Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
File: b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa (raw, json)
Hash identifier: Y1KKlhA3WHKaXeRHH+7PNlSEXQhqN9aQLTuCMNpRdpk=
Subject key identifier: 8D:FD:85:9A:6E:6F:11:18:CF:EC:76:63:D1:68:09:4F:F8:63:55:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 30764DB67427520041C37601D8807488A6AD01E9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
Signing time: Tue 17 Jun 2025 00:51:08 +0000
ROA not before: Tue 17 Jun 2025 00:51:08 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:76:4d:b6:74:27:52:00:41:c3:76:01:d8:80:74:88:a6:ad:01:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:51:08 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=fd8b3918ec65b39220756aa40514bb0f740610383a65e77f00a8483d8e3d5eb2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:43:d4:51:6f:54:a0:18:c8:c2:5f:f2:7e:f0:
e5:90:6d:f5:e1:7b:b8:45:f7:18:c9:12:1f:b7:0e:
7b:34:11:fd:69:a1:35:1e:6d:08:f9:0a:3a:68:19:
04:ef:f3:f0:12:bf:9d:1f:32:3b:32:ec:42:cf:ed:
ff:af:63:00:b7:96:98:b3:e6:a2:0b:60:3b:0c:4b:
e4:78:d7:09:77:76:47:86:06:46:55:cc:f5:49:ba:
c0:f9:31:d6:cd:0f:31:02:5e:e5:72:28:05:41:1e:
90:27:99:54:d4:30:22:d1:13:55:fb:56:c1:f3:22:
3b:f4:32:bb:c3:c2:7e:77:27:ff:8f:6f:40:68:b3:
27:af:60:71:cd:ac:47:cc:a4:9a:27:84:32:38:c1:
68:b5:ac:b3:b2:da:3a:69:4b:6f:54:a4:fa:07:90:
67:af:28:ad:0f:1b:64:81:49:5f:29:dc:d9:82:a4:
31:8f:4d:62:c3:53:10:cc:88:98:58:e1:20:f1:9a:
23:6d:cf:7f:8e:be:f6:6c:0f:69:00:27:7b:70:ef:
88:68:46:cd:1f:d7:08:b0:b2:ec:1d:0b:eb:c2:99:
56:62:cf:5f:79:9e:eb:a3:99:37:2a:6e:0e:83:da:
b1:33:dd:35:82:00:20:fe:2e:e3:5f:4d:bd:19:96:
3b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FD:85:9A:6E:6F:11:18:CF:EC:76:63:D1:68:09:4F:F8:63:55:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.255.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:32:d2:f8:fb:fa:76:44:52:97:81:9a:13:20:e8:07:74:7c:
05:9c:b2:6e:34:77:2a:8e:1d:ea:ac:a0:06:a6:a7:02:50:75:
e1:c9:12:42:e8:71:bc:8d:f9:b9:9c:e7:1f:b0:fa:75:34:43:
33:47:1b:05:c4:e6:ca:81:33:37:ed:fa:94:6e:e9:f0:ed:0c:
b6:04:a3:b4:e5:8b:96:e0:ec:9f:d5:81:30:4d:eb:ad:0e:6e:
1e:33:e1:42:fd:35:8c:94:9b:50:e1:c4:7d:23:61:56:cf:12:
ba:f8:e7:82:9d:36:49:68:fd:5c:35:bb:0e:cb:8b:4b:9a:36:
70:37:0c:e9:d1:4a:1a:80:b9:0f:ea:e5:8b:01:48:97:94:99:
37:0e:c4:56:01:c1:3e:10:6c:d9:ec:84:91:3b:a5:2b:55:3c:
df:dd:6f:68:dd:d3:df:e9:91:f8:32:17:b2:3c:6d:6c:7b:21:
9b:ff:f2:13:d5:84:06:fb:ce:dc:53:d4:65:3f:06:4d:9c:b7:
a0:1d:47:bd:03:6d:d3:30:21:43:63:a8:cf:7a:f2:8b:a1:9d:
31:d5:5a:14:65:26:e9:1a:58:ee:1e:4d:b9:df:a8:5a:60:dc:
2b:a6:90:a5:60:ef:64:f6:5d:da:5f:f8:a6:c7:3c:ea:22:1c:
8a:62:1d:76
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMHZNtnQnUgBBw3YB2IB0iKatAekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUxMDhaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkOGIzOTE4ZWM2NWIzOTIyMDc1NmFhNDA1MTRiYjBmNzQwNjEwMzgzYTY1
ZTc3ZjAwYTg0ODNkOGUzZDVlYjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANhD1FFvVKAYyMJf8n7w5ZBt9eF7uEX3GMkSH7cOezQR/WmhNR5tCPkKOmgZ
BO/z8BK/nR8yOzLsQs/t/69jALeWmLPmogtgOwxL5HjXCXd2R4YGRlXM9Um6wPkx
1s0PMQJe5XIoBUEekCeZVNQwItETVftWwfMiO/Qyu8PCfncn/49vQGizJ69gcc2s
R8ykmieEMjjBaLWss7LaOmlLb1Sk+geQZ68orQ8bZIFJXync2YKkMY9NYsNTEMyI
mFjhIPGaI23Pf46+9mwPaQAne3DviGhGzR/XCLCy7B0L68KZVmLPX3me66OZNypu
DoPasTPdNYIAIP4u419NvRmWOxkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSN/YWa
bm8RGM/sdmPRaAlP+GNVMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjQxZmE5YjctZDczNi00ZDQxLTlmYzItOWZlZGE1YTg3MjQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQ/zAN
BgkqhkiG9w0BAQsFAAOCAQEAwTLS+Pv6dkRSl4GaEyDoB3R8BZyybjR3Ko4d6qyg
BqanAlB14ckSQuhxvI35uZznH7D6dTRDM0cbBcTmyoEzN+36lG7p8O0MtgSjtOWL
luDsn9WBME3rrQ5uHjPhQv01jJSbUOHEfSNhVs8Suvjngp02SWj9XDW7DsuLS5o2
cDcM6dFKGoC5D+rliwFIl5SZNw7EVgHBPhBs2eyEkTulK1U8391vaN3T3+mR+DIX
sjxtbHshm//yE9WEBvvO3FPUZT8GTZy3oB1HvQNt0zAhQ2Ooz3ryi6GdMdVaFGUm
6RpY7h5Nud+oWmDcK6aQpWDvZPZd2l/4psc86iIcimIddg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:27:26 2025 by rpki-client