Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json)
Hash identifier: z+y4U5MxRFVjqAYe03EdZ1HpTwnxbX+3qg7IjAdzEKA=
Subject key identifier: 36:85:04:53:1C:58:62:34:BB:03:B9:E4:BD:24:50:EE:1F:08:8D:DF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5AB2CBD2F017843889E6DFCA211AC08D1B8F718B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
Signing time: Mon 01 Sep 2025 21:30:38 +0000
ROA not before: Mon 01 Sep 2025 21:30:38 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:b2:cb:d2:f0:17:84:38:89:e6:df:ca:21:1a:c0:8d:1b:8f:71:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:30:38 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=ccde956613de5568251e839e303302c025293614666cc3f885476719f1bf5236, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:0f:b3:94:a8:ea:43:53:2f:97:a3:04:36:d9:
c6:95:f2:4b:33:5c:f3:e3:5f:11:5a:ed:43:e7:19:
c0:cd:70:3b:05:5f:c5:89:6f:ad:5b:4c:c8:8b:8e:
8a:02:04:dd:66:32:95:00:4f:ff:1b:a5:42:d9:af:
6b:a9:5a:82:a4:e0:c3:7e:eb:60:9d:d9:25:9c:72:
1c:21:39:2f:c2:3b:4d:f2:9e:78:7c:2c:3e:74:12:
6e:54:47:78:61:c3:33:fd:2f:70:af:05:cd:b6:5a:
e8:32:91:86:b0:f0:e3:d0:dc:a8:a4:71:33:3a:14:
84:14:c9:0e:19:e0:83:b4:7a:53:cc:a6:af:9e:af:
76:66:f1:17:1f:f7:cc:a2:7d:1c:10:63:48:20:f5:
d4:12:b6:60:a5:e8:1b:6a:2b:e6:89:49:37:ef:c4:
0e:99:16:63:fd:dc:c0:6b:87:88:5f:ca:00:fc:93:
b5:ec:6f:dd:dc:7d:77:7b:77:4c:d6:55:ad:10:46:
ea:a8:32:93:b4:f9:cf:c1:cd:3b:3a:1a:91:de:01:
ba:54:1c:c7:05:4f:5f:3c:3a:fb:e3:76:d0:c5:57:
4a:92:12:58:c2:f9:52:7d:64:c0:9b:9f:05:ed:f7:
27:75:5e:6c:3b:0f:01:9c:dc:71:07:37:0a:99:4c:
90:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:85:04:53:1C:58:62:34:BB:03:B9:E4:BD:24:50:EE:1F:08:8D:DF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d2:db:21:96:65:f2:a7:3b:1a:5d:80:19:92:6e:73:60:9b:e8:
8e:37:07:3d:c3:e5:e4:9f:73:37:86:b4:c1:1e:57:58:33:9d:
04:a4:6a:91:40:09:5f:88:e7:14:4e:35:bb:f7:07:88:16:f1:
72:f5:21:80:9d:1a:9d:68:b3:91:46:77:cc:c7:f0:e5:f0:d2:
5a:af:9e:07:37:d1:2a:2d:63:2b:5c:2c:e5:97:c6:1a:c0:1e:
b6:d1:d6:84:05:6a:1c:49:a9:10:6d:e4:c5:d9:1e:ae:da:07:
66:66:49:f3:ac:63:93:0f:d7:31:56:25:7b:91:c7:f0:41:0a:
95:67:49:52:9b:53:73:8c:3a:48:7e:eb:91:8f:93:42:89:37:
27:f3:73:cb:49:d8:52:e9:0f:31:a9:7b:dd:22:c6:99:fe:a0:
94:3f:91:d6:df:34:cc:2b:e8:5a:1b:c9:bd:c3:be:18:11:68:
6b:9f:05:f3:ff:b2:68:c4:53:e6:7f:82:96:d1:d3:bb:a7:bc:
fc:89:86:d0:45:1c:fd:67:0a:9a:71:48:50:b9:3f:ff:e1:7f:
dc:6c:23:b8:fe:b1:e0:71:7c:18:fd:4d:b1:f5:ca:61:68:69:
9b:dd:41:49:71:e9:95:45:3a:7a:84:94:b7:82:a9:54:38:68:
5a:40:69:18
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWrLL0vAXhDiJ5t/KIRrAjRuPcYswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMwMzhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjZGU5NTY2MTNkZTU1NjgyNTFlODM5ZTMwMzMwMmMwMjUyOTM2MTQ2NjZj
YzNmODg1NDc2NzE5ZjFiZjUyMzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwPs5So6kNTL5ejBDbZxpXySzNc8+NfEVrtQ+cZwM1wOwVfxYlvrVtMyIuO
igIE3WYylQBP/xulQtmva6lagqTgw37rYJ3ZJZxyHCE5L8I7TfKeeHwsPnQSblRH
eGHDM/0vcK8FzbZa6DKRhrDw49DcqKRxMzoUhBTJDhngg7R6U8ymr56vdmbxFx/3
zKJ9HBBjSCD11BK2YKXoG2or5olJN+/EDpkWY/3cwGuHiF/KAPyTtexv3dx9d3t3
TNZVrRBG6qgyk7T5z8HNOzoakd4BulQcxwVPXzw6++N20MVXSpISWML5Un1kwJuf
Be33J3VebDsPAZzccQc3CplMkAkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ2hQRT
HFhiNLsDueS9JFDuHwiN3zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQDS2yGWZfKnOxpdgBmSbnNgm+iONwc9w+Xkn3M3hrTB
HldYM50EpGqRQAlfiOcUTjW79weIFvFy9SGAnRqdaLORRnfMx/Dl8NJar54HN9Eq
LWMrXCzll8YawB620daEBWocSakQbeTF2R6u2gdmZknzrGOTD9cxViV7kcfwQQqV
Z0lSm1NzjDpIfuuRj5NCiTcn83PLSdhS6Q8xqXvdIsaZ/qCUP5HW3zTMK+haG8m9
w74YEWhrnwXz/7JoxFPmf4KW0dO7p7z8iYbQRRz9ZwqacUhQuT//4X/cbCO4/rHg
cXwY/U2x9cphaGmb3UFJcemVRTp6hJS3gqlUOGhaQGkY
-----END CERTIFICATE-----
Generated at Mon Sep 15 22:44:18 2025 by rpki-client