Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
File: b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa (raw, json)
Hash identifier: u5MdSe0hTxqTOQFF0FDnF94xgSStgFWkiAi/0ZfAStI=
Subject key identifier: 19:54:BA:EA:7F:08:38:6C:0A:F0:7F:FA:05:F3:60:2E:09:25:4D:FA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1B77C11C7B5EC4EFBF24E5F6F9DD1B1B1CDFCE27
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
Signing time: Mon 14 Jul 2025 15:30:50 +0000
ROA not before: Mon 14 Jul 2025 15:30:50 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:77:c1:1c:7b:5e:c4:ef:bf:24:e5:f6:f9:dd:1b:1b:1c:df:ce:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:30:50 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=e0b4bbdd8ddff90755f3936ee7d5b9520556adcd43799d7ddc748b1a41925e6c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4b:39:1e:21:40:25:45:50:4a:84:ba:cc:e6:
0b:62:95:2e:2b:d7:4c:0a:c4:75:53:ba:a6:c5:c9:
7c:da:25:59:13:08:31:10:b3:fd:3e:ed:5b:6c:a4:
ee:38:02:cf:40:26:ef:d4:16:3c:e6:ee:c3:ed:92:
1f:ef:17:99:c1:4a:cc:08:e3:bf:59:e8:ca:02:0b:
d1:f0:56:d3:0b:31:5c:a1:40:dc:35:8f:7c:d3:0a:
17:a6:ff:23:61:c2:bc:63:23:b8:ae:20:1b:3d:ca:
4a:9d:e8:4b:c3:fa:1e:a1:72:54:6c:d4:14:cb:e5:
3f:b8:5f:9e:5a:a3:21:74:9c:a6:06:2f:19:1b:f3:
a3:04:b4:89:3f:fc:78:89:ff:8c:b2:96:ed:72:ce:
25:50:ac:9c:cb:cd:37:69:32:f4:91:83:95:fc:80:
fc:23:84:22:1a:9c:33:72:4f:a9:07:3f:54:6f:db:
56:76:1c:bc:8f:9b:96:72:af:99:36:98:3e:02:cf:
c8:4a:27:45:c4:1b:3c:a9:2d:7a:1f:23:a9:18:1f:
53:c1:c7:d8:f2:35:ba:7b:23:2f:5f:7f:f1:a9:9c:
20:5d:be:a8:20:13:34:d7:64:a3:24:0d:0e:12:13:
f3:3e:59:af:fc:81:2e:1d:bf:53:f4:31:d7:f6:0d:
d1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:54:BA:EA:7F:08:38:6C:0A:F0:7F:FA:05:F3:60:2E:09:25:4D:FA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.255.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:1d:72:db:53:5f:6b:29:a0:c5:5f:31:f3:90:4e:3b:7a:85:
38:7d:54:96:66:75:bc:a9:62:32:e8:e2:1e:a8:b8:68:40:4c:
40:30:7d:09:d5:f9:36:d3:73:05:63:2f:2e:27:89:fc:d6:fa:
fc:a8:04:72:4a:83:d9:41:60:ff:7f:f6:81:8b:a0:c3:05:f2:
4b:6c:43:22:e7:b9:83:95:3d:79:47:40:76:0d:52:e3:c1:aa:
6c:2d:dc:b5:09:43:92:ca:8c:18:c9:b6:f7:32:dc:5e:0d:62:
a3:5e:06:87:ca:21:dd:d6:53:05:6c:96:cb:97:8c:b5:d2:ef:
df:eb:06:72:18:3d:c0:e4:1c:a0:64:2d:9b:90:ee:bc:86:60:
90:9c:03:4e:eb:1d:66:fa:0a:50:24:06:9b:fd:17:e5:9b:79:
c3:a1:74:80:6d:b1:f9:1f:4c:ee:5e:b4:62:4c:f9:4e:7e:16:
52:44:5b:c6:6f:8d:3d:3f:a7:53:f9:00:26:23:4d:29:f5:77:
32:b3:f7:4e:62:fc:40:8b:b3:2d:6f:a1:73:09:83:57:c1:df:
12:4c:c4:4d:5b:23:02:0d:17:8c:66:2a:e1:da:e7:8e:18:b5:
65:5f:79:82:c7:9a:30:5a:81:b7:cb:3d:53:6e:48:c1:90:1e:
1b:a1:53:68
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUG3fBHHtexO+/JOX2+d0bGxzfzicwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTMwNTBaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwYjRiYmRkOGRkZmY5MDc1NWYzOTM2ZWU3ZDViOTUyMDU1NmFkY2Q0Mzc5
OWQ3ZGRjNzQ4YjFhNDE5MjVlNmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZLOR4hQCVFUEqEuszmC2KVLivXTArEdVO6psXJfNolWRMIMRCz/T7tW2yk
7jgCz0Am79QWPObuw+2SH+8XmcFKzAjjv1noygIL0fBW0wsxXKFA3DWPfNMKF6b/
I2HCvGMjuK4gGz3KSp3oS8P6HqFyVGzUFMvlP7hfnlqjIXScpgYvGRvzowS0iT/8
eIn/jLKW7XLOJVCsnMvNN2ky9JGDlfyA/COEIhqcM3JPqQc/VG/bVnYcvI+blnKv
mTaYPgLPyEonRcQbPKkteh8jqRgfU8HH2PI1unsjL19/8amcIF2+qCATNNdkoyQN
DhIT8z5Zr/yBLh2/U/Qx1/YN0eECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQZVLrq
fwg4bArwf/oF82AuCSVN+jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjQxZmE5YjctZDczNi00ZDQxLTlmYzItOWZlZGE1YTg3MjQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQ/zAN
BgkqhkiG9w0BAQsFAAOCAQEA1x1y21NfaymgxV8x85BOO3qFOH1UlmZ1vKliMuji
Hqi4aEBMQDB9CdX5NtNzBWMvLieJ/Nb6/KgEckqD2UFg/3/2gYugwwXyS2xDIue5
g5U9eUdAdg1S48GqbC3ctQlDksqMGMm29zLcXg1io14Gh8oh3dZTBWyWy5eMtdLv
3+sGchg9wOQcoGQtm5DuvIZgkJwDTusdZvoKUCQGm/0X5Zt5w6F0gG2x+R9M7l60
Ykz5Tn4WUkRbxm+NPT+nU/kAJiNNKfV3MrP3TmL8QIuzLW+hcwmDV8HfEkzETVsj
Ag0XjGYq4drnjhi1ZV95gseaMFqBt8s9U25IwZAeG6FTaA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:47:51 2025 by rpki-client