Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json)
Hash identifier: F3sC3YnQLUREmNGDl+1YEbaBzFIKP4BJ2LXUpr/fJgE=
Subject key identifier: 60:FE:5E:AF:CB:EE:FC:16:7E:B1:93:1A:31:CA:45:2D:DE:24:01:7B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 21DAF4702CCD01F645BBC3B7A4CD5EC6F7065CB6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
Signing time: Tue 21 Oct 2025 14:50:05 +0000
ROA not before: Tue 21 Oct 2025 14:50:05 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:da:f4:70:2c:cd:01:f6:45:bb:c3:b7:a4:cd:5e:c6:f7:06:5c:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:05 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=39da9021888002a2aa61f8cd6acc924e5bd0804150ee32796938cbad62787831, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cb:93:1b:e7:a5:30:91:83:2c:8c:bf:b0:d8:
d3:14:42:4a:4e:0b:66:e9:17:1d:63:5f:65:a8:dc:
70:9c:16:2a:a6:a4:60:c0:8b:98:e8:41:e2:60:f6:
8a:bc:92:c0:b2:c1:b7:03:9d:cb:1c:19:65:9b:3a:
ce:ad:bb:12:62:bf:e0:74:4e:4f:49:50:0d:fe:c7:
a6:4f:11:f7:97:d1:02:df:eb:b9:dd:72:8d:41:26:
f7:0b:53:be:4c:f5:8b:71:57:b2:b3:7f:ba:36:a6:
95:7b:9e:03:59:a3:79:c3:dc:54:8c:13:f9:79:4e:
fe:04:66:ca:4d:d4:89:7d:10:df:b0:aa:bf:53:3f:
2b:de:4b:4a:6c:27:c8:01:a2:ca:cd:dd:42:74:dc:
d6:a3:b6:f6:dc:1e:15:2f:ba:e5:62:d6:d8:e5:a6:
aa:81:44:1a:e3:5d:2b:e8:e3:da:b5:08:7f:47:9a:
6e:1d:89:5c:44:f3:e1:d0:68:f1:13:f7:0c:96:83:
a9:22:db:0f:e0:48:f3:53:9c:86:34:cc:85:d9:66:
ac:6f:f4:5b:86:49:b1:77:76:6f:cc:fc:58:80:44:
87:1f:85:e3:19:db:ee:aa:2e:e2:63:24:bb:0e:83:
09:8a:dc:a8:f2:b0:77:99:85:8d:08:b4:da:21:c2:
da:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FE:5E:AF:CB:EE:FC:16:7E:B1:93:1A:31:CA:45:2D:DE:24:01:7B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
80:bf:35:12:2c:0c:2f:79:5f:e3:08:ce:af:cd:d1:2f:02:93:
40:65:95:d0:d0:3c:90:9c:a4:c4:f2:99:9f:46:4d:22:51:53:
8e:8b:b1:8d:19:d0:71:33:20:59:e8:fc:eb:20:db:d6:ab:fe:
74:dc:cb:fc:e7:d3:ef:ab:de:f5:9b:34:9a:82:a1:63:45:90:
ae:bb:be:bb:9e:aa:30:38:76:03:91:d6:8c:46:0e:5a:56:08:
7b:ed:6f:e2:2d:05:1e:17:e1:70:9d:78:12:9d:a4:91:37:78:
fd:82:9c:c6:00:9b:eb:09:13:12:c2:c9:0e:1f:5c:c1:d3:12:
03:d8:3b:a9:48:4d:65:fc:f5:20:bc:65:9d:7c:68:c3:8a:df:
28:bf:62:d2:ac:70:ec:9e:4e:4d:16:2d:9a:5e:77:1c:47:25:
59:f9:55:5e:0b:c4:48:2a:65:40:7a:f1:78:dc:36:01:2a:a1:
57:bc:a2:05:25:cc:33:68:81:a2:8d:e2:cf:26:19:2e:0e:98:
d3:67:de:4c:bc:07:d0:66:cb:3f:bf:30:68:ec:ff:2f:7a:f3:
b8:c0:35:b4:8e:ad:8c:27:de:86:e5:c5:7e:63:d6:ff:b0:4e:
4b:46:79:72:45:5b:8e:6e:ea:7d:ee:fb:09:67:35:16:0a:99:
6a:34:41:35
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIdr0cCzNAfZFu8O3pM1exvcGXLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMDVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5ZGE5MDIxODg4MDAyYTJhYTYxZjhjZDZhY2M5MjRlNWJkMDgwNDE1MGVl
MzI3OTY5MzhjYmFkNjI3ODc4MzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfLkxvnpTCRgyyMv7DY0xRCSk4LZukXHWNfZajccJwWKqakYMCLmOhB4mD2
irySwLLBtwOdyxwZZZs6zq27EmK/4HROT0lQDf7Hpk8R95fRAt/rud1yjUEm9wtT
vkz1i3FXsrN/ujamlXueA1mjecPcVIwT+XlO/gRmyk3UiX0Q37Cqv1M/K95LSmwn
yAGiys3dQnTc1qO29tweFS+65WLW2OWmqoFEGuNdK+jj2rUIf0eabh2JXETz4dBo
8RP3DJaDqSLbD+BI81OchjTMhdlmrG/0W4ZJsXd2b8z8WIBEhx+F4xnb7qou4mMk
uw6DCYrcqPKwd5mFjQi02iHC2jUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRg/l6v
y+78Fn6xkxoxykUt3iQBezAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQCAvzUSLAwveV/jCM6vzdEvApNAZZXQ0DyQnKTE8pmf
Rk0iUVOOi7GNGdBxMyBZ6PzrINvWq/503Mv859Pvq971mzSagqFjRZCuu767nqow
OHYDkdaMRg5aVgh77W/iLQUeF+FwnXgSnaSRN3j9gpzGAJvrCRMSwskOH1zB0xID
2DupSE1l/PUgvGWdfGjDit8ov2LSrHDsnk5NFi2aXnccRyVZ+VVeC8RIKmVAevF4
3DYBKqFXvKIFJcwzaIGijeLPJhkuDpjTZ95MvAfQZss/vzBo7P8vevO4wDW0jq2M
J96G5cV+Y9b/sE5LRnlyRVuObup97vsJZzUWCplqNEE1
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:58:09 2025 by rpki-client