Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
File: 277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa (raw, json)
Hash identifier: IJZXPyQgnSOzibmFBtSEsZTDgSWsR86pDsn7uEBgjf8=
Subject key identifier: DD:45:61:C0:69:03:64:DC:BA:BE:2F:5E:41:76:B1:FC:44:D4:46:E4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05DD64125F403087674B8DD10FCB2BC5302B0E35
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
Signing time: Fri 22 Aug 2025 15:10:02 +0000
ROA not before: Fri 22 Aug 2025 15:10:02 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:dd:64:12:5f:40:30:87:67:4b:8d:d1:0f:cb:2b:c5:30:2b:0e:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 22 15:10:02 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=8e138244eb79c1d972711dfb5567642c205e4e13f9ac6d768f1c24cf007e96e7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b8:f1:19:18:35:16:93:34:1d:77:ba:19:03:
93:17:09:e3:19:93:3d:ad:d7:cc:2e:ef:5f:04:c4:
c2:d7:a7:a3:35:15:29:55:79:27:cd:88:96:b8:34:
7c:d3:eb:1f:7a:08:f8:16:bc:e8:69:8f:87:c1:90:
17:28:63:12:2b:63:9b:24:b4:4b:cc:af:26:79:b3:
9a:f9:0a:00:50:f8:16:35:c8:80:6f:ed:da:24:d2:
b9:0f:01:96:f9:af:56:50:dd:28:e1:19:a5:d3:74:
fb:29:a5:29:02:8e:28:96:3c:ed:40:28:85:b1:25:
7e:85:5d:6f:c7:0e:7d:1f:31:4e:cd:c0:b9:90:9f:
de:52:1c:42:2b:23:a0:c3:ff:b7:ba:58:b8:3c:d8:
d3:9b:08:7a:62:4e:d4:51:d9:56:98:15:0c:37:29:
5a:f8:f3:90:84:46:98:53:2e:19:5e:12:15:9d:0c:
fe:53:08:e1:d5:35:fb:1a:3f:d8:bb:73:9f:3a:cc:
3c:47:4b:ff:e1:01:d0:7f:70:eb:38:32:15:97:b9:
00:40:90:f5:1c:97:65:cb:bc:05:58:b9:6b:63:ec:
5b:43:64:44:90:61:e8:9b:de:9a:e6:b4:f5:6d:c5:
89:3e:16:70:d8:f7:0e:02:e3:94:a3:1b:61:95:5f:
9b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:45:61:C0:69:03:64:DC:BA:BE:2F:5E:41:76:B1:FC:44:D4:46:E4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9a:fd:44:74:4a:47:83:71:d9:89:81:3b:7c:43:3c:92:c4:65:
2b:55:79:79:97:73:6a:e1:34:a0:8e:11:c1:c2:7a:43:5a:9d:
6c:dc:d6:22:fc:72:bd:ba:fd:60:97:0a:bc:26:c7:c7:15:42:
4f:1c:42:66:ca:6a:7e:85:6e:af:b6:6b:d2:4d:83:30:86:92:
1d:f7:96:8f:76:31:3e:56:ff:8b:37:f5:d7:03:6d:02:66:64:
fb:1b:1d:60:42:b5:27:81:b3:e1:4f:08:01:53:7b:57:1b:72:
08:3a:09:3f:b3:85:e3:39:2b:f1:de:f4:ce:2b:38:54:fe:75:
06:16:90:79:a1:17:ad:bd:10:97:ce:70:d1:31:17:86:7d:82:
f6:2b:a3:5e:64:26:6f:64:52:ee:b1:14:a0:bf:ae:64:70:fd:
6a:0a:97:fb:60:35:e7:fa:a0:05:82:9b:9a:d5:2a:f7:c1:a7:
ad:11:17:21:c4:54:09:c0:64:5e:d2:c7:3e:9f:a4:f0:21:50:
58:ee:5c:65:d9:18:58:6a:81:01:29:7c:c5:8c:8a:08:c9:ca:
3a:c0:5f:f1:c8:b5:9e:2a:a6:da:c4:cb:95:ad:7f:3a:77:37:
08:ed:29:bf:ee:a5:68:57:12:35:b1:d9:f5:f2:c6:ee:23:a2:
a9:36:2a:bd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBd1kEl9AMIdnS43RD8srxTArDjUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MjIxNTEwMDJaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlMTM4MjQ0ZWI3OWMxZDk3MjcxMWRmYjU1Njc2NDJjMjA1ZTRlMTNmOWFj
NmQ3NjhmMWMyNGNmMDA3ZTk2ZTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANG48RkYNRaTNB13uhkDkxcJ4xmTPa3XzC7vXwTEwtenozUVKVV5J82Ilrg0
fNPrH3oI+Ba86GmPh8GQFyhjEitjmyS0S8yvJnmzmvkKAFD4FjXIgG/t2iTSuQ8B
lvmvVlDdKOEZpdN0+ymlKQKOKJY87UAohbElfoVdb8cOfR8xTs3AuZCf3lIcQisj
oMP/t7pYuDzY05sIemJO1FHZVpgVDDcpWvjzkIRGmFMuGV4SFZ0M/lMI4dU1+xo/
2LtznzrMPEdL/+EB0H9w6zgyFZe5AECQ9RyXZcu8BVi5a2PsW0NkRJBh6Jvemua0
9W3FiT4WcNj3DgLjlKMbYZVfmwUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTdRWHA
aQNk3Lq+L15BdrH8RNRG5DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc3ZDc0ZmQtMzEwMS00YTliLThmMmEtOWJmZDlkYzU1MjMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN2MA0G
CSqGSIb3DQEBCwUAA4IBAQCa/UR0SkeDcdmJgTt8QzySxGUrVXl5l3Nq4TSgjhHB
wnpDWp1s3NYi/HK9uv1glwq8JsfHFUJPHEJmymp+hW6vtmvSTYMwhpId95aPdjE+
Vv+LN/XXA20CZmT7Gx1gQrUngbPhTwgBU3tXG3IIOgk/s4XjOSvx3vTOKzhU/nUG
FpB5oRetvRCXznDRMReGfYL2K6NeZCZvZFLusRSgv65kcP1qCpf7YDXn+qAFgpua
1Sr3waetERchxFQJwGRe0sc+n6TwIVBY7lxl2RhYaoEBKXzFjIoIyco6wF/xyLWe
KqbaxMuVrX86dzcI7Sm/7qVoVxI1sdn18sbuI6KpNiq9
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:11:04 2025 by rpki-client