b9:f1:
3b:e5:0f:34:0c:21:e4:84:35:62:f6:ef:8c:b5:57:ca:57:26:
6b:93:af:dd:10:6e:0e:d8:da:c2:a7:fa:ea:b4:03:fa:02:3b:
fe:c6:2a:5b:91:52:96:7f:c9:56:cd:9f:db:59:60:b8:3d:61:
e2:f7:6c:70:fe:ab:39:65:09:6e:eb:c6:ea:4c:77:e0:08:59:
85:cf:77:0a:97:da:99:e2:4f:ce:c8:fe:33:ae:3d:40:c2:e9:
38:75:fb:7d:2c:e0:ba:04:c9:13:86:5c:a7:ae:f0:62:cf:42:
b2:f2:7c:8c:8a:04:61:78:fb:1a:28:85:7f:a9:29:78:6f:5c:
c5:9d:19:82:be:03:84:a5:ab:3f:25:e9:2f:01:2e:cf:7e:d9:
f6:1e:9e:81:5d:4e:f0:b2:dd:77:2f:63:fb:a5:5a:8e:91:f2:
a6:94:05:79
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOIO8IFGFcvfh7DxvpgR0GO1UTuIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTUxNTEwMDZaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzY2I0MmMyNmFiMzI0OTBhZjQzN2FkYmI4MWE2N2RhYjIzMTVlYmQ3YWM2
NTQ3Zjk2ZTE4ZTJkMjBjYjA5NzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMd8P37aQ2WM2yt1bmPo0LHQsT3sBbuysQvhaqLGHqsi+8tuGHDjRv6PHb4f
Ii2QiRP2g+gh7kgWJZ6hhmQch/WjPpPmonCnsWP9uWpUDc4hvZ9/Pc7enz38BkZN
U089RP4GtZZTb5/lEVp5t6hx4OmOPQuDns5AGy6TbGYe99ouKgm0vlFlVFXgJW9s
2rwM8IVv/ocPrxuwreHKcumXT3+Rml1unfttQdj6pTDQs/5LUQmplAx3aKpOuAeO
h2Kun6URBOeF5ivDviPjUnymbBgWPrKW5x/YnpuUIiOQXTu9HrKctxRtydVyxz/5
XBKIrgJ13w51YO/WtP2lwD0tYaECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQMwAFj
8wsN9fJsCjC/v9HEqqmg4zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc3ZDc0ZmQtMzEwMS00YTliLThmMmEtOWJmZDlkYzU1MjMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN2MA0G
CSqGSIb3DQEBCwUAA4IBAQBYfXTK5SbVwM3cVAYUmW6sgv/Nvw/d6nM8tuSw5xt6
TREh0zjxA3fwEkKWF548ZQJM+WkAumm6iMYc96opBlSpo4zlF7R19snR8xnkvFi5
798DycOQb+yFufE75Q80DCHkhDVi9u+MtVfKVyZrk6/dEG4O2NrCp/rqtAP6Ajv+
xipbkVKWf8lWzZ/bWWC4PWHi92xw/qs5ZQlu68bqTHfgCFmFz3cKl9qZ4k/OyP4z
rj1Awuk4dft9LOC6BMkThlynrvBiz0Ky8nyMigRhePsaKIV/qSl4b1zFnRmCvgOE
pas/JekvAS7Pftn2Hp6BXU7wst13L2P7pVqOkfKmlAV5
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:52:04 2025 by rpki-client