Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
File: b1f2e92a-59bb-45af-9b7f-630a07248560.roa (raw, json)
Hash identifier: fuua8p0yLW8nqbD2hUCHF+Azn1vTijOms4BKKiHLr9w=
Subject key identifier: 1B:1C:66:63:3D:68:04:DF:B7:0B:5C:29:50:10:D6:E1:FC:AE:10:E7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 587B7BB9B1B44674AB29A7ED6497FBFCEF889EE3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
Signing time: Mon 21 Jul 2025 17:00:48 +0000
ROA not before: Mon 21 Jul 2025 17:00:48 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:7b:7b:b9:b1:b4:46:74:ab:29:a7:ed:64:97:fb:fc:ef:88:9e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:48 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=9b7c98c001dabc733dd8eab6c427843864c02e5b3e748eef81e004697ba3941b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:81:44:5d:9e:95:11:ea:ae:8c:f5:5d:14:a9:
c9:f7:62:62:78:cb:6f:d5:22:11:40:d1:b4:1e:73:
9b:1d:d0:1b:fc:1e:03:a3:62:6d:42:b4:32:0e:be:
b9:73:db:30:92:78:b1:24:13:ff:16:6c:f0:73:62:
fc:85:10:03:df:69:96:e0:73:cb:d4:df:31:75:52:
7b:cb:05:88:99:7d:a2:a6:db:10:2a:92:6c:97:ef:
10:84:49:f0:5b:13:0f:5d:15:2a:10:48:5f:68:b9:
f7:6b:7a:20:3d:2b:0f:d5:70:f3:b9:e6:8c:48:44:
99:b4:ec:24:2f:44:81:d7:03:6e:80:5d:0e:05:10:
96:2c:47:12:79:75:69:6d:7b:d3:ad:23:e4:b1:3e:
a6:6e:66:8d:48:b6:00:46:bc:f6:c0:99:13:38:2a:
38:20:a0:4e:7c:1d:d9:2f:ab:89:ed:41:27:fd:02:
0b:f4:e1:1a:52:69:2d:1d:45:c3:c8:c3:97:95:d6:
66:0a:a4:e0:0a:24:66:bc:dc:2b:1c:23:88:c0:23:
fb:a7:a2:0b:f3:8f:91:6e:0d:17:7e:18:a4:d7:59:
b4:99:a4:f0:8c:cc:bc:07:a7:1d:13:d0:d5:0d:2b:
5e:dc:ba:0f:01:74:3e:d7:86:4e:b1:6f:ab:01:86:
56:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:1C:66:63:3D:68:04:DF:B7:0B:5C:29:50:10:D6:E1:FC:AE:10:E7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:63:ab:8f:f4:0e:b2:d9:92:47:06:d6:9e:f8:31:70:ef:b9:
15:ca:3a:e9:76:b0:e8:a2:8e:9a:06:be:e8:78:48:42:6e:79:
47:e7:9c:b6:b4:64:31:06:3a:e3:68:db:02:a2:45:00:9b:54:
8e:af:55:fd:56:77:fb:3c:8e:50:0c:3f:ea:09:39:82:71:b4:
ea:ea:b6:06:c3:22:5b:00:69:dd:86:a0:4d:a8:21:40:09:ab:
9f:0b:16:b5:d4:27:79:11:2a:e7:81:c4:0a:35:a7:16:43:b2:
5f:03:be:11:9a:d6:15:f7:e1:54:c3:c2:19:c5:6a:e1:2c:0b:
d3:d7:8a:54:5e:94:cb:39:62:57:1d:62:c8:a6:8b:9b:62:76:
95:ad:dc:85:68:80:50:21:68:8e:8b:99:35:84:4a:13:08:36:
c5:fe:20:2b:f4:7f:91:91:12:b8:e0:1a:25:99:9f:f6:2b:2e:
f3:e6:b0:9e:bf:4e:fd:54:d3:93:c5:22:c7:52:19:7c:b9:91:
e3:83:96:40:0f:a0:e6:88:68:52:b2:51:0f:61:5f:40:88:b5:
42:45:c8:ff:ed:7a:75:31:11:ae:79:b8:b6:1f:36:01:85:8f:
54:2e:4b:55:7d:72:14:24:b5:63:15:b5:cb:93:05:96:f6:98:
8f:37:95:6c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWHt7ubG0RnSrKaftZJf7/O+InuMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNDhaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDliN2M5OGMwMDFkYWJjNzMzZGQ4ZWFiNmM0Mjc4NDM4NjRjMDJlNWIzZTc0
OGVlZjgxZTAwNDY5N2JhMzk0MWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2BRF2elRHqroz1XRSpyfdiYnjLb9UiEUDRtB5zmx3QG/weA6NibUK0Mg6+
uXPbMJJ4sSQT/xZs8HNi/IUQA99pluBzy9TfMXVSe8sFiJl9oqbbECqSbJfvEIRJ
8FsTD10VKhBIX2i592t6ID0rD9Vw87nmjEhEmbTsJC9EgdcDboBdDgUQlixHEnl1
aW17060j5LE+pm5mjUi2AEa89sCZEzgqOCCgTnwd2S+rie1BJ/0CC/ThGlJpLR1F
w8jDl5XWZgqk4AokZrzcKxwjiMAj+6eiC/OPkW4NF34YpNdZtJmk8IzMvAenHRPQ
1Q0rXty6DwF0PteGTrFvqwGGVhsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQbHGZj
PWgE37cLXClQENbh/K4Q5zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmMmU5MmEtNTliYi00NWFmLTliN2YtNjMwYTA3MjQ4NTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQCMY6uP9A6y2ZJHBtae+DFw77kVyjrpdrDooo6aBr7o
eEhCbnlH55y2tGQxBjrjaNsCokUAm1SOr1X9Vnf7PI5QDD/qCTmCcbTq6rYGwyJb
AGndhqBNqCFACaufCxa11Cd5ESrngcQKNacWQ7JfA74RmtYV9+FUw8IZxWrhLAvT
14pUXpTLOWJXHWLIpoubYnaVrdyFaIBQIWiOi5k1hEoTCDbF/iAr9H+RkRK44Bol
mZ/2Ky7z5rCev079VNOTxSLHUhl8uZHjg5ZAD6DmiGhSslEPYV9AiLVCRcj/7Xp1
MRGuebi2HzYBhY9ULktVfXIUJLVjFbXLkwWW9piPN5Vs
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:37:32 2025 by rpki-client