Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
File: 41816f61-5ce3-406a-8d78-37c4eafa6915.roa (raw, json)
Hash identifier: JyZEkLT9LcxXirzd+wu4VfFVFD6+Pi4nGVzNsAZou78=
Subject key identifier: AD:AE:BA:97:4A:E9:5C:DA:6F:70:AD:39:30:64:76:6A:69:D7:70:E1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0B2505B730ACAE7797F184D53E842C1527387E01
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
Signing time: Tue 05 Aug 2025 20:20:57 +0000
ROA not before: Tue 05 Aug 2025 20:20:57 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:25:05:b7:30:ac:ae:77:97:f1:84:d5:3e:84:2c:15:27:38:7e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:57 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=a92a1a97ffce0d9583e17b4907fdbb8d3f88b31c45cf7b03f767ac294d96fa12, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d2:c3:ed:01:13:a7:bb:c0:85:a1:10:01:eb:
b0:39:4e:74:de:2c:92:c6:1a:dd:84:b2:c9:21:df:
4a:4e:e5:c9:d7:67:e3:18:cc:44:d7:f5:bc:6d:91:
0e:b7:85:e3:83:db:f9:e5:58:ad:ee:a1:bc:2f:47:
5f:17:d4:f1:ee:a8:59:a7:31:95:eb:8c:bf:64:3b:
16:ea:59:f1:b5:bf:2d:a5:a0:0a:38:ce:e1:7c:f5:
1e:a8:cb:d5:38:89:c3:04:1a:bf:a5:3d:a6:c8:9f:
47:75:ea:c4:f7:fc:a7:89:a4:40:d0:8e:13:7b:8b:
21:ff:da:c4:1d:88:47:9a:06:ec:64:c4:09:93:ad:
28:96:f3:6d:43:13:78:a4:4d:34:d9:a2:fc:33:ab:
fb:14:29:98:f7:51:61:e2:45:74:cf:63:12:16:b5:
ac:3b:ae:4a:eb:c1:02:a0:d6:ef:f0:8a:b3:d0:98:
da:a0:11:f0:bd:24:73:ac:1c:4f:ad:61:06:dc:9c:
6d:b6:91:50:10:71:6e:c6:fa:82:8c:db:7c:36:28:
d6:98:ea:0a:73:c8:4b:9c:12:7a:0b:3b:f3:a1:a8:
c2:4a:6b:e6:b5:fa:e7:bd:52:81:6b:ad:99:2d:f7:
18:13:4a:62:a6:c1:0a:75:aa:2e:51:e1:c5:d6:17:
0b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AE:BA:97:4A:E9:5C:DA:6F:70:AD:39:30:64:76:6A:69:D7:70:E1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.32.0/19
Signature Algorithm: sha256WithRSAEncryption
51:9a:41:1d:63:f2:6f:2f:47:58:2d:29:03:da:67:2a:31:ed:
81:c9:2d:73:51:1d:58:27:95:88:e6:32:6b:bc:71:72:f5:4d:
3c:88:41:3a:31:03:76:fb:7e:73:6f:05:27:84:bf:2b:bb:b4:
d3:0c:d8:07:7c:8d:75:ec:d8:0c:cd:3c:04:34:19:ce:35:b7:
ab:50:68:5d:08:43:01:03:0c:45:4e:07:5b:a1:92:f6:11:92:
77:eb:ae:3c:94:18:3b:a3:86:d9:d9:f4:02:16:91:5c:22:6e:
e0:9f:b6:18:3b:bb:2c:c1:3c:45:c6:b5:1c:86:a2:24:05:53:
41:3c:c3:45:2d:b4:5e:50:24:21:95:4d:bf:06:27:54:19:8d:
1f:97:1c:2d:fd:7f:8d:36:bc:5d:22:93:04:18:f7:2f:4b:a4:
91:d4:45:7c:67:2c:2c:1b:6d:dd:4b:9b:7a:17:94:2e:7b:f8:
80:8c:da:d0:89:26:a8:20:8f:04:e0:e3:32:8a:01:28:01:7b:
60:72:27:27:b2:da:6a:d6:ee:7a:0a:1e:de:67:dc:10:ac:23:
72:d1:cd:f3:52:8b:c2:d3:65:c8:66:1d:1c:d6:8a:ef:d3:fd:
b5:a6:14:55:f1:2d:75:b0:de:4d:10:ed:cd:05:48:e1:f2:04:
66:4a:66:e0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCyUFtzCsrneX8YTVPoQsFSc4fgEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwNTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5MmExYTk3ZmZjZTBkOTU4M2UxN2I0OTA3ZmRiYjhkM2Y4OGIzMWM0NWNm
N2IwM2Y3NjdhYzI5NGQ5NmZhMTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfSw+0BE6e7wIWhEAHrsDlOdN4sksYa3YSyySHfSk7lyddn4xjMRNf1vG2R
DreF44Pb+eVYre6hvC9HXxfU8e6oWacxleuMv2Q7FupZ8bW/LaWgCjjO4Xz1HqjL
1TiJwwQav6U9psifR3XqxPf8p4mkQNCOE3uLIf/axB2IR5oG7GTECZOtKJbzbUMT
eKRNNNmi/DOr+xQpmPdRYeJFdM9jEha1rDuuSuvBAqDW7/CKs9CY2qAR8L0kc6wc
T61hBtycbbaRUBBxbsb6gozbfDYo1pjqCnPIS5wSegs786Gowkpr5rX6571SgWut
mS33GBNKYqbBCnWqLlHhxdYXCzECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBStrrqX
Sulc2m9wrTkwZHZqaddw4TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE4MTZmNjEtNWNlMy00MDZhLThkNzgtMzdjNGVhZmE2OTE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAUZpBHWPyby9HWC0pA9pnKjHtgcktc1EdWCeViOYy
a7xxcvVNPIhBOjEDdvt+c28FJ4S/K7u00wzYB3yNdezYDM08BDQZzjW3q1BoXQhD
AQMMRU4HW6GS9hGSd+uuPJQYO6OG2dn0AhaRXCJu4J+2GDu7LME8Rca1HIaiJAVT
QTzDRS20XlAkIZVNvwYnVBmNH5ccLf1/jTa8XSKTBBj3L0ukkdRFfGcsLBtt3Uub
eheULnv4gIza0IkmqCCPBODjMooBKAF7YHInJ7Laatbuegoe3mfcEKwjctHN81KL
wtNlyGYdHNaK79P9taYUVfEtdbDeTRDtzQVI4fIEZkpm4A==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:26 2025 by rpki-client