Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
File: 41816f61-5ce3-406a-8d78-37c4eafa6915.roa (raw, json)
Hash identifier: Wn4/lX0zS6lQFao84fyRx8MuQqz2aarkJKXg2Gd6D5Y=
Subject key identifier: 39:27:3E:B1:EB:D4:8E:EB:30:16:89:C2:42:27:98:7A:E8:A8:B9:6E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 18370813864AB02076A5299B786BCA606FAA47B7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
Signing time: Mon 16 Jun 2025 21:50:55 +0000
ROA not before: Mon 16 Jun 2025 21:50:55 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:37:08:13:86:4a:b0:20:76:a5:29:9b:78:6b:ca:60:6f:aa:47:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:55 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=0ad5c4b2826217e339bc73a0533260058c99f9158cf32e2a66c1794737dfb5d6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a2:6b:6d:6d:35:4f:43:6b:e6:6f:f1:65:3a:
e0:38:4e:c6:eb:40:6a:4c:1b:1d:7a:83:30:e5:a4:
2e:96:30:af:07:7a:f1:0d:56:0d:10:0f:31:e1:16:
4e:3e:f5:3f:39:4b:f9:b8:46:14:37:f2:79:5e:70:
15:f4:00:b3:8f:a7:67:2d:f0:01:4e:21:60:1f:64:
59:30:4e:cc:98:11:93:06:45:35:0a:45:e8:24:33:
1f:68:16:e3:ca:84:86:c5:d2:a4:c0:2e:24:b1:e4:
df:d5:1f:84:5e:ba:7e:0d:81:5c:fa:48:cd:aa:24:
7b:5f:1a:98:74:72:d2:46:57:6c:80:96:1a:ea:6e:
ac:ea:96:f9:87:70:10:0c:8f:9b:c4:a5:dd:dd:0c:
fa:97:3b:04:62:08:40:bf:04:d1:c2:df:f5:6d:c3:
b8:b9:24:e6:06:ed:22:d0:aa:f1:78:85:51:b3:62:
5f:5d:86:1f:19:46:e6:9a:72:24:88:7a:2e:71:7b:
f8:cb:4c:e8:24:68:04:29:e7:f7:8f:4c:37:89:cf:
60:ae:2c:3c:1d:f4:ef:10:d1:71:13:d9:65:0f:67:
a3:c9:58:0b:fa:ca:7a:73:27:5b:28:d5:41:74:cf:
bc:31:4d:8a:87:33:d7:fc:70:17:24:26:7a:fa:96:
45:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:27:3E:B1:EB:D4:8E:EB:30:16:89:C2:42:27:98:7A:E8:A8:B9:6E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.32.0/19
Signature Algorithm: sha256WithRSAEncryption
ca:b7:27:6c:84:e1:16:d7:d3:a0:5d:d5:6d:23:fa:85:5d:23:
d1:cd:2a:9a:47:a8:d9:22:55:e8:91:ea:4f:50:a3:29:b2:b1:
60:c9:1d:4f:0d:76:ab:ab:cd:57:07:59:4f:bb:86:b4:64:03:
80:25:51:8a:9a:19:05:77:97:96:40:c1:f2:3f:85:d9:de:c0:
50:66:f3:88:b4:52:3c:a9:54:37:99:f0:75:dd:f9:38:cf:3b:
0f:50:f7:06:9d:73:52:a2:c5:22:3a:54:17:e1:08:c8:f1:25:
2a:d5:28:ed:ca:ce:03:98:67:66:08:85:cc:8f:e0:53:80:d2:
49:10:41:e7:f9:62:8e:9d:c2:2b:e2:5c:0f:6d:30:d3:0d:d7:
63:bc:8b:d0:0f:33:d6:7e:99:d1:15:c3:af:b5:5b:60:25:1f:
b3:1f:89:6a:eb:d6:68:65:c6:d0:2a:53:a4:89:36:1b:81:25:
ec:6e:3b:fe:4c:dd:32:82:ae:be:6d:75:23:15:30:41:79:f1:
19:1a:cc:4c:bb:ee:5c:6c:d5:9c:53:ea:38:0c:0b:2e:70:19:
4a:ea:d8:c2:31:64:e0:0a:9e:10:6d:d2:c1:c2:77:ef:d3:5e:
93:ec:55:c1:d9:5f:bd:51:97:c0:f7:77:60:a7:5a:de:f6:44:
57:c5:35:87
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGDcIE4ZKsCB2pSmbeGvKYG+qR7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwNTVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhZDVjNGIyODI2MjE3ZTMzOWJjNzNhMDUzMzI2MDA1OGM5OWY5MTU4Y2Yz
MmUyYTY2YzE3OTQ3MzdkZmI1ZDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6ia21tNU9Da+Zv8WU64DhOxutAakwbHXqDMOWkLpYwrwd68Q1WDRAPMeEW
Tj71PzlL+bhGFDfyeV5wFfQAs4+nZy3wAU4hYB9kWTBOzJgRkwZFNQpF6CQzH2gW
48qEhsXSpMAuJLHk39UfhF66fg2BXPpIzaoke18amHRy0kZXbICWGupurOqW+Ydw
EAyPm8Sl3d0M+pc7BGIIQL8E0cLf9W3DuLkk5gbtItCq8XiFUbNiX12GHxlG5ppy
JIh6LnF7+MtM6CRoBCnn949MN4nPYK4sPB307xDRcRPZZQ9no8lYC/rKenMnWyjV
QXTPvDFNiocz1/xwFyQmevqWRZUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ5Jz6x
69SO6zAWicJCJ5h66Ki5bjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE4MTZmNjEtNWNlMy00MDZhLThkNzgtMzdjNGVhZmE2OTE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAyrcnbIThFtfToF3VbSP6hV0j0c0qmkeo2SJV6JHq
T1CjKbKxYMkdTw12q6vNVwdZT7uGtGQDgCVRipoZBXeXlkDB8j+F2d7AUGbziLRS
PKlUN5nwdd35OM87D1D3Bp1zUqLFIjpUF+EIyPElKtUo7crOA5hnZgiFzI/gU4DS
SRBB5/lijp3CK+JcD20w0w3XY7yL0A8z1n6Z0RXDr7VbYCUfsx+JauvWaGXG0CpT
pIk2G4El7G47/kzdMoKuvm11IxUwQXnxGRrMTLvuXGzVnFPqOAwLLnAZSurYwjFk
4AqeEG3SwcJ379Nek+xVwdlfvVGXwPd3YKda3vZEV8U1hw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:17:21 2025 by rpki-client