Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
File: 78e385a6-a7b8-4e63-8222-9119ad4d303f.roa (raw, json)
Hash identifier: 5cOFqmy5ryB1cDPr5HC14SVNf9DLj/Nr9xBoOzxsAxg=
Subject key identifier: D1:70:C0:12:DC:BA:E7:AC:61:5C:AE:A2:C8:59:79:8A:5E:EB:D2:12
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C297DC4A77ACE7BD6F11123C3B2065D85EADA13
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
Signing time: Fri 06 Jun 2025 15:10:06 +0000
ROA not before: Fri 06 Jun 2025 15:10:06 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:29:7d:c4:a7:7a:ce:7b:d6:f1:11:23:c3:b2:06:5d:85:ea:da:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 6 15:10:06 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=fa3267faebc9be0ee5199d5008a3b8072e250b61a894efe00c9a7b56897c43ea, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:33:f7:4e:54:4e:dc:49:45:40:19:11:fd:e5:
87:fa:77:85:88:05:bf:26:86:d1:c7:42:89:5b:6e:
04:14:c1:d9:a7:51:87:fb:dd:4b:44:7d:9c:ac:64:
49:dc:28:84:d3:94:14:65:e7:93:d7:7e:75:da:ec:
13:2d:4a:ea:52:e7:dd:ab:c6:46:f8:e3:74:23:dd:
2c:90:21:8c:22:df:86:e5:1e:49:94:9e:b1:53:5a:
fd:31:39:f3:a7:26:13:6e:f1:71:c5:bd:39:ab:5e:
d5:e9:af:7a:e5:0c:d9:b5:e1:8c:e0:5a:ff:69:e8:
d8:0e:e9:39:14:1e:bf:61:bf:70:89:90:ed:d0:ac:
dd:6a:f4:3f:b2:25:c8:48:85:31:da:33:e0:ab:c8:
80:27:0d:ee:35:30:0d:03:9d:69:4b:bc:c7:cc:c9:
60:6c:4e:ae:73:11:90:f3:1a:2e:a5:04:28:93:ce:
d3:f8:90:7f:5f:d5:2f:bc:97:af:8b:39:9d:06:0b:
af:cc:db:be:2e:9a:48:3c:75:e8:d8:fa:2c:d6:bc:
51:86:4f:80:df:a7:28:b5:a8:d4:ab:fe:4d:be:1c:
80:68:8f:d0:73:ad:00:20:92:8d:a7:fa:ff:ab:0d:
d0:7b:9b:f6:a8:02:e9:ca:89:9e:e6:7c:48:82:0f:
44:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:70:C0:12:DC:BA:E7:AC:61:5C:AE:A2:C8:59:79:8A:5E:EB:D2:12
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b9:77:12:3e:12:0d:5a:f9:cc:ab:42:88:26:e3:c6:bb:1e:71:
dd:50:92:c2:47:5a:c8:0f:92:ba:09:13:e6:2c:4b:e8:13:ce:
64:a5:95:b6:52:b8:90:12:f3:02:1d:1d:ed:e0:4f:83:49:4f:
9a:71:fc:2f:9d:d1:53:84:d4:21:3c:e1:12:e9:38:44:88:ab:
51:fe:dd:9a:6f:a9:4c:55:aa:70:f3:93:61:b2:83:3a:10:cd:
53:29:96:11:10:12:d0:fe:fd:8c:95:93:9a:1b:9a:cb:a8:3c:
7d:3c:bd:43:16:08:a0:9f:8f:29:28:42:57:60:21:7e:b6:30:
40:2d:de:75:ca:a1:29:28:a5:b1:a2:10:fa:17:04:13:27:62:
22:7f:62:a2:dd:b1:db:8b:69:3e:d2:22:e5:0e:6b:b1:dc:52:
a4:49:c5:73:83:f1:02:a2:42:d4:ea:70:49:8c:27:5e:b7:75:
9d:2c:f8:cd:0d:c1:75:aa:e8:7a:9c:d3:96:dd:bd:48:b4:bc:
87:a5:91:7e:a1:66:4f:92:2f:50:d5:33:a9:ed:bd:51:42:a2:
ec:78:bf:c2:52:8a:6b:b8:93:86:b6:df:5e:08:18:00:76:8f:
d4:14:08:6d:fc:ce:31:80:53:98:b0:3b:c6:ca:78:92:82:fb:
c9:49:07:6a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbCl9xKd6znvW8REjw7IGXYXq2hMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MDYxNTEwMDZaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhMzI2N2ZhZWJjOWJlMGVlNTE5OWQ1MDA4YTNiODA3MmUyNTBiNjFhODk0
ZWZlMDBjOWE3YjU2ODk3YzQzZWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQz905UTtxJRUAZEf3lh/p3hYgFvyaG0cdCiVtuBBTB2adRh/vdS0R9nKxk
SdwohNOUFGXnk9d+ddrsEy1K6lLn3avGRvjjdCPdLJAhjCLfhuUeSZSesVNa/TE5
86cmE27xccW9Oate1emveuUM2bXhjOBa/2no2A7pORQev2G/cImQ7dCs3Wr0P7Il
yEiFMdoz4KvIgCcN7jUwDQOdaUu8x8zJYGxOrnMRkPMaLqUEKJPO0/iQf1/VL7yX
r4s5nQYLr8zbvi6aSDx16Nj6LNa8UYZPgN+nKLWo1Kv+Tb4cgGiP0HOtACCSjaf6
/6sN0Hub9qgC6cqJnuZ8SIIPRAMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTRcMAS
3LrnrGFcrqLIWXmKXuvSEjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzhlMzg1YTYtYTdiOC00ZTYzLTgyMjItOTExOWFkNGQzMDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQC5dxI+Eg1a+cyrQogm48a7HnHdUJLCR1rID5K6CRPm
LEvoE85kpZW2UriQEvMCHR3t4E+DSU+acfwvndFThNQhPOES6ThEiKtR/t2ab6lM
Vapw85NhsoM6EM1TKZYREBLQ/v2MlZOaG5rLqDx9PL1DFgign48pKEJXYCF+tjBA
Ld51yqEpKKWxohD6FwQTJ2Iif2Ki3bHbi2k+0iLlDmux3FKkScVzg/ECokLU6nBJ
jCdet3WdLPjNDcF1quh6nNOW3b1ItLyHpZF+oWZPki9Q1TOp7b1RQqLseL/CUopr
uJOGtt9eCBgAdo/UFAht/M4xgFOYsDvGyniSgvvJSQdq
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:18:44 2025 by rpki-client