Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json)
Hash identifier: vHehDTiq3Bi426YMAl83OanAFH1VDpqAHoMveJYqkVs=
Subject key identifier: 9F:4D:C1:D7:26:B1:79:B3:D3:F2:7E:43:6E:22:3D:42:1F:81:55:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 737C9A46364DD54FCD7F285DD54C9FE63EC6B1A6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
Signing time: Tue 05 Aug 2025 20:20:18 +0000
ROA not before: Tue 05 Aug 2025 20:20:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:7c:9a:46:36:4d:d5:4f:cd:7f:28:5d:d5:4c:9f:e6:3e:c6:b1:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=e2f8c16a55fb6c43709c39f15a6723540e04ab62392c47258282b173d1c5854c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8a:25:aa:76:66:f8:bf:ee:8c:c5:c9:1e:41:
a8:4c:f6:ac:2c:56:97:d6:f2:3e:82:3a:84:b4:16:
48:77:a2:11:fd:4f:de:61:5b:c0:5f:39:95:40:10:
d8:85:9d:e9:e6:39:d7:ff:2b:97:bd:a5:25:7c:35:
5b:91:a7:75:57:0c:64:55:41:04:ae:f1:0a:b4:62:
e2:25:22:0f:92:75:e0:34:fd:b4:22:90:c6:28:05:
4f:f6:ff:9f:f5:2b:bf:1d:1f:b1:50:81:87:a6:74:
2b:b8:1b:a3:33:74:f7:77:d1:1e:a4:5c:dc:ab:7b:
d6:05:95:a4:bf:a5:86:7f:21:35:7e:50:28:8b:b8:
4f:56:d5:52:6e:96:c7:7b:9d:4e:23:7d:e0:7f:98:
40:57:8b:5c:57:44:34:a1:a9:54:72:d4:95:cd:0a:
08:b8:69:24:15:ed:ce:0e:a7:56:04:3b:f6:f4:e5:
ed:0c:40:be:45:d2:12:92:f5:35:54:d8:d8:d7:ac:
bf:78:41:9d:da:31:b5:6f:e2:39:97:25:d1:46:a6:
57:56:6b:27:78:02:37:ec:bb:02:fc:57:91:3f:77:
95:14:fe:d7:12:c4:ec:2a:e2:a6:d9:7f:30:14:ad:
ab:28:28:db:63:54:88:83:31:43:b8:c1:d2:f8:4d:
ef:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:4D:C1:D7:26:B1:79:B3:D3:F2:7E:43:6E:22:3D:42:1F:81:55:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a2:ee:20:26:52:0e:a8:79:7f:04:1e:03:35:6b:f2:f9:db:34:
9e:32:92:de:c8:17:2c:b3:64:dc:a7:4f:5e:96:68:ce:07:70:
86:a4:7c:47:e8:3c:24:72:6c:ef:df:eb:4c:93:f2:c9:54:79:
92:07:77:eb:a8:28:8f:3e:2c:48:06:39:8d:98:d4:17:0f:3c:
0f:21:0f:a4:4c:61:9d:9b:87:8c:6a:ca:68:f8:40:04:e0:9f:
d8:45:7f:19:5b:35:c6:37:e6:84:ce:e6:27:d1:b9:0a:72:05:
32:9e:c3:d3:cb:70:fc:e1:96:82:0d:c9:9e:20:59:3b:fd:bb:
5b:3f:91:a5:d9:b2:20:01:1b:ce:f3:43:71:d5:06:de:40:5e:
57:dc:ca:8b:2d:93:f9:5c:b5:90:df:d1:f2:4c:a9:ff:f5:d8:
bd:e2:41:53:7d:dd:3d:80:0d:44:8d:25:15:82:70:65:3a:ea:
6e:a5:1c:e0:e2:a5:a7:13:70:fd:75:2a:14:c8:3d:22:b9:af:
83:23:61:54:72:1a:24:07:b3:d2:bd:5d:d1:8a:da:ab:17:3d:
be:7c:41:a3:ec:d2:cc:d0:c9:6e:0b:ba:c0:6c:b5:7c:be:9f:
7d:16:da:93:90:5e:61:9c:d0:23:fc:94:4e:52:cb:59:ed:76:
e5:34:90:c3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUc3yaRjZN1U/Nfyhd1Uyf5j7GsaYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyZjhjMTZhNTVmYjZjNDM3MDljMzlmMTVhNjcyMzU0MGUwNGFiNjIzOTJj
NDcyNTgyODJiMTczZDFjNTg1NGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAImKJap2Zvi/7ozFyR5BqEz2rCxWl9byPoI6hLQWSHeiEf1P3mFbwF85lUAQ
2IWd6eY51/8rl72lJXw1W5GndVcMZFVBBK7xCrRi4iUiD5J14DT9tCKQxigFT/b/
n/Urvx0fsVCBh6Z0K7gbozN093fRHqRc3Kt71gWVpL+lhn8hNX5QKIu4T1bVUm6W
x3udTiN94H+YQFeLXFdENKGpVHLUlc0KCLhpJBXtzg6nVgQ79vTl7QxAvkXSEpL1
NVTY2Nesv3hBndoxtW/iOZcl0UamV1ZrJ3gCN+y7AvxXkT93lRT+1xLE7Criptl/
MBStqygo22NUiIMxQ7jB0vhN728CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSfTcHX
JrF5s9PyfkNuIj1CH4FVSjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQCi7iAmUg6oeX8EHgM1a/L52zSeMpLeyBcss2Tcp09e
lmjOB3CGpHxH6Dwkcmzv3+tMk/LJVHmSB3frqCiPPixIBjmNmNQXDzwPIQ+kTGGd
m4eMaspo+EAE4J/YRX8ZWzXGN+aEzuYn0bkKcgUynsPTy3D84ZaCDcmeIFk7/btb
P5Gl2bIgARvO80Nx1QbeQF5X3MqLLZP5XLWQ39HyTKn/9di94kFTfd09gA1EjSUV
gnBlOupupRzg4qWnE3D9dSoUyD0iua+DI2FUchokB7PSvV3RitqrFz2+fEGj7NLM
0MluC7rAbLV8vp99FtqTkF5hnNAj/JROUstZ7XblNJDD
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:31 2025 by rpki-client