Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
File: d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa (raw, json)
Hash identifier: bN5y6v7L4v4uZImS0S1z4a145GNgHW719hJ9EKvUF+0=
Subject key identifier: 53:1F:D9:ED:47:27:ED:2B:FC:26:8F:F3:D7:43:11:FB:6B:7A:E0:AD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D79EA9F8EFB654BAECE256FF682A8DEFD6E247F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
Signing time: Fri 11 Jul 2025 20:50:13 +0000
ROA not before: Fri 11 Jul 2025 20:50:13 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:79:ea:9f:8e:fb:65:4b:ae:ce:25:6f:f6:82:a8:de:fd:6e:24:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:13 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f6bf24877e6b7fb232baec7aa89d8f159d29811f4cc32ea56e0a447d111009bc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:43:8b:c1:07:2c:0a:b6:c3:57:8f:30:f6:e7:
82:1c:93:39:3a:82:44:fe:2f:09:b2:db:26:55:c9:
b4:fd:8e:4f:84:54:d7:84:7a:31:96:29:5e:b4:02:
21:e5:1b:d9:8e:32:75:64:96:6a:bf:ee:6e:06:57:
65:f3:07:b5:b9:96:9a:45:cf:00:5c:2b:ea:c9:2a:
6b:bd:7f:35:7e:d6:16:07:4a:09:4d:5e:72:3d:a4:
af:d9:7d:57:ce:d8:54:98:c9:2d:cb:c5:73:5c:d2:
d7:ed:2e:7e:0e:a4:3f:3d:fa:c3:12:e9:24:28:82:
e3:52:6d:16:08:c7:80:bc:92:0b:e1:cc:11:e5:47:
09:df:bd:73:28:88:ac:1a:54:ef:d5:ab:04:69:9a:
d5:d5:d4:d8:f6:d9:d7:b0:d4:a2:22:49:e0:2c:af:
47:38:67:a9:8e:b1:0c:a4:75:92:0a:70:9f:08:1a:
b7:3d:4c:f0:d1:be:70:62:09:81:09:6d:ad:87:b9:
b2:0e:5e:07:e4:b9:17:88:28:c1:be:a5:7f:f3:1f:
73:ea:a6:9b:83:84:32:69:ee:82:87:fa:84:6e:39:
cd:8e:d1:59:c5:9f:84:d5:d7:88:2c:18:ac:b0:33:
9e:fb:33:bb:fe:33:7b:bd:1d:a4:8a:77:fe:65:8f:
50:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:1F:D9:ED:47:27:ED:2B:FC:26:8F:F3:D7:43:11:FB:6B:7A:E0:AD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:b6:a1:6a:5e:bc:f5:70:bf:eb:4a:cb:a8:82:11:74:59:09:
21:c0:46:5f:ef:0d:97:43:c3:6b:2b:fa:e7:0c:f1:30:be:59:
03:eb:6d:e4:bb:a2:75:cb:d8:26:63:9e:f3:7a:43:5b:07:32:
ca:b5:c8:62:7e:d8:96:56:33:2e:78:6f:6b:81:c3:c4:96:00:
08:33:06:c6:b4:a5:40:f2:a9:35:83:00:2e:b9:09:0d:7d:01:
52:a0:8c:d7:24:0e:46:4e:f4:aa:02:7a:e1:2d:65:da:8c:44:
9b:bc:4f:bc:dd:3f:93:7d:17:67:ff:e2:46:e7:ae:fa:80:de:
9b:71:49:f5:4a:73:59:8f:30:89:d1:18:8c:6e:6c:f1:f3:a5:
d8:44:90:eb:92:16:ae:5a:4d:23:7e:41:d3:a9:be:f7:aa:46:
01:0b:64:16:2d:94:2d:01:b1:be:52:2b:0b:38:f5:a0:9c:46:
8a:ec:7f:a7:e7:7f:59:43:17:b0:c9:e4:1d:c8:29:6a:d1:b8:
75:ee:2a:2c:c1:1e:57:79:26:40:ee:81:bb:35:b4:17:0d:68:
9d:1f:0f:18:8e:32:9a:0b:4d:4a:13:09:de:c7:0b:bf:92:85:
55:89:71:88:10:fd:c7:68:71:4e:dc:b8:4b:1b:b3:0d:af:a1:
59:57:8c:1c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfXnqn477ZUuuziVv9oKo3v1uJH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwMTNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2YmYyNDg3N2U2YjdmYjIzMmJhZWM3YWE4OWQ4ZjE1OWQyOTgxMWY0Y2Mz
MmVhNTZlMGE0NDdkMTExMDA5YmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBDi8EHLAq2w1ePMPbnghyTOTqCRP4vCbLbJlXJtP2OT4RU14R6MZYpXrQC
IeUb2Y4ydWSWar/ubgZXZfMHtbmWmkXPAFwr6skqa71/NX7WFgdKCU1ecj2kr9l9
V87YVJjJLcvFc1zS1+0ufg6kPz36wxLpJCiC41JtFgjHgLySC+HMEeVHCd+9cyiI
rBpU79WrBGma1dXU2PbZ17DUoiJJ4CyvRzhnqY6xDKR1kgpwnwgatz1M8NG+cGIJ
gQltrYe5sg5eB+S5F4gowb6lf/Mfc+qmm4OEMmnugof6hG45zY7RWcWfhNXXiCwY
rLAznvszu/4ze70dpIp3/mWPUGMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRTH9nt
RyftK/wmj/PXQxH7a3rgrTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDI0MTc2MWEtNGM2ZS00ZGIzLWJhMGEtMjZiMmVkYTYyMjJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQAOtqFqXrz1cL/rSsuoghF0WQkhwEZf7w2XQ8NrK/rn
DPEwvlkD623ku6J1y9gmY57zekNbBzLKtchiftiWVjMueG9rgcPElgAIMwbGtKVA
8qk1gwAuuQkNfQFSoIzXJA5GTvSqAnrhLWXajESbvE+83T+TfRdn/+JG5676gN6b
cUn1SnNZjzCJ0RiMbmzx86XYRJDrkhauWk0jfkHTqb73qkYBC2QWLZQtAbG+UisL
OPWgnEaK7H+n539ZQxewyeQdyClq0bh17ioswR5XeSZA7oG7NbQXDWidHw8YjjKa
C01KEwnexwu/koVViXGIEP3HaHFO3LhLG7MNr6FZV4wc
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:55:33 2025 by rpki-client