
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
File: c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa (raw, json)
Hash identifier: c30mE1hEWEux0kLj5VKbAwB3GHOMtxk4peF2oc943yA=
Subject key identifier: 3D:AE:6B:7B:D3:DE:78:AB:67:A5:48:CC:71:10:8D:33:8D:A8:29:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6388DBB13E3C4CFCBB057EC3D37BA5297A7AFEB6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
Signing time: Mon 14 Jul 2025 15:40:05 +0000
ROA not before: Mon 14 Jul 2025 15:40:05 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:88:db:b1:3e:3c:4c:fc:bb:05:7e:c3:d3:7b:a5:29:7a:7a:fe:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:05 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=b4df3eee139f82ba085655c6ed4afea825a174997b3bbf0d04eff63aabe30d74, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:38:7d:7c:21:1c:6d:aa:58:ec:fb:1e:07:96:
8f:45:06:2b:fe:9a:2b:ff:0a:fb:65:63:75:84:55:
01:4b:90:53:b8:0d:f3:19:43:8f:31:31:35:91:90:
9a:8c:8b:47:93:5b:05:9e:d5:d2:34:05:5b:3c:60:
12:91:29:11:4f:f8:26:7b:89:1e:a4:29:0c:38:db:
7e:a5:f7:d8:d5:ef:0f:6f:69:f4:79:c9:76:cd:4c:
a2:da:04:db:32:1c:f2:e1:63:4e:ed:a0:94:96:98:
56:35:89:ee:16:78:51:66:47:c9:db:07:cf:d2:9c:
0b:c1:22:86:18:a0:84:72:94:de:61:a2:07:ce:3c:
d2:50:9c:5d:8b:14:76:e6:2c:3d:61:2e:08:3a:86:
1b:03:73:f7:55:90:00:9e:d5:27:79:d9:45:9b:1b:
fb:54:b0:1e:de:93:9d:d6:e7:95:75:0c:54:a3:83:
f8:f4:f9:ca:57:91:03:59:0f:d6:3b:c7:40:16:13:
15:1c:ab:73:02:cb:7c:a4:ff:b1:8d:05:b2:6c:e8:
44:79:6c:93:d1:a0:cd:f5:8d:db:6c:2c:72:84:09:
89:72:e2:36:01:53:ac:08:91:e2:18:fa:8f:a7:92:
7d:da:7f:24:ea:fb:21:a2:3c:a0:43:45:f8:fe:41:
5b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:AE:6B:7B:D3:DE:78:AB:67:A5:48:CC:71:10:8D:33:8D:A8:29:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.238.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:78:3a:6c:08:6a:4e:a7:a6:44:85:50:c3:89:66:c3:74:75:
aa:47:5e:c0:85:35:6d:e4:ab:71:f3:17:53:b9:eb:10:2e:c9:
45:2d:58:7c:21:25:48:31:30:c8:f4:46:72:e8:78:ec:36:16:
0e:53:61:30:3a:27:9f:4c:e5:29:9d:83:72:a7:8d:04:d8:05:
21:78:a0:f2:80:88:87:6b:4d:78:fc:02:05:af:07:a3:2a:68:
18:ea:cb:2f:08:d5:d8:f9:13:90:7d:95:56:40:dd:5c:a7:de:
14:20:6c:01:71:c2:d6:9b:3c:8c:d5:6d:bc:fb:53:18:df:aa:
52:35:01:f0:28:39:c0:df:35:25:9c:29:ee:53:b3:0e:77:24:
e8:b8:28:41:3c:0a:ea:a6:11:1c:fb:53:42:61:ba:b0:40:c8:
7c:33:34:9b:0a:5e:1c:64:37:f7:01:c8:9b:14:59:1d:68:ef:
af:12:17:47:41:92:0a:8e:83:40:8e:8d:9b:c2:ce:23:26:49:
e7:0f:88:54:df:dc:71:04:19:be:e9:31:ed:25:45:df:62:a7:
16:c6:77:d0:a7:bc:9a:8c:64:6e:95:20:84:49:57:38:56:78:
ca:bc:31:4d:f5:c6:19:6a:c6:cc:24:bf:5d:57:a8:ff:8f:39:
07:36:99:9b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUY4jbsT48TPy7BX7D03ulKXp6/rYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMDVaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0ZGYzZWVlMTM5ZjgyYmEwODU2NTVjNmVkNGFmZWE4MjVhMTc0OTk3YjNi
YmYwZDA0ZWZmNjNhYWJlMzBkNzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALI4fXwhHG2qWOz7HgeWj0UGK/6aK/8K+2VjdYRVAUuQU7gN8xlDjzExNZGQ
moyLR5NbBZ7V0jQFWzxgEpEpEU/4JnuJHqQpDDjbfqX32NXvD29p9HnJds1MotoE
2zIc8uFjTu2glJaYVjWJ7hZ4UWZHydsHz9KcC8EihhighHKU3mGiB8480lCcXYsU
duYsPWEuCDqGGwNz91WQAJ7VJ3nZRZsb+1SwHt6TndbnlXUMVKOD+PT5yleRA1kP
1jvHQBYTFRyrcwLLfKT/sY0FsmzoRHlsk9GgzfWN22wscoQJiXLiNgFTrAiR4hj6
j6eSfdp/JOr7IaI8oENF+P5BW2MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ9rmt7
0954q2elSMxxEI0zjagpSzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzhmZDhjNDQtNzUxNC00MGU2LTkxOTgtZTBiNmUzN2I0YzY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMQ7jAN
BgkqhkiG9w0BAQsFAAOCAQEAjng6bAhqTqemRIVQw4lmw3R1qkdewIU1beSrcfMX
U7nrEC7JRS1YfCElSDEwyPRGcuh47DYWDlNhMDonn0zlKZ2DcqeNBNgFIXig8oCI
h2tNePwCBa8HoypoGOrLLwjV2PkTkH2VVkDdXKfeFCBsAXHC1ps8jNVtvPtTGN+q
UjUB8Cg5wN81JZwp7lOzDnck6LgoQTwK6qYRHPtTQmG6sEDIfDM0mwpeHGQ39wHI
mxRZHWjvrxIXR0GSCo6DQI6Nm8LOIyZJ5w+IVN/ccQQZvukx7SVF32KnFsZ30Ke8
moxkbpUghElXOFZ4yrwxTfXGGWrGzCS/XVeo/485BzaZmw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:37:43 2025 by rpki-client