Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
File: 277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa (raw, json)
Hash identifier: 77T8+GDxH2eF7rBBxIF5u9Mdl3/O+juszEPn1xOHCqc=
Subject key identifier: D0:25:78:DC:3A:57:CC:97:11:07:41:C8:82:45:38:11:20:5A:1B:4F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 057EEB83502428528ABB756BBD8CE38E54CBCBD2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
Signing time: Fri 06 Jun 2025 15:10:05 +0000
ROA not before: Fri 06 Jun 2025 15:10:05 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:7e:eb:83:50:24:28:52:8a:bb:75:6b:bd:8c:e3:8e:54:cb:cb:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 6 15:10:05 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=dd3f88b6a8d1945de5beff7a3f102e19eeacc85d5b9817fc66c4f411e6f84e64, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8a:4c:98:8d:6d:e5:0a:cc:7e:be:61:90:5f:
9e:4b:70:62:77:f6:58:de:99:fb:48:cb:4b:95:9a:
36:4a:2f:8d:5d:44:3b:da:3f:08:96:eb:7f:f0:10:
3e:14:f9:d8:fe:97:19:8b:13:d0:7f:f0:40:d7:a0:
14:6d:a4:c0:8c:0e:2b:60:99:39:a5:eb:3a:96:59:
63:d1:02:12:fe:6d:57:43:a0:94:3f:ef:ce:a8:dd:
22:3d:68:74:f1:88:4c:bf:32:be:09:52:41:25:17:
c3:af:e5:43:bb:e6:25:d4:7b:36:d3:09:98:f7:1a:
f3:f3:7b:72:59:0f:b5:03:e1:37:3e:30:1e:fd:fc:
05:a5:96:65:6f:a6:fd:37:62:86:15:3f:c0:b5:73:
5e:53:a7:52:15:d0:bb:1c:a5:50:be:d2:d0:f2:c4:
ca:b7:25:78:a5:2e:5d:c1:d8:70:d5:96:9c:ee:53:
7e:b0:50:cb:8c:d6:9d:1f:b5:72:b1:0c:4b:40:9a:
89:b3:66:e0:29:98:b0:93:25:16:0d:2e:33:93:b8:
30:71:9f:d4:b3:da:27:b0:cb:9f:16:c2:81:86:70:
e9:54:88:b0:1f:af:38:eb:08:de:ed:f9:88:7f:d5:
6a:7d:4f:5f:8d:c1:3c:12:72:59:4a:56:34:6f:2f:
c3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:25:78:DC:3A:57:CC:97:11:07:41:C8:82:45:38:11:20:5A:1B:4F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:5f:99:6c:72:12:a1:52:ed:0e:21:3e:b5:b6:1e:9b:9c:cd:
46:75:47:04:81:67:02:49:e5:66:30:3b:d0:1f:cc:1b:03:eb:
b5:dc:8c:de:5b:20:2a:7d:9a:01:45:9c:07:c8:ca:52:ac:6b:
85:55:11:56:22:a2:bb:d3:16:54:d5:fb:60:47:db:5c:56:25:
1c:1f:31:a5:60:ae:a1:db:ee:d9:67:86:0d:db:9d:16:e4:9e:
71:22:e6:9f:02:53:7f:7a:1c:61:2d:1e:5f:d6:85:ec:ee:b2:
90:53:29:c9:53:88:4b:80:ef:a0:8f:19:00:76:a6:2d:26:51:
48:e6:ad:96:40:31:b2:30:c4:85:8f:77:db:7f:ab:7f:8d:af:
54:d9:a4:02:df:fc:00:82:7a:45:01:42:c3:bd:d2:31:46:d1:
de:65:f1:32:ad:cf:0c:59:6c:82:71:eb:b1:f1:23:c0:0f:4d:
cc:54:01:d4:57:a5:ec:48:4f:6d:ec:41:f1:09:79:02:84:8b:
74:11:bb:f7:ae:0f:60:82:21:63:e7:c5:a7:26:ff:e3:9b:87:
43:67:68:db:66:73:03:4f:11:fe:81:c1:dc:77:1e:33:c8:81:
77:4d:96:9f:fe:fd:d2:a8:0f:f4:b9:7f:f7:12:bb:9b:a6:af:
1f:43:2b:80
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBX7rg1AkKFKKu3VrvYzjjlTLy9IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MDYxNTEwMDVaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkM2Y4OGI2YThkMTk0NWRlNWJlZmY3YTNmMTAyZTE5ZWVhY2M4NWQ1Yjk4
MTdmYzY2YzRmNDExZTZmODRlNjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaKTJiNbeUKzH6+YZBfnktwYnf2WN6Z+0jLS5WaNkovjV1EO9o/CJbrf/AQ
PhT52P6XGYsT0H/wQNegFG2kwIwOK2CZOaXrOpZZY9ECEv5tV0OglD/vzqjdIj1o
dPGITL8yvglSQSUXw6/lQ7vmJdR7NtMJmPca8/N7clkPtQPhNz4wHv38BaWWZW+m
/TdihhU/wLVzXlOnUhXQuxylUL7S0PLEyrcleKUuXcHYcNWWnO5TfrBQy4zWnR+1
crEMS0CaibNm4CmYsJMlFg0uM5O4MHGf1LPaJ7DLnxbCgYZw6VSIsB+vOOsI3u35
iH/Van1PX43BPBJyWUpWNG8vw+UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTQJXjc
OlfMlxEHQciCRTgRIFobTzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc3ZDc0ZmQtMzEwMS00YTliLThmMmEtOWJmZDlkYzU1MjMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN2MA0G
CSqGSIb3DQEBCwUAA4IBAQBuX5lschKhUu0OIT61th6bnM1GdUcEgWcCSeVmMDvQ
H8wbA+u13IzeWyAqfZoBRZwHyMpSrGuFVRFWIqK70xZU1ftgR9tcViUcHzGlYK6h
2+7ZZ4YN250W5J5xIuafAlN/ehxhLR5f1oXs7rKQUynJU4hLgO+gjxkAdqYtJlFI
5q2WQDGyMMSFj3fbf6t/ja9U2aQC3/wAgnpFAULDvdIxRtHeZfEyrc8MWWyCceux
8SPAD03MVAHUV6XsSE9t7EHxCXkChIt0Ebv3rg9ggiFj58WnJv/jm4dDZ2jbZnMD
TxH+gcHcdx4zyIF3TZaf/v3SqA/0uX/3Erubpq8fQyuA
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:07:22 2025 by rpki-client