Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
File: aa15a3a6-022f-41a6-9a60-2175164bb741.roa (raw, json)
Hash identifier: GWE53Pz5ClGowwph9OQWDeC950JlJ7CUTx6nGHqRs6A=
Subject key identifier: 4E:ED:4B:FB:59:D3:75:1D:C2:F1:61:D0:2C:AD:D8:46:0A:97:4E:58
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7BC7880C78C9417A5BF009A9993DECF98E8E2E58
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
Signing time: Mon 14 Jul 2025 15:30:50 +0000
ROA not before: Mon 14 Jul 2025 15:30:50 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:c7:88:0c:78:c9:41:7a:5b:f0:09:a9:99:3d:ec:f9:8e:8e:2e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:30:50 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=eddd0654b4734c2431b76932d48d2c2f6f77b556d42d540372c825be0a8626a4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a5:e1:83:05:51:45:ed:7a:66:e4:aa:c8:16:
1e:dd:e0:c0:78:0e:a5:3b:25:aa:cd:b6:31:b9:47:
5c:8b:6b:fb:8a:9b:4f:a2:76:43:b5:cd:c7:f7:8c:
1d:31:37:ef:34:5f:d7:a6:e9:a7:09:9e:83:fc:10:
3b:39:c3:70:ca:e9:00:e7:0d:cd:50:f1:7c:5d:3e:
7d:de:4c:57:a7:a2:f6:be:a7:1b:96:4e:57:2d:b7:
27:f1:9e:d4:48:03:6d:e8:9c:93:88:5e:b3:73:81:
99:f1:97:d0:e2:88:bd:f3:b6:26:bf:21:12:7d:9c:
91:4e:b7:d3:f0:ac:a3:10:7b:41:28:2f:78:dd:a2:
d9:5b:f2:ce:29:4c:94:20:c8:b1:c4:bb:37:a1:76:
84:3d:74:49:a4:77:97:ab:e0:46:e3:b7:4e:8b:54:
77:b0:3a:94:62:4c:3b:14:03:df:1f:eb:b6:d6:96:
13:0d:b8:9f:a4:ca:aa:e6:15:5b:a6:ab:62:46:23:
23:38:47:0a:60:34:20:e4:5a:14:16:0f:07:d9:49:
76:99:f9:b5:f3:de:fd:d5:18:ee:c1:cd:a1:22:2b:
e3:0d:7a:34:40:22:d0:65:09:27:51:e9:96:24:0f:
38:8f:9f:7a:fb:44:53:51:1c:13:f7:ea:ed:dc:37:
3d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:ED:4B:FB:59:D3:75:1D:C2:F1:61:D0:2C:AD:D8:46:0A:97:4E:58
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.204.0/24
Signature Algorithm: sha256WithRSAEncryption
49:ab:1d:18:73:99:53:21:d3:40:43:2f:d9:0a:a8:87:d0:2d:
4d:e9:cc:6f:6f:41:8c:a5:cd:f3:5a:37:21:80:b3:bf:65:45:
d5:95:5b:d3:7d:77:d9:42:a0:59:d2:4f:89:2c:70:a2:45:ff:
8c:e8:cb:3d:31:2d:ad:35:d8:b6:2b:a0:f0:a6:9a:2b:88:40:
f4:30:ed:ef:5a:64:46:f6:70:ad:5b:84:1b:9f:e3:1b:18:ce:
8e:5d:50:1c:a3:b4:27:1c:e1:4d:81:d9:88:8f:e1:ef:92:6e:
6b:7e:68:b0:9c:cd:b4:bc:89:7d:c2:9e:c0:63:5d:a4:c3:e9:
54:4c:b5:1b:32:c7:f4:20:71:09:77:af:7c:45:2b:e2:9b:cd:
13:2b:4a:db:92:2f:0c:5d:71:2a:b0:51:b7:a7:7f:97:39:06:
98:9a:3c:94:87:6f:c9:2b:52:71:fb:71:52:fd:6c:34:dd:3b:
0c:a5:a0:a1:86:bc:c1:20:50:5f:c8:21:cc:2d:29:a7:e4:c1:
8c:22:db:67:7a:3b:f3:7c:e4:17:30:0c:0a:b1:d3:65:30:0e:
86:73:19:8a:e9:f5:0d:f4:f8:c8:a2:54:0a:ae:79:f8:c4:53:
09:d4:0a:af:65:ab:2e:2a:62:85:ec:b2:f2:a2:01:a6:9e:71:
20:c0:0a:a1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUe8eIDHjJQXpb8AmpmT3s+Y6OLlgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTMwNTBaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkZGQwNjU0YjQ3MzRjMjQzMWI3NjkzMmQ0OGQyYzJmNmY3N2I1NTZkNDJk
NTQwMzcyYzgyNWJlMGE4NjI2YTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGl4YMFUUXtembkqsgWHt3gwHgOpTslqs22MblHXItr+4qbT6J2Q7XNx/eM
HTE37zRf16bppwmeg/wQOznDcMrpAOcNzVDxfF0+fd5MV6ei9r6nG5ZOVy23J/Ge
1EgDbeick4hes3OBmfGX0OKIvfO2Jr8hEn2ckU630/CsoxB7QSgveN2i2VvyzilM
lCDIscS7N6F2hD10SaR3l6vgRuO3TotUd7A6lGJMOxQD3x/rttaWEw24n6TKquYV
W6arYkYjIzhHCmA0IORaFBYPB9lJdpn5tfPe/dUY7sHNoSIr4w16NEAi0GUJJ1Hp
liQPOI+fevtEU1EcE/fq7dw3PTECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRO7Uv7
WdN1HcLxYdAsrdhGCpdOWDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWExNWEzYTYtMDIyZi00MWE2LTlhNjAtMjE3NTE2NGJiNzQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzDAN
BgkqhkiG9w0BAQsFAAOCAQEASasdGHOZUyHTQEMv2Qqoh9AtTenMb29BjKXN81o3
IYCzv2VF1ZVb03132UKgWdJPiSxwokX/jOjLPTEtrTXYtiug8KaaK4hA9DDt71pk
RvZwrVuEG5/jGxjOjl1QHKO0JxzhTYHZiI/h75Jua35osJzNtLyJfcKewGNdpMPp
VEy1GzLH9CBxCXevfEUr4pvNEytK25IvDF1xKrBRt6d/lzkGmJo8lIdvyStScftx
Uv1sNN07DKWgoYa8wSBQX8ghzC0pp+TBjCLbZ3o783zkFzAMCrHTZTAOhnMZiun1
DfT4yKJUCq55+MRTCdQKr2WrLipiheyy8qIBpp5xIMAKoQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:40:34 2025 by rpki-client