Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
File: b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa (raw, json)
Hash identifier: ux4D2oHON9xLY9+Vn6z2MS124RP8PJD28PnZ6f/5xtM=
Subject key identifier: 29:30:81:35:10:1E:0E:50:8D:56:F2:78:32:ED:E8:74:B4:B3:6D:4E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B81D7AF7616620FF7319F0D0DD0C74CC55ADF06
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
Signing time: Fri 08 Aug 2025 00:41:07 +0000
ROA not before: Fri 08 Aug 2025 00:41:07 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:81:d7:af:76:16:62:0f:f7:31:9f:0d:0d:d0:c7:4c:c5:5a:df:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:41:07 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=f3b6e7ad4dbfe2ca42ff9873e0f1b59f455be5f0f9d1e18159fff014eb8072e4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:29:cf:db:75:cd:76:9b:ea:15:90:83:4c:8f:
e5:9a:82:00:2b:4d:6c:03:69:a2:17:24:8c:c7:c3:
70:c1:2a:c6:83:09:e2:b1:66:5f:be:e7:13:cd:83:
98:cd:19:1a:37:59:2b:f5:3d:a6:6d:d0:0c:8b:8a:
a4:2c:31:a6:78:66:13:f8:08:a3:9a:7e:38:5f:cd:
3d:d6:c8:1b:c3:8d:54:c0:7f:f9:a1:cb:ef:c4:b0:
de:73:84:a9:0b:50:18:60:49:0e:15:c3:bb:ce:df:
c1:d7:ed:cc:bc:9d:3d:87:16:b6:83:d0:e0:2e:bc:
a5:dd:ac:33:f1:e9:b2:3b:49:09:05:46:78:06:50:
5b:28:58:4b:45:27:fb:ae:63:43:18:7e:bb:8d:91:
a7:7c:3c:77:12:c5:a3:de:77:7f:2c:09:27:57:f4:
e1:e4:7a:4a:a6:44:b2:b7:5d:3d:e2:64:bb:25:2e:
34:ad:33:3a:d4:1d:d2:ad:78:26:5c:62:36:45:f3:
37:66:c0:e6:85:26:2e:2d:6d:b9:b9:6d:fe:e0:cf:
e5:8f:2d:17:16:96:77:02:19:b3:4f:c8:9f:92:26:
f5:cb:0c:a8:81:eb:70:c1:15:4b:cb:24:72:cd:83:
f5:cd:dc:3f:54:0c:20:90:7f:6e:e6:b9:d2:d6:d6:
bf:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:30:81:35:10:1E:0E:50:8D:56:F2:78:32:ED:E8:74:B4:B3:6D:4E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.255.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:4b:53:91:81:51:47:67:dc:69:b0:69:9e:55:c4:f8:67:17:
38:7a:57:d0:97:79:e1:23:5a:ae:93:c9:88:f9:a9:ea:c9:37:
64:ae:bc:30:9b:85:06:ac:c3:d5:9d:84:5f:dd:11:ea:90:01:
6a:16:4a:33:3d:0b:97:9c:1c:f7:c4:08:9e:94:b3:6f:28:84:
90:20:6b:a4:0e:f3:ff:6a:a0:53:1f:6e:6f:68:c0:56:e8:0c:
15:dd:93:a8:c1:48:2a:64:03:0d:11:4f:00:d9:96:21:ad:35:
1e:20:9f:56:aa:74:7e:e1:eb:7b:9c:6b:fc:3b:af:77:72:51:
22:e1:89:02:a1:4a:44:ed:a5:7c:6e:e0:78:23:6d:09:50:21:
7b:c5:59:00:b2:b1:de:04:c9:59:b8:21:f0:fc:78:c1:5a:4b:
87:57:5b:fe:db:a3:e5:e4:e8:92:5a:cc:4f:a1:98:04:e1:fc:
da:3a:56:7c:23:9d:f8:d2:da:af:5c:9d:ec:65:ae:f8:30:d1:
ec:34:21:92:81:52:d1:c0:92:61:8b:7b:5a:9e:33:11:f3:ce:
73:c7:03:98:33:c4:ec:05:ff:ce:73:e5:89:c7:fd:6f:8a:05:
1e:5f:75:d1:2b:a3:6b:6d:c0:3b:f3:75:6c:10:26:16:12:f9:
17:63:de:fd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUe4HXr3YWYg/3MZ8NDdDHTMVa3wYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQxMDdaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzYjZlN2FkNGRiZmUyY2E0MmZmOTg3M2UwZjFiNTlmNDU1YmU1ZjBmOWQx
ZTE4MTU5ZmZmMDE0ZWI4MDcyZTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcpz9t1zXab6hWQg0yP5ZqCACtNbANpohckjMfDcMEqxoMJ4rFmX77nE82D
mM0ZGjdZK/U9pm3QDIuKpCwxpnhmE/gIo5p+OF/NPdbIG8ONVMB/+aHL78Sw3nOE
qQtQGGBJDhXDu87fwdftzLydPYcWtoPQ4C68pd2sM/HpsjtJCQVGeAZQWyhYS0Un
+65jQxh+u42Rp3w8dxLFo953fywJJ1f04eR6SqZEsrddPeJkuyUuNK0zOtQd0q14
JlxiNkXzN2bA5oUmLi1tublt/uDP5Y8tFxaWdwIZs0/In5Im9csMqIHrcMEVS8sk
cs2D9c3cP1QMIJB/bua50tbWv6MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQpMIE1
EB4OUI1W8ngy7eh0tLNtTjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjQxZmE5YjctZDczNi00ZDQxLTlmYzItOWZlZGE1YTg3MjQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQ/zAN
BgkqhkiG9w0BAQsFAAOCAQEATktTkYFRR2fcabBpnlXE+GcXOHpX0Jd54SNarpPJ
iPmp6sk3ZK68MJuFBqzD1Z2EX90R6pABahZKMz0Ll5wc98QInpSzbyiEkCBrpA7z
/2qgUx9ub2jAVugMFd2TqMFIKmQDDRFPANmWIa01HiCfVqp0fuHre5xr/Duvd3JR
IuGJAqFKRO2lfG7geCNtCVAhe8VZALKx3gTJWbgh8Px4wVpLh1db/tuj5eToklrM
T6GYBOH82jpWfCOd+NLar1yd7GWu+DDR7DQhkoFS0cCSYYt7Wp4zEfPOc8cDmDPE
7AX/znPlicf9b4oFHl910Suja23AO/N1bBAmFhL5F2Pe/Q==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:28 2025 by rpki-client