Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json)
Hash identifier: TeXbNYboGz27cApNZ877Uea5zcoPnQ9TWSBpS2sIk3M=
Subject key identifier: 0C:1B:A7:72:3E:FE:30:49:9D:7C:E1:1D:66:A9:01:EF:5D:33:27:AE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5700020325AF608CFF79286C994EAE9D018B05B7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
Signing time: Sat 15 Nov 2025 06:50:18 +0000
ROA not before: Sat 15 Nov 2025 06:50:18 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 12:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:00:02:03:25:af:60:8c:ff:79:28:6c:99:4e:ae:9d:01:8b:05:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 06:50:18 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=609d72e9310e9cf5396d494638a2f07090f9eca34e4901424eda58e113e84687, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e5:e3:26:38:4b:ab:59:c5:03:f9:46:77:df:
3d:a8:53:e0:77:d1:69:e8:28:7c:7a:bb:0a:a2:a4:
49:ba:03:ee:2f:4c:18:c3:ba:14:b1:80:40:46:2f:
34:55:ed:69:0a:73:22:5a:e2:69:eb:75:89:bd:e0:
36:a3:9d:d7:c1:22:3e:29:fe:e0:27:07:75:c7:e1:
e7:02:07:a8:77:8a:88:7c:42:1a:3e:99:83:07:b6:
2c:47:06:5e:d6:d3:9a:f6:c2:84:08:dd:13:11:99:
b9:a5:ee:96:dd:ef:fe:e7:0d:5b:e5:86:3e:1c:d7:
52:f3:42:a2:24:f4:f3:31:96:b2:a5:f4:e5:17:08:
01:44:3d:90:a3:22:10:31:4e:d4:93:6f:e9:30:d9:
52:b1:0f:4c:1a:0e:d0:02:c0:5a:2f:cc:89:f2:a8:
15:e0:c1:a5:60:29:41:8b:5e:54:82:5c:b3:ae:92:
01:7b:ae:1c:98:ee:c8:86:28:75:84:51:6e:04:d4:
c6:be:f0:26:d8:9e:de:b9:3b:2f:d5:dd:09:f1:f8:
61:41:47:97:ce:17:9a:e3:d6:a2:7f:55:ea:70:13:
90:28:52:31:8f:96:a9:ff:0e:aa:70:52:94:95:50:
cb:21:83:c0:20:b1:54:81:13:55:a3:a3:2a:4a:c5:
ea:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:1B:A7:72:3E:FE:30:49:9D:7C:E1:1D:66:A9:01:EF:5D:33:27:AE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
04:a4:11:ac:e0:f0:7b:00:b7:f7:f8:88:ad:a8:a8:1f:fd:73:
1e:b7:26:c8:a2:2d:b6:b2:1c:31:e8:4a:ec:da:e8:7b:c6:e5:
fa:93:c0:78:55:84:f2:32:09:a9:e7:cc:b5:db:a0:d0:08:4e:
10:35:c5:86:01:62:83:2c:36:a1:ec:2a:d0:40:0b:fc:92:c6:
82:01:e2:c6:09:14:f9:95:44:0c:55:65:0b:aa:1c:d5:fb:43:
cf:4b:c0:c4:61:98:1d:b8:eb:d1:25:5d:bd:2d:88:14:95:ed:
c4:66:cd:e3:ae:b4:d9:b8:e8:a0:04:65:4b:bc:68:b3:86:85:
7a:b8:77:67:dc:25:0d:c6:7d:5f:75:4b:49:62:dc:c2:69:53:
2d:8a:5b:69:2d:f2:3d:11:d6:b7:61:81:be:f2:ec:e3:c9:47:
97:f9:81:b9:0c:dd:23:d1:d2:7f:f3:cd:55:0e:8e:a7:7c:18:
18:66:c1:dd:cb:af:ae:2c:a8:38:3d:49:5d:4a:61:d0:b4:3d:
3b:9a:ba:ef:64:7d:4d:09:b6:5f:74:0a:f4:64:ee:37:3c:57:
54:54:ed:8b:db:65:6f:e1:10:88:e4:38:24:6d:4b:e0:3f:5b:
28:2c:aa:17:a9:9c:2e:e2:f6:b9:23:75:e1:e6:b0:ad:06:b6:
96:c4:3b:7f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVwACAyWvYIz/eShsmU6unQGLBbcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMTUwNjUwMThaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwOWQ3MmU5MzEwZTljZjUzOTZkNDk0NjM4YTJmMDcwOTBmOWVjYTM0ZTQ5
MDE0MjRlZGE1OGUxMTNlODQ2ODcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbl4yY4S6tZxQP5RnffPahT4HfRaegofHq7CqKkSboD7i9MGMO6FLGAQEYv
NFXtaQpzIlriaet1ib3gNqOd18EiPin+4CcHdcfh5wIHqHeKiHxCGj6Zgwe2LEcG
XtbTmvbChAjdExGZuaXult3v/ucNW+WGPhzXUvNCoiT08zGWsqX05RcIAUQ9kKMi
EDFO1JNv6TDZUrEPTBoO0ALAWi/MifKoFeDBpWApQYteVIJcs66SAXuuHJjuyIYo
dYRRbgTUxr7wJtie3rk7L9XdCfH4YUFHl84XmuPWon9V6nATkChSMY+Wqf8OqnBS
lJVQyyGDwCCxVIETVaOjKkrF6n0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQMG6dy
Pv4wSZ184R1mqQHvXTMnrjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQAEpBGs4PB7ALf3+IitqKgf/XMetybIoi22shwx6Ers
2uh7xuX6k8B4VYTyMgmp58y126DQCE4QNcWGAWKDLDah7CrQQAv8ksaCAeLGCRT5
lUQMVWULqhzV+0PPS8DEYZgduOvRJV29LYgUle3EZs3jrrTZuOigBGVLvGizhoV6
uHdn3CUNxn1fdUtJYtzCaVMtiltpLfI9Eda3YYG+8uzjyUeX+YG5DN0j0dJ/881V
Do6nfBgYZsHdy6+uLKg4PUldSmHQtD07mrrvZH1NCbZfdAr0ZO43PFdUVO2L22Vv
4RCI5DgkbUvgP1soLKoXqZwu4va5I3Xh5rCtBraWxDt/
-----END CERTIFICATE-----
Generated at Sat Nov 15 22:05:28 2025 by rpki-client