Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json)
Hash identifier: 8evGUSJIO9tSAFMG9Oi+nMI3RzqV4XtaJcP4KTl6GSE=
Subject key identifier: 59:76:03:6D:B7:9B:7D:D8:E7:96:83:9F:9D:33:86:14:A7:4E:D2:B4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D1C586D850C650162D23DD20C568F8DD05364EB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
Signing time: Tue 19 May 2026 06:00:05 +0000
ROA not before: Tue 19 May 2026 06:00:05 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 31 May 2026 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:1c:58:6d:85:0c:65:01:62:d2:3d:d2:0c:56:8f:8d:d0:53:64:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:05 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=a58c3d9f017ba01acbe819b1394c68a908b321251b8d129cdb26932f2a88e8f7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:07:03:60:16:cb:90:e3:41:4c:e8:bc:e9:c7:
7b:d0:20:55:ab:53:5f:3c:df:aa:a7:8f:b9:82:ef:
0d:f2:d7:cf:4d:54:75:d8:8e:bf:7d:98:68:c2:65:
2d:8a:f2:2a:90:2f:22:04:8c:b0:62:cf:6d:fe:24:
b3:11:a7:25:a0:e6:49:8b:40:6a:01:94:6c:7a:22:
5c:65:1d:8b:06:a3:04:97:ea:3d:73:41:00:3b:c1:
90:9f:5a:be:fc:9a:bd:c4:bc:39:e1:56:0e:c6:f5:
7b:06:0f:6a:d1:49:fb:07:36:a7:ce:a9:07:74:e0:
f7:21:a4:62:ea:bd:7a:8c:25:c1:d0:38:2d:3d:ab:
ea:9d:fc:43:90:25:1b:5d:e9:bf:54:45:42:2d:8c:
ab:22:e8:d4:48:2b:84:bc:26:c1:f9:c5:3f:fc:08:
a3:0e:cd:2e:07:de:e5:47:0c:e0:c8:22:f3:ee:73:
c4:32:c8:42:85:5a:73:de:92:94:83:c8:f4:38:7f:
af:0b:7e:26:80:2a:ad:8d:14:d5:95:5a:69:e5:9b:
28:10:1d:80:b5:7b:18:92:38:3c:79:d5:20:74:e1:
cf:c0:8c:d2:1a:2a:46:98:78:6b:17:9f:7f:0b:53:
9b:fc:77:b2:6a:04:96:82:d7:04:84:c1:69:f2:24:
c2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:76:03:6D:B7:9B:7D:D8:E7:96:83:9F:9D:33:86:14:A7:4E:D2:B4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
20:56:b1:11:9b:31:c7:d4:a3:a2:45:58:a5:cd:a8:d1:97:b1:
d2:cf:d7:8d:af:26:c4:29:83:7f:a0:4e:d9:36:23:d9:21:e8:
e4:89:d8:eb:7c:74:c6:19:2b:51:16:3c:cd:d6:af:7d:0e:63:
03:24:58:7c:33:7b:cc:d5:ed:b2:08:18:82:1e:9c:6a:c9:a3:
2a:b8:1c:a9:d6:f5:51:f5:0e:90:bc:0f:48:fd:b7:be:a6:e0:
9e:22:81:56:88:bf:03:bc:10:d7:c8:25:96:79:e7:c3:49:74:
d5:87:ae:a9:88:b8:e1:c6:af:74:e1:73:25:31:1f:aa:43:6f:
af:e3:f6:7a:de:63:59:43:a5:a1:07:89:8d:b5:61:60:7e:db:
ad:41:a5:c0:5c:bd:81:d5:3f:7e:52:05:1d:4c:3b:24:c3:b7:
31:b1:88:6d:40:ee:0a:f3:fe:98:c4:53:40:f7:c9:48:da:d7:
1b:49:99:d8:a6:15:b3:1c:80:16:20:6d:12:a1:d4:cd:13:34:
45:5e:d6:6f:80:3f:b2:f8:da:63:2a:87:47:a6:56:7c:15:bf:
7a:b5:29:0b:19:56:69:1a:77:9c:f3:8b:ec:cf:b0:2a:5f:a2:
a2:9e:7e:ce:9b:66:5d:17:63:8a:41:00:5a:0b:04:39:3c:c7:
09:cc:10:99
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfRxYbYUMZQFi0j3SDFaPjdBTZOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMDVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1OGMzZDlmMDE3YmEwMWFjYmU4MTliMTM5NGM2OGE5MDhiMzIxMjUxYjhk
MTI5Y2RiMjY5MzJmMmE4OGU4ZjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJUHA2AWy5DjQUzovOnHe9AgVatTXzzfqqePuYLvDfLXz01UddiOv32YaMJl
LYryKpAvIgSMsGLPbf4ksxGnJaDmSYtAagGUbHoiXGUdiwajBJfqPXNBADvBkJ9a
vvyavcS8OeFWDsb1ewYPatFJ+wc2p86pB3Tg9yGkYuq9eowlwdA4LT2r6p38Q5Al
G13pv1RFQi2MqyLo1EgrhLwmwfnFP/wIow7NLgfe5UcM4Mgi8+5zxDLIQoVac96S
lIPI9Dh/rwt+JoAqrY0U1ZVaaeWbKBAdgLV7GJI4PHnVIHThz8CM0hoqRph4axef
fwtTm/x3smoEloLXBITBafIkwmUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRZdgNt
t5t92OeWg5+dM4YUp07StDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQAgVrERmzHH1KOiRVilzajRl7HSz9eNrybEKYN/oE7Z
NiPZIejkidjrfHTGGStRFjzN1q99DmMDJFh8M3vM1e2yCBiCHpxqyaMquByp1vVR
9Q6QvA9I/be+puCeIoFWiL8DvBDXyCWWeefDSXTVh66piLjhxq904XMlMR+qQ2+v
4/Z63mNZQ6WhB4mNtWFgftutQaXAXL2B1T9+UgUdTDskw7cxsYhtQO4K8/6YxFNA
98lI2tcbSZnYphWzHIAWIG0SodTNEzRFXtZvgD+y+NpjKodHplZ8Fb96tSkLGVZp
Gnec84vsz7AqX6Kinn7Om2ZdF2OKQQBaCwQ5PMcJzBCZ
-----END CERTIFICATE-----
Generated at Sat May 30 20:19:04 2026 by rpki-client