Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
File: 277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa (raw, json)
Hash identifier: 2ZgtKBKUMWK4qUiI2wvNZ3klsABdR83KwyS8zeoxq1k=
Subject key identifier: 40:D5:69:69:7C:4F:76:C5:A9:17:80:DF:21:4B:05:0C:63:03:9C:7D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1CB6E88933F7557AFBB8D44F38F41C3923C94BD5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
Signing time: Mon 12 May 2025 16:20:03 +0000
ROA not before: Mon 12 May 2025 16:20:03 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:b6:e8:89:33:f7:55:7a:fb:b8:d4:4f:38:f4:1c:39:23:c9:4b:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 12 16:20:03 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=1c9aa36b7c2633a02437dba573fee9273c2d66412aedcdb6124a5762dd510de3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:37:48:6f:85:a9:59:b3:28:aa:90:a6:73:2d:
a1:f3:82:9a:3a:c3:c1:b2:a9:c6:f6:b9:35:52:d8:
2c:cf:f0:4d:75:90:14:aa:05:7d:c0:05:35:d0:78:
87:8b:20:3d:01:ce:4f:7e:1e:15:f5:83:c4:4f:2c:
27:07:18:df:2a:91:8f:f2:2b:98:60:3d:c7:e4:92:
42:80:40:54:05:90:09:fd:5f:2e:42:44:e8:ed:a8:
ec:db:c4:e5:32:00:08:b9:22:ac:63:dc:85:40:a6:
4e:53:26:7e:3c:8f:d7:6a:cf:16:8c:4e:bb:4d:36:
1f:36:f3:31:06:5d:43:6c:57:ad:e4:ca:1e:2e:a3:
b4:32:d3:76:19:15:60:d3:3f:a1:ab:d4:e4:e0:67:
e7:22:b3:ef:43:6f:88:14:2e:7e:34:d1:30:0c:d9:
6d:e6:bf:34:f8:0c:0e:ba:56:db:ab:d6:f3:e4:5b:
ea:ce:39:2a:c1:5b:54:12:95:be:c8:11:81:89:df:
df:54:45:84:0f:d1:61:51:68:6f:20:0a:9b:c7:0c:
91:24:58:4c:c6:fc:7d:eb:76:d4:84:c8:50:89:6d:
34:ff:f9:09:a4:68:cb:29:aa:21:82:9f:9d:6a:fd:
9f:48:7a:8b:f6:47:4a:1c:7f:50:07:70:51:59:89:
1f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D5:69:69:7C:4F:76:C5:A9:17:80:DF:21:4B:05:0C:63:03:9C:7D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:7a:90:c6:60:73:4d:41:f2:71:ae:a4:e0:f5:f1:9d:a3:fd:
d3:fd:25:bf:60:55:12:e8:79:74:a2:fb:f8:93:82:fe:b8:e1:
7c:f6:97:f0:38:47:63:cb:92:8e:43:7f:64:e6:fc:f2:31:9c:
df:8c:ff:95:cf:3c:c9:8e:98:d3:a8:a6:5b:b6:85:d6:0b:ab:
bd:0f:60:74:98:bb:07:c8:9e:cd:48:97:36:8a:b6:e7:71:10:
b7:82:e9:4f:07:7b:bf:1b:98:54:b3:70:1c:38:7c:27:95:21:
db:f8:38:e4:8e:d6:b3:0d:13:4b:73:91:12:93:d2:39:c6:e7:
d9:a3:7f:68:42:b0:18:d4:44:6a:af:7b:45:d3:e5:6f:36:ee:
c9:86:49:d0:d8:fc:e6:7c:14:77:5b:a9:b4:6c:56:8d:ce:dc:
d7:a8:de:ed:fe:7b:62:50:84:93:4c:06:20:48:df:66:a6:56:
7b:fd:2b:a5:1e:50:27:89:dd:6a:40:76:11:44:2e:be:ea:09:
2d:c0:d7:a3:9c:f0:4d:a7:ff:c3:35:89:00:98:5d:c2:58:8d:
70:d6:4b:72:7c:94:e7:7e:04:1b:5d:a5:ac:0c:1f:59:38:44:
6d:6c:04:ef:3b:53:ae:4c:cf:82:05:83:b1:86:a2:7e:9f:2a:
80:60:72:40
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHLboiTP3VXr7uNRPOPQcOSPJS9UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MTIxNjIwMDNaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjOWFhMzZiN2MyNjMzYTAyNDM3ZGJhNTczZmVlOTI3M2MyZDY2NDEyYWVk
Y2RiNjEyNGE1NzYyZGQ1MTBkZTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMM3SG+FqVmzKKqQpnMtofOCmjrDwbKpxva5NVLYLM/wTXWQFKoFfcAFNdB4
h4sgPQHOT34eFfWDxE8sJwcY3yqRj/IrmGA9x+SSQoBAVAWQCf1fLkJE6O2o7NvE
5TIACLkirGPchUCmTlMmfjyP12rPFoxOu002HzbzMQZdQ2xXreTKHi6jtDLTdhkV
YNM/oavU5OBn5yKz70NviBQufjTRMAzZbea/NPgMDrpW26vW8+Rb6s45KsFbVBKV
vsgRgYnf31RFhA/RYVFobyAKm8cMkSRYTMb8fet21ITIUIltNP/5CaRoyymqIYKf
nWr9n0h6i/ZHShx/UAdwUVmJHy8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRA1Wlp
fE92xakXgN8hSwUMYwOcfTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc3ZDc0ZmQtMzEwMS00YTliLThmMmEtOWJmZDlkYzU1MjMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN2MA0G
CSqGSIb3DQEBCwUAA4IBAQAKepDGYHNNQfJxrqTg9fGdo/3T/SW/YFUS6Hl0ovv4
k4L+uOF89pfwOEdjy5KOQ39k5vzyMZzfjP+VzzzJjpjTqKZbtoXWC6u9D2B0mLsH
yJ7NSJc2irbncRC3gulPB3u/G5hUs3AcOHwnlSHb+DjkjtazDRNLc5ESk9I5xufZ
o39oQrAY1ERqr3tF0+VvNu7JhknQ2PzmfBR3W6m0bFaNztzXqN7t/ntiUISTTAYg
SN9mplZ7/SulHlAnid1qQHYRRC6+6gktwNejnPBNp//DNYkAmF3CWI1w1ktyfJTn
fgQbXaWsDB9ZOERtbATvO1OuTM+CBYOxhqJ+nyqAYHJA
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:43:06 2025 by rpki-client