Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
File: b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa (raw, json)
Hash identifier: YjuBaY/MUWG2gGkSen7SPa9jc9Hdd9HmoRX+lPGi42I=
Subject key identifier: 84:D7:7D:12:91:00:98:76:64:CA:26:61:3D:34:50:EC:D2:24:F9:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3EEA4ECDCEEA7D1E98449B335E3BBF1FF0D3D9F5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
Signing time: Fri 23 May 2025 00:50:19 +0000
ROA not before: Fri 23 May 2025 00:50:19 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:ea:4e:cd:ce:ea:7d:1e:98:44:9b:33:5e:3b:bf:1f:f0:d3:d9:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:19 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=7658e3b445822bdde35a5971b366c99c5ef09e7986ccdfb0b5ca19db43dcccb0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0a:48:3a:9d:48:52:86:93:0f:ff:14:7e:e6:
60:56:46:96:3e:2c:5a:78:93:b8:7e:68:7a:21:d2:
54:25:84:38:5e:6f:8b:46:44:84:41:a0:67:1e:28:
c1:df:51:ac:6d:34:d2:c7:67:21:7c:9f:a5:7d:9d:
60:0d:a7:fa:35:af:fd:7f:54:ba:c1:82:5e:7a:5d:
c2:5b:07:51:fa:ac:55:d0:be:77:86:20:2b:3d:1c:
1c:8d:dc:26:1a:ab:e7:ed:43:26:de:7d:3f:0b:3b:
54:8b:22:c6:c8:b8:a3:0b:89:64:55:56:08:f9:d1:
74:ab:e1:a7:38:6a:c3:e4:0e:ec:0c:4b:5e:15:06:
fa:cf:08:6b:30:bd:55:eb:72:f5:14:6a:53:34:2f:
41:92:7d:f0:72:0a:4e:9e:b4:05:48:3c:cc:9a:bb:
6c:52:ed:c2:5c:72:15:9d:41:72:4d:94:48:7d:fc:
e0:73:0b:36:e9:a3:57:41:4d:f6:29:55:c5:0d:8a:
48:cc:c4:89:25:62:31:ae:ce:d2:62:e2:3a:ee:24:
13:d7:81:87:f9:91:7e:11:a2:b5:a0:1b:e1:7a:5e:
59:fd:07:0c:ce:cc:19:6c:4e:65:50:0c:cd:9d:e4:
47:34:1a:82:ef:58:2f:c7:5e:ff:ea:47:15:f7:e1:
2a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D7:7D:12:91:00:98:76:64:CA:26:61:3D:34:50:EC:D2:24:F9:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.255.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:6a:7e:dc:3d:3e:35:57:2b:42:1d:84:8a:5b:57:b8:76:48:
9b:e3:2b:cb:8d:54:78:26:56:37:9f:2c:4f:a2:e3:81:22:7e:
95:5d:4c:5c:9b:2c:b2:a6:3d:6f:83:ab:8a:fe:47:2b:ab:e8:
26:9f:39:16:0e:1c:49:86:18:d2:9f:c7:a9:60:24:cd:9a:09:
d1:48:dc:00:84:64:9e:ac:85:24:1a:d2:aa:24:f7:6d:82:44:
6b:b5:51:63:dd:2a:d0:21:86:42:ce:3b:96:d2:28:b9:42:57:
93:f2:7b:7d:94:ea:07:34:c0:e6:4b:16:35:a0:f5:7b:73:96:
aa:b5:c3:36:85:83:16:b8:37:09:a0:49:ae:36:0c:66:4e:2d:
15:46:21:1a:38:d6:13:85:a4:d6:78:e0:d9:ef:76:19:dc:aa:
62:be:29:24:9f:af:c7:5f:b8:99:5c:fc:66:c2:4a:9d:f3:7d:
64:38:3e:09:cd:8e:0c:f0:6b:5f:0f:67:35:29:b2:d8:4b:92:
22:c7:27:9a:19:49:f2:91:a4:4c:0f:92:5b:9a:3b:39:f4:46:
a5:16:ac:a2:eb:6a:85:19:a9:63:93:65:d8:1a:bf:fb:b2:28:
0c:f6:c5:ca:ff:d6:c4:1f:3d:55:87:98:ea:4a:ed:3e:c6:ce:
c5:dd:78:00
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPupOzc7qfR6YRJszXju/H/DT2fUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwMTlaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2NThlM2I0NDU4MjJiZGRlMzVhNTk3MWIzNjZjOTljNWVmMDllNzk4NmNj
ZGZiMGI1Y2ExOWRiNDNkY2NjYjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJMKSDqdSFKGkw//FH7mYFZGlj4sWniTuH5oeiHSVCWEOF5vi0ZEhEGgZx4o
wd9RrG000sdnIXyfpX2dYA2n+jWv/X9UusGCXnpdwlsHUfqsVdC+d4YgKz0cHI3c
Jhqr5+1DJt59Pws7VIsixsi4owuJZFVWCPnRdKvhpzhqw+QO7AxLXhUG+s8IazC9
Vety9RRqUzQvQZJ98HIKTp60BUg8zJq7bFLtwlxyFZ1Bck2USH384HMLNumjV0FN
9ilVxQ2KSMzEiSViMa7O0mLiOu4kE9eBh/mRfhGitaAb4XpeWf0HDM7MGWxOZVAM
zZ3kRzQagu9YL8de/+pHFffhKmECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSE130S
kQCYdmTKJmE9NFDs0iT5JDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjQxZmE5YjctZDczNi00ZDQxLTlmYzItOWZlZGE1YTg3MjQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQ/zAN
BgkqhkiG9w0BAQsFAAOCAQEAfGp+3D0+NVcrQh2EiltXuHZIm+Mry41UeCZWN58s
T6LjgSJ+lV1MXJsssqY9b4Oriv5HK6voJp85Fg4cSYYY0p/HqWAkzZoJ0UjcAIRk
nqyFJBrSqiT3bYJEa7VRY90q0CGGQs47ltIouUJXk/J7fZTqBzTA5ksWNaD1e3OW
qrXDNoWDFrg3CaBJrjYMZk4tFUYhGjjWE4Wk1njg2e92GdyqYr4pJJ+vx1+4mVz8
ZsJKnfN9ZDg+Cc2ODPBrXw9nNSmy2EuSIscnmhlJ8pGkTA+SW5o7OfRGpRasoutq
hRmpY5Nl2Bq/+7IoDPbFyv/WxB89VYeY6krtPsbOxd14AA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:02:12 2025 by rpki-client