Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
File: 78e385a6-a7b8-4e63-8222-9119ad4d303f.roa (raw, json)
Hash identifier: 8tTI+/mDzc5f/SAg2DeK64St1voYfNE4JPnrcvCupNc=
Subject key identifier: 6E:6E:76:A0:3A:47:C1:FA:0F:76:5F:16:AE:4F:52:C8:E5:09:E3:CD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 57C4B9891EE0B0454AEE0CECBFD9BBFBAEB075B5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
Signing time: Mon 12 May 2025 16:20:03 +0000
ROA not before: Mon 12 May 2025 16:20:03 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 14:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:c4:b9:89:1e:e0:b0:45:4a:ee:0c:ec:bf:d9:bb:fb:ae:b0:75:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 12 16:20:03 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=56c88a9ace47ca3d571503bc4752fdc88209dc20074fdbeefeb0460ead3227ae, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:67:4a:6b:9d:0d:50:0d:27:b1:d2:eb:b6:10:
9c:9f:83:61:a4:31:57:42:d2:1e:d1:d3:ca:2b:7b:
a7:7f:59:93:f0:46:6e:d3:d9:4b:17:2d:f9:3b:5e:
df:0a:51:76:71:21:5a:f6:00:18:40:28:43:c1:e6:
46:9b:f3:48:8c:97:67:2e:d6:35:0a:10:c0:b6:61:
7a:a0:2b:f7:72:d7:33:54:f7:59:64:d5:ca:45:d2:
da:44:bb:1f:84:9e:31:59:e4:a3:00:8f:44:07:aa:
22:7b:a2:a0:a2:92:b2:df:10:fb:5e:41:dc:58:4e:
96:43:43:05:0e:b9:31:55:4a:da:78:19:a1:de:67:
4c:28:b3:ba:24:e3:41:4e:f6:8d:d6:e5:dc:17:ea:
11:d7:a9:c9:d4:03:40:35:29:58:ca:9a:c7:24:c8:
ee:4a:4e:05:11:92:6e:6e:3b:78:55:24:cc:ed:dd:
47:25:09:eb:8b:20:34:78:86:e8:25:ff:4f:4c:8d:
26:43:09:98:95:74:29:60:e0:7e:7c:75:2d:d0:80:
ff:c4:7a:0f:02:89:11:2e:9d:11:a1:a5:14:52:ce:
0e:b2:6f:39:a6:03:d3:52:26:d3:8a:d1:81:53:44:
f6:7d:e2:7f:19:6a:3c:b3:da:f5:c6:16:67:36:06:
9e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:6E:76:A0:3A:47:C1:FA:0F:76:5F:16:AE:4F:52:C8:E5:09:E3:CD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
18:8a:04:a0:77:d0:18:af:36:2a:60:5a:99:b0:38:f4:54:3d:
df:d0:f4:aa:2a:46:64:f1:6f:2d:25:64:f5:ab:11:32:a0:91:
3e:4a:56:44:6f:02:d3:e5:15:e1:30:b6:77:40:9b:80:10:45:
a2:01:fa:ac:26:00:c4:f1:54:44:6f:7f:68:21:0d:17:a8:d1:
98:14:ec:f7:40:56:5f:72:47:3b:82:8d:96:c8:f4:ed:1e:f4:
88:27:e8:3c:5b:3f:42:9f:2d:db:2d:58:db:f2:f2:8c:2a:41:
7f:45:7a:a9:ae:ed:b7:2d:78:a8:3e:36:bb:24:73:f8:76:85:
3e:80:35:87:0a:60:b5:e0:a4:79:2a:ab:96:83:4c:74:e2:65:
7d:31:f3:5e:41:fa:02:08:1b:db:0a:b2:80:59:d0:29:30:b4:
40:49:7e:3a:e6:30:c6:92:f9:a8:cf:50:f3:f8:e5:c7:47:88:
ee:9d:6f:c5:7c:1c:f0:49:6b:64:b2:c2:5f:8f:a7:53:bc:45:
8f:26:89:da:7e:fa:11:4d:92:8d:04:cc:3d:88:63:66:ab:55:
c1:7c:86:c3:f7:f8:cf:73:c4:bd:90:88:74:44:5f:df:96:bc:
63:13:cd:43:99:a0:72:88:05:47:d6:e1:c2:3e:98:c6:89:db:
5f:d4:1c:a5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUV8S5iR7gsEVK7gzsv9m7+66wdbUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MTIxNjIwMDNaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2Yzg4YTlhY2U0N2NhM2Q1NzE1MDNiYzQ3NTJmZGM4ODIwOWRjMjAwNzRm
ZGJlZWZlYjA0NjBlYWQzMjI3YWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZnSmudDVANJ7HS67YQnJ+DYaQxV0LSHtHTyit7p39Zk/BGbtPZSxct+Tte
3wpRdnEhWvYAGEAoQ8HmRpvzSIyXZy7WNQoQwLZheqAr93LXM1T3WWTVykXS2kS7
H4SeMVnkowCPRAeqInuioKKSst8Q+15B3FhOlkNDBQ65MVVK2ngZod5nTCizuiTj
QU72jdbl3BfqEdepydQDQDUpWMqaxyTI7kpOBRGSbm47eFUkzO3dRyUJ64sgNHiG
6CX/T0yNJkMJmJV0KWDgfnx1LdCA/8R6DwKJES6dEaGlFFLODrJvOaYD01Im04rR
gVNE9n3ifxlqPLPa9cYWZzYGnnUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRubnag
OkfB+g92XxauT1LI5QnjzTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzhlMzg1YTYtYTdiOC00ZTYzLTgyMjItOTExOWFkNGQzMDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQAYigSgd9AYrzYqYFqZsDj0VD3f0PSqKkZk8W8tJWT1
qxEyoJE+SlZEbwLT5RXhMLZ3QJuAEEWiAfqsJgDE8VREb39oIQ0XqNGYFOz3QFZf
ckc7go2WyPTtHvSIJ+g8Wz9Cny3bLVjb8vKMKkF/RXqpru23LXioPja7JHP4doU+
gDWHCmC14KR5KquWg0x04mV9MfNeQfoCCBvbCrKAWdApMLRASX465jDGkvmoz1Dz
+OXHR4junW/FfBzwSWtkssJfj6dTvEWPJonafvoRTZKNBMw9iGNmq1XBfIbD9/jP
c8S9kIh0RF/flrxjE81DmaByiAVH1uHCPpjGidtf1Byl
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:31:20 2025 by rpki-client