Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
File: 51429a37-e3fd-4b49-a184-1e07ed522f97.roa (raw, json)
Hash identifier: czWjJ1lXr8epsqO8j0R4ZYlr0LjkYtXipycV0YDGIAY=
Subject key identifier: 43:A6:DA:A8:DC:D6:A2:69:50:3C:89:26:29:8F:9A:61:B8:D6:23:49
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6FBD0B2C31F17668C7DDF5812C7405C4B4612DB8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
Signing time: Tue 05 Aug 2025 20:30:20 +0000
ROA not before: Tue 05 Aug 2025 20:30:20 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.3.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:bd:0b:2c:31:f1:76:68:c7:dd:f5:81:2c:74:05:c4:b4:61:2d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:20 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=74279cfce9d442f12c11b00a576c547c30bb6f27a3ab23fc265a5495ddb0f10e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:f3:f3:a8:27:b4:77:2b:5f:c8:38:91:91:28:
cf:ea:e9:b3:d3:4d:10:50:b9:5f:38:d3:2b:e3:62:
ca:dc:15:0a:43:d7:01:b5:02:88:09:eb:8a:08:4e:
bf:90:f7:82:3d:0b:1e:14:a4:42:df:02:31:c9:f9:
91:2d:85:b5:0d:ce:74:b9:bd:f9:89:01:52:8f:a3:
e0:c8:5e:27:7c:67:53:69:0b:4c:f7:ad:a1:bf:dc:
e0:e2:43:82:5a:ab:51:df:5b:de:f5:59:27:09:2c:
02:50:7d:1b:af:4e:33:f4:c9:f8:0c:7e:f7:41:d8:
d4:90:7e:25:5f:07:f1:80:5e:bb:0e:8f:cd:12:bf:
a2:81:7f:b2:19:32:52:d0:16:78:92:be:ee:0e:87:
40:5e:ca:cb:19:45:ad:83:8e:d3:0e:c3:63:31:28:
31:b4:6c:fc:97:82:a2:ef:3b:0d:49:8f:70:f4:b8:
76:59:67:c5:5c:33:51:38:18:2e:db:6d:ca:58:2b:
1d:6f:19:f6:c6:e4:78:e1:c6:79:31:3e:7f:e8:33:
32:33:08:4c:76:92:c6:1c:a5:f0:80:ec:a1:b2:8d:
3c:90:26:eb:c9:f9:dc:a4:d1:28:09:e2:a3:66:5f:
97:0d:97:0e:48:6e:23:a5:3b:2c:e4:a5:fc:f0:b3:
70:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A6:DA:A8:DC:D6:A2:69:50:3C:89:26:29:8F:9A:61:B8:D6:23:49
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bf:9a:eb:76:81:92:d4:d8:80:76:ec:4d:6f:87:00:2a:80:35:
cf:94:54:5f:f3:26:d4:07:8e:b9:f5:d3:58:53:99:b2:7a:2a:
df:14:69:93:24:95:ab:10:e4:37:72:13:3f:1e:f5:77:7e:f6:
a8:e4:ef:4c:59:89:94:cf:f3:7e:cd:cb:d6:ff:f4:a7:7f:d7:
aa:3e:af:99:ad:2e:55:15:f4:19:12:70:54:bd:b9:01:0e:25:
ba:eb:42:b1:6e:46:aa:03:e1:dc:77:58:bd:84:01:25:b7:72:
b8:85:c5:b0:6f:e1:36:50:76:07:0a:8c:95:9a:9a:4b:08:2e:
b2:f4:9e:33:f2:c5:bd:29:44:1b:4e:5b:eb:83:f1:68:4d:eb:
86:5b:88:32:b3:fc:3f:4d:23:e0:a7:fb:a2:c0:8c:0d:e9:bc:
ba:fd:2c:9f:05:87:31:bf:68:73:51:ea:d0:9b:0f:f1:dc:74:
8a:8f:64:b3:08:ab:8a:bb:f8:32:09:bf:9f:d7:47:d3:21:79:
95:b3:50:bf:d6:b0:ef:00:cd:5a:92:e9:04:1c:b8:9e:53:26:
02:89:6d:89:7d:9a:e4:f7:e9:55:98:e0:38:8a:57:16:4b:64:
e9:ee:8e:88:87:15:2d:da:88:e2:e9:7e:a8:a4:05:7d:05:0e:
86:b6:29:e9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUb70LLDHxdmjH3fWBLHQFxLRhLbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMjBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0Mjc5Y2ZjZTlkNDQyZjEyYzExYjAwYTU3NmM1NDdjMzBiYjZmMjdhM2Fi
MjNmYzI2NWE1NDk1ZGRiMGYxMGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAP3z86gntHcrX8g4kZEoz+rps9NNEFC5XzjTK+NiytwVCkPXAbUCiAnrighO
v5D3gj0LHhSkQt8CMcn5kS2FtQ3OdLm9+YkBUo+j4MheJ3xnU2kLTPetob/c4OJD
glqrUd9b3vVZJwksAlB9G69OM/TJ+Ax+90HY1JB+JV8H8YBeuw6PzRK/ooF/shky
UtAWeJK+7g6HQF7KyxlFrYOO0w7DYzEoMbRs/JeCou87DUmPcPS4dllnxVwzUTgY
LtttylgrHW8Z9sbkeOHGeTE+f+gzMjMITHaSxhyl8IDsobKNPJAm68n53KTRKAni
o2Zflw2XDkhuI6U7LOSl/PCzcNMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRDptqo
3NaiaVA8iSYpj5phuNYjSTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTE0MjlhMzctZTNmZC00YjQ5LWExODQtMWUwN2VkNTIyZjk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMDMA0G
CSqGSIb3DQEBCwUAA4IBAQC/mut2gZLU2IB27E1vhwAqgDXPlFRf8ybUB4659dNY
U5myeirfFGmTJJWrEOQ3chM/HvV3fvao5O9MWYmUz/N+zcvW//Snf9eqPq+ZrS5V
FfQZEnBUvbkBDiW660KxbkaqA+Hcd1i9hAElt3K4hcWwb+E2UHYHCoyVmppLCC6y
9J4z8sW9KUQbTlvrg/FoTeuGW4gys/w/TSPgp/uiwIwN6by6/SyfBYcxv2hzUerQ
mw/x3HSKj2SzCKuKu/gyCb+f10fTIXmVs1C/1rDvAM1akukEHLieUyYCiW2JfZrk
9+lVmOA4ilcWS2Tp7o6IhxUt2oji6X6opAV9BQ6Gtinp
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:38:09 2025 by rpki-client