Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
File: 78e385a6-a7b8-4e63-8222-9119ad4d303f.roa (raw, json)
Hash identifier: /wB9mtwCd5XPRXeP9AJQjYePxZ4i+A2Dz7So8lKqkaY=
Subject key identifier: F4:01:5A:92:7F:E5:9A:62:94:13:0E:EF:03:05:03:3B:BA:41:61:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6183977419B517C420E89E2FDBF3577FC36C3618
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
Signing time: Tue 15 Apr 2025 15:10:06 +0000
ROA not before: Tue 15 Apr 2025 15:10:06 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:83:97:74:19:b5:17:c4:20:e8:9e:2f:db:f3:57:7f:c3:6c:36:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 15 15:10:06 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=6fd0c9f113c7e37d90f646562444c1b326b75def0a3b9fd1d1fa20adb74060dd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4b:7e:b3:c4:ac:39:69:5c:62:83:e5:e7:72:
65:1f:6a:c4:ab:32:93:ba:1c:52:62:6c:f3:c9:a0:
3f:2e:d6:37:45:6c:73:05:94:c2:c6:cc:40:7e:af:
d6:a1:c6:c1:51:1e:1b:d2:84:53:c3:ee:3c:90:11:
45:d9:8c:b4:0b:2b:b0:7d:ea:d9:a6:cd:cb:1e:6c:
cd:ed:11:d3:75:ef:0b:55:ab:e5:b4:99:dd:7e:7e:
94:e2:cb:d0:bd:c2:c5:46:38:0e:33:0f:7e:b2:60:
c8:d9:3c:af:74:e1:cb:7a:c4:13:35:97:9b:11:03:
dd:9b:f6:0c:dc:6f:4f:67:14:42:1c:4d:28:3a:2d:
07:9a:95:ac:f4:22:58:e9:bb:93:7c:6a:33:77:1d:
16:bf:56:10:c8:d5:d1:53:75:9c:3d:7e:bc:0f:29:
df:78:5b:c5:a9:23:a3:d2:7c:fb:31:44:2d:23:e4:
fe:4b:a4:4f:0f:77:e5:33:7f:1f:fa:1a:39:f5:72:
e5:98:ee:38:52:12:76:be:65:8b:b0:b9:04:67:55:
3b:27:b4:7d:f4:7b:b1:11:44:c6:df:d4:9a:f7:f3:
8a:9e:2a:7d:ee:e6:90:a7:ff:c9:c2:d9:15:73:96:
f9:fe:8e:99:47:18:d2:7f:d5:7c:75:73:f1:be:76:
9d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:01:5A:92:7F:E5:9A:62:94:13:0E:EF:03:05:03:3B:BA:41:61:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
43:cc:5a:78:2a:5d:4f:cb:48:b9:68:0e:14:6b:14:c5:c8:10:
17:16:2e:3c:25:83:67:3f:3b:84:e0:ae:92:49:f5:14:f4:2c:
9e:14:99:bd:0a:b8:4f:dd:18:a4:0b:3f:66:f2:9b:97:e4:ba:
e7:0b:fe:5b:4e:69:bc:78:db:44:43:d4:f0:45:2d:45:5e:3b:
68:86:b9:d0:d4:a3:9b:fd:48:b8:0a:83:81:df:c1:3c:f4:1f:
a8:51:94:f3:52:f5:75:c8:3c:f7:eb:6e:c6:88:0c:6e:8e:a3:
b4:25:4f:36:35:57:21:79:c4:a7:da:11:08:09:55:c7:5f:c3:
4b:ac:a3:e3:bf:c4:9e:12:e0:8b:28:9a:a3:12:98:ce:99:db:
99:d8:d6:94:fb:36:20:2d:9c:5a:79:5c:a0:9c:fe:37:f3:ba:
68:12:38:d2:30:b0:b7:cb:26:ca:37:1c:fe:5c:ba:02:c4:2d:
08:33:40:30:3f:f1:aa:a6:a5:4e:13:9e:23:42:ef:bb:11:2c:
e2:0f:09:f1:f3:9e:29:49:f4:ca:69:1b:e6:01:5a:4b:c0:53:
b1:c9:60:f5:7f:47:09:db:3b:70:5e:70:e1:97:aa:76:b4:37:
ab:cf:26:48:64:a6:ad:62:92:ea:84:95:f2:34:17:e4:42:33:
bd:30:65:7c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYYOXdBm1F8Qg6J4v2/NXf8NsNhgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTUxNTEwMDZaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmZDBjOWYxMTNjN2UzN2Q5MGY2NDY1NjI0NDRjMWIzMjZiNzVkZWYwYTNi
OWZkMWQxZmEyMGFkYjc0MDYwZGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1LfrPErDlpXGKD5edyZR9qxKsyk7ocUmJs88mgPy7WN0VscwWUwsbMQH6v
1qHGwVEeG9KEU8PuPJARRdmMtAsrsH3q2abNyx5sze0R03XvC1Wr5bSZ3X5+lOLL
0L3CxUY4DjMPfrJgyNk8r3Thy3rEEzWXmxED3Zv2DNxvT2cUQhxNKDotB5qVrPQi
WOm7k3xqM3cdFr9WEMjV0VN1nD1+vA8p33hbxakjo9J8+zFELSPk/kukTw935TN/
H/oaOfVy5ZjuOFISdr5li7C5BGdVOye0ffR7sRFExt/Umvfzip4qfe7mkKf/ycLZ
FXOW+f6OmUcY0n/VfHVz8b52nUECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT0AVqS
f+WaYpQTDu8DBQM7ukFhOzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzhlMzg1YTYtYTdiOC00ZTYzLTgyMjItOTExOWFkNGQzMDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQBDzFp4Kl1Py0i5aA4UaxTFyBAXFi48JYNnPzuE4K6S
SfUU9CyeFJm9CrhP3RikCz9m8puX5LrnC/5bTmm8eNtEQ9TwRS1FXjtohrnQ1KOb
/Ui4CoOB38E89B+oUZTzUvV1yDz3627GiAxujqO0JU82NVchecSn2hEICVXHX8NL
rKPjv8SeEuCLKJqjEpjOmduZ2NaU+zYgLZxaeVygnP4387poEjjSMLC3yybKNxz+
XLoCxC0IM0AwP/GqpqVOE54jQu+7ESziDwnx854pSfTKaRvmAVpLwFOxyWD1f0cJ
2ztwXnDhl6p2tDerzyZIZKatYpLqhJXyNBfkQjO9MGV8
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:45:59 2025 by rpki-client