Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json)
Hash identifier: TTxhVYoEOcKkByW61x1XZ+V+BvSqpNAZhvrZ/GmirE8=
Subject key identifier: B9:97:BF:0A:04:A9:58:32:FE:FB:9D:78:51:61:C7:3A:12:D3:F0:DE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 04270F049E23CDEC944A7B9B0A1D574810ED1439
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
Signing time: Fri 26 Sep 2025 20:20:33 +0000
ROA not before: Fri 26 Sep 2025 20:20:33 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Oct 2025 08:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:27:0f:04:9e:23:cd:ec:94:4a:7b:9b:0a:1d:57:48:10:ed:14:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:33 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=b5900ef486a48549d2177aef2489f3ca16434ae7205c3c310f48a82f0d0d5bd3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f6:53:5c:46:5e:5a:a2:96:07:b5:cc:d1:fc:
8c:b5:44:9f:69:c0:10:4e:90:fa:11:70:3a:6f:d8:
47:21:7b:78:db:9b:a8:9b:62:ac:d2:31:36:11:6f:
21:86:37:01:0e:f9:16:ec:5d:ba:19:1f:5c:88:8b:
c4:cb:f4:23:c8:92:5f:62:00:58:e8:94:14:74:c4:
ad:64:83:9a:4e:7e:ad:28:6a:10:b8:14:08:e5:a4:
33:76:b3:a9:be:0c:23:03:33:37:4a:d8:20:ea:9b:
9a:1a:a8:63:89:0b:1d:3c:b0:b2:67:80:79:90:f2:
0f:84:ae:0d:4a:ac:21:7a:3e:af:c6:d2:8f:77:43:
43:c4:7e:dd:8e:c6:c1:e9:3f:bb:ae:c7:9d:d1:1d:
85:a9:6f:22:3f:93:11:d3:3e:6c:ce:b0:f8:c7:b2:
cb:f9:ae:a2:8e:c6:51:38:18:20:12:c3:36:59:c2:
d3:17:46:ef:e2:3e:e3:e6:d0:34:9b:25:04:48:ba:
bc:79:92:2c:01:dd:d0:01:4f:18:f8:40:a4:f2:9b:
7d:7d:76:60:04:a7:9e:4f:53:6f:3f:f7:b9:09:a9:
e2:48:f1:08:a0:b5:94:73:9b:4b:6d:0e:e7:9c:6c:
02:c7:7a:5f:cc:3f:5b:b6:d9:7c:12:ae:7c:6a:0d:
38:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:97:BF:0A:04:A9:58:32:FE:FB:9D:78:51:61:C7:3A:12:D3:F0:DE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6f:c5:ee:6d:54:3f:67:9f:5b:a8:8c:31:55:66:1d:4f:32:7b:
ed:45:2e:3f:68:95:91:f8:ed:11:73:8c:d3:d1:57:e0:5e:27:
14:67:8f:28:7d:d6:ee:63:ef:cc:ee:b1:1e:ee:91:e2:bb:60:
ee:ef:4e:e4:3c:03:a0:5a:a0:7e:8f:e1:20:52:9d:4c:23:fb:
2f:19:ac:53:ca:dd:0d:ca:fa:7c:a1:22:ca:98:8d:88:ba:f9:
ce:fd:e2:77:45:45:c4:45:57:70:9b:ad:04:e9:ca:4d:60:26:
63:5e:3f:53:26:96:d9:43:7f:f4:e1:cb:ff:cf:25:c0:79:1c:
a3:37:36:f9:fa:4c:97:3e:cc:d8:8f:84:da:82:96:a9:91:46:
f5:7b:63:db:30:3a:3b:77:24:95:76:e5:0c:50:ef:e3:cb:61:
c7:df:1e:0a:77:2b:01:0b:a5:60:eb:b3:06:d7:53:30:6e:af:
64:5d:2d:aa:12:01:8b:e7:e8:41:26:56:78:2d:61:f1:92:1a:
11:7a:30:33:4d:68:a8:f5:28:4e:ca:28:24:4a:23:d3:94:af:
3d:6b:8b:12:cb:8f:65:a1:3b:f7:e3:95:a9:8d:1e:48:74:9a:
e3:9c:f3:ec:82:01:c9:c5:e3:72:5e:b7:ba:a4:c6:31:66:4b:
48:4e:92:1a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBCcPBJ4jzeyUSnubCh1XSBDtFDkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMzNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1OTAwZWY0ODZhNDg1NDlkMjE3N2FlZjI0ODlmM2NhMTY0MzRhZTcyMDVj
M2MzMTBmNDhhODJmMGQwZDViZDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJD2U1xGXlqilge1zNH8jLVEn2nAEE6Q+hFwOm/YRyF7eNubqJtirNIxNhFv
IYY3AQ75FuxduhkfXIiLxMv0I8iSX2IAWOiUFHTErWSDmk5+rShqELgUCOWkM3az
qb4MIwMzN0rYIOqbmhqoY4kLHTywsmeAeZDyD4SuDUqsIXo+r8bSj3dDQ8R+3Y7G
wek/u67HndEdhalvIj+TEdM+bM6w+Meyy/muoo7GUTgYIBLDNlnC0xdG7+I+4+bQ
NJslBEi6vHmSLAHd0AFPGPhApPKbfX12YASnnk9Tbz/3uQmp4kjxCKC1lHObS20O
55xsAsd6X8w/W7bZfBKufGoNOC0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS5l78K
BKlYMv77nXhRYcc6EtPw3jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQBvxe5tVD9nn1uojDFVZh1PMnvtRS4/aJWR+O0Rc4zT
0VfgXicUZ48ofdbuY+/M7rEe7pHiu2Du707kPAOgWqB+j+EgUp1MI/svGaxTyt0N
yvp8oSLKmI2IuvnO/eJ3RUXERVdwm60E6cpNYCZjXj9TJpbZQ3/04cv/zyXAeRyj
Nzb5+kyXPszYj4TagpapkUb1e2PbMDo7dySVduUMUO/jy2HH3x4KdysBC6Vg67MG
11Mwbq9kXS2qEgGL5+hBJlZ4LWHxkhoRejAzTWio9ShOyigkSiPTlK89a4sSy49l
oTv345WpjR5IdJrjnPPsggHJxeNyXre6pMYxZktITpIa
-----END CERTIFICATE-----
Generated at Fri Oct 17 10:44:31 2025 by rpki-client