Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
File: b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa (raw, json)
Hash identifier: tNRDvfo/ySezN06fjLymvK8a885CzvJwlOO0Qb/DxJU=
Subject key identifier: 25:37:C6:42:3D:DF:4E:8D:F5:ED:C9:4B:64:EF:3F:E8:CB:72:71:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3EFFDABDC244CB8ABA89DB5A0C24BA89CDA1E2CA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
Signing time: Wed 22 Oct 2025 00:50:18 +0000
ROA not before: Wed 22 Oct 2025 00:50:18 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:ff:da:bd:c2:44:cb:8a:ba:89:db:5a:0c:24:ba:89:cd:a1:e2:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:50:18 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=89c3c40f086489bf66edbeb233a3e8fb5624b1c5e13d4138f82865cd85930e8a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:ca:a3:74:33:c1:9d:b3:ef:cc:03:e5:2e:
9e:f7:c4:33:47:f5:07:f1:96:6d:7d:40:8e:cf:7b:
79:7d:67:82:3d:96:b9:77:2a:58:ae:6c:ab:b8:35:
a3:8a:05:37:16:29:b4:c1:fb:7f:17:bf:9d:08:ea:
7a:2a:b9:84:be:7c:a4:68:53:87:c6:b1:e9:52:18:
27:95:32:41:80:57:9d:42:97:4c:dc:74:c9:0f:18:
ad:0e:b7:b2:a4:f3:79:3c:e3:7a:de:0c:27:10:0a:
06:40:58:96:6c:88:5d:d7:6b:84:53:49:3b:28:5c:
98:d9:11:62:9b:4f:57:47:4a:50:f2:28:f8:8a:6f:
58:c5:d2:5f:8b:d2:09:02:d2:27:66:dd:4a:cb:5f:
0f:0b:9b:19:44:8e:41:a7:9b:2d:db:cc:60:e9:28:
d3:a5:24:28:43:4d:67:43:78:c8:92:0a:8a:5e:08:
8a:d3:75:e1:a8:25:8d:e5:b1:a8:f8:14:e4:81:38:
99:e3:4a:7d:6a:29:b6:94:b2:04:91:e9:c5:89:31:
d8:74:69:c0:d9:46:6b:ea:5c:91:56:b4:af:67:83:
ca:e6:f5:e3:30:2e:30:50:b0:78:7b:d1:45:9b:b1:
69:fb:cd:4b:b6:13:83:02:5f:ce:a0:e2:89:4c:a7:
25:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:37:C6:42:3D:DF:4E:8D:F5:ED:C9:4B:64:EF:3F:E8:CB:72:71:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.255.0/24
Signature Algorithm: sha256WithRSAEncryption
89:3a:dd:2f:af:e1:39:1d:6f:f6:dd:19:74:a1:06:62:d6:ee:
1d:3b:b1:54:8a:85:b9:0c:a7:e9:da:ec:6c:d9:e4:42:4e:a6:
df:8f:cf:95:4e:ce:da:0b:91:54:97:e9:65:9e:45:d6:a3:e8:
13:a4:bd:ec:18:b1:5b:09:26:71:e8:ad:dd:e8:2d:5a:b7:99:
ca:83:1c:5d:bd:86:23:14:46:fb:28:5b:9c:dd:8f:e7:ed:92:
4f:d3:34:34:71:57:33:6b:dc:10:47:68:70:fc:a3:38:6b:79:
f9:4f:55:bf:96:21:86:d1:f7:cb:07:84:ae:4a:41:23:76:c4:
be:48:48:8b:e6:a3:3d:15:a7:6c:61:5f:fd:84:95:a7:1e:e0:
8e:22:5b:23:e1:57:64:16:a2:f0:97:93:3d:c2:0a:2f:ef:ff:
f4:35:f2:80:59:22:2f:eb:79:11:24:c5:3d:91:55:28:1b:14:
d7:d8:a3:9e:9b:47:b3:8e:71:b1:69:12:61:13:88:63:4b:93:
d8:f0:10:8a:fc:c2:70:3f:c5:77:48:b3:e8:1d:94:3a:a6:c5:
4c:86:62:42:70:73:08:ab:5b:5c:8e:f7:9a:f5:9e:64:30:e1:
da:a2:66:43:24:f4:6b:de:30:c2:b5:75:74:b9:9e:26:2a:2c:
5a:21:27:e1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPv/avcJEy4q6idtaDCS6ic2h4sowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjIwMDUwMThaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5YzNjNDBmMDg2NDg5YmY2NmVkYmViMjMzYTNlOGZiNTYyNGIxYzVlMTNk
NDEzOGY4Mjg2NWNkODU5MzBlOGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXByqN0M8Gds+/MA+UunvfEM0f1B/GWbX1Ajs97eX1ngj2WuXcqWK5sq7g1
o4oFNxYptMH7fxe/nQjqeiq5hL58pGhTh8ax6VIYJ5UyQYBXnUKXTNx0yQ8YrQ63
sqTzeTzjet4MJxAKBkBYlmyIXddrhFNJOyhcmNkRYptPV0dKUPIo+IpvWMXSX4vS
CQLSJ2bdSstfDwubGUSOQaebLdvMYOko06UkKENNZ0N4yJIKil4IitN14agljeWx
qPgU5IE4meNKfWoptpSyBJHpxYkx2HRpwNlGa+pckVa0r2eDyub14zAuMFCweHvR
RZuxafvNS7YTgwJfzqDiiUynJbkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQlN8ZC
Pd9OjfXtyUtk7z/oy3JxvDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjQxZmE5YjctZDczNi00ZDQxLTlmYzItOWZlZGE1YTg3MjQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQ/zAN
BgkqhkiG9w0BAQsFAAOCAQEAiTrdL6/hOR1v9t0ZdKEGYtbuHTuxVIqFuQyn6drs
bNnkQk6m34/PlU7O2guRVJfpZZ5F1qPoE6S97BixWwkmceit3egtWreZyoMcXb2G
IxRG+yhbnN2P5+2ST9M0NHFXM2vcEEdocPyjOGt5+U9Vv5YhhtH3yweErkpBI3bE
vkhIi+ajPRWnbGFf/YSVpx7gjiJbI+FXZBai8JeTPcIKL+//9DXygFkiL+t5ESTF
PZFVKBsU19ijnptHs45xsWkSYROIY0uT2PAQivzCcD/Fd0iz6B2UOqbFTIZiQnBz
CKtbXI73mvWeZDDh2qJmQyT0a94wwrV1dLmeJiosWiEn4Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:58:37 2025 by rpki-client