Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json)
Hash identifier: S96+wdrS9cVkDmichujw4Cw6ZuXlMnV6u+mQT6zvouc=
Subject key identifier: 81:88:D2:F4:3C:55:94:93:56:B3:63:F7:4A:AC:31:EB:9F:CC:01:98
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 340FE488169FA22C46CFC758499B9DA9EECBC1EB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
Signing time: Fri 11 Jul 2025 21:00:23 +0000
ROA not before: Fri 11 Jul 2025 21:00:23 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:0f:e4:88:16:9f:a2:2c:46:cf:c7:58:49:9b:9d:a9:ee:cb:c1:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:23 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=0c2c5c2d50831ecd4cef91e6b4e27dcb784ccfdc8832855fc709307c0e423d0c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:dd:6b:80:52:fd:13:0d:fc:80:96:d8:2e:7e:
07:5a:07:cd:f7:93:ff:f8:31:14:ff:b6:ac:bb:de:
25:3b:66:53:6c:96:17:cb:e6:d0:54:5e:a9:f1:12:
f5:6a:79:32:0d:8b:a0:9c:d8:72:b8:87:de:cc:28:
eb:24:3a:6c:1d:3d:06:73:7a:dd:4b:b8:c4:d1:35:
dd:7e:c9:2f:c4:dd:3a:86:67:28:d3:9f:bf:1e:17:
4e:31:18:f9:33:5f:ad:f1:6d:dd:01:b8:65:d0:c1:
e7:ef:6a:c6:45:cc:48:2b:f1:0a:fc:86:75:3f:96:
ac:02:c5:02:a1:94:ab:5c:34:22:15:92:5a:7f:6c:
a0:0e:ff:b1:c6:13:41:4b:19:58:a7:6a:f2:60:18:
13:8e:04:6b:74:16:7c:3c:99:50:93:ae:a2:2d:8a:
6e:aa:38:00:fa:fe:7a:86:99:b0:45:04:1c:c8:b3:
2f:d1:2d:99:c4:de:c8:0d:bd:f6:c8:e6:47:23:a0:
65:50:c0:87:3b:c9:ca:01:ba:ed:fc:13:ac:99:ca:
07:33:68:52:d8:37:d6:13:2d:55:db:64:7b:c4:2f:
b5:f1:0f:57:d3:2c:ba:3f:54:10:de:18:86:d4:8a:
f6:64:8d:af:1c:67:a2:27:96:87:62:4f:66:e3:9e:
61:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:88:D2:F4:3C:55:94:93:56:B3:63:F7:4A:AC:31:EB:9F:CC:01:98
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
86:0a:20:29:5c:0c:3e:e9:12:14:b6:c7:c5:1b:c6:9a:bf:66:
9d:c2:fc:b1:e8:d5:aa:64:f1:f4:ab:86:93:0a:79:04:65:ae:
d1:fe:4d:1e:e1:2a:d7:af:16:2a:18:df:d6:4c:8f:80:74:c8:
76:60:93:53:4e:79:51:76:db:6e:94:7b:e5:98:e5:34:58:a0:
4a:f3:ca:de:67:38:8b:51:18:e7:15:d6:7f:a4:5c:a5:23:fb:
85:99:85:0c:6b:7b:a0:af:7f:04:e3:e9:93:9a:fd:87:e8:c0:
f6:95:b3:8c:c4:4d:ed:47:2f:75:65:35:4f:f8:16:9e:40:04:
48:19:1c:ba:0b:3f:bb:5b:f5:a6:59:e1:17:18:98:fa:9a:b1:
06:80:b5:97:0d:70:1f:23:6f:96:13:e2:35:96:29:13:ae:8e:
fe:7c:cb:4d:7a:2f:36:c2:bf:74:9b:56:79:c7:05:30:73:6e:
d4:e0:37:89:29:94:8a:fc:92:48:f2:6d:8a:25:80:f4:24:b6:
c7:be:b6:79:a7:0d:0f:04:5c:5b:e3:8b:9f:7c:e8:c7:40:78:
94:e5:4d:61:77:48:5f:94:b4:42:ea:12:6e:42:cb:d4:e6:bb:
a4:3d:8d:b6:47:2e:52:f5:38:07:7c:17:b1:de:c1:3a:f1:27:
f2:67:12:ef
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNA/kiBafoixGz8dYSZudqe7LweswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMjNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjMmM1YzJkNTA4MzFlY2Q0Y2VmOTFlNmI0ZTI3ZGNiNzg0Y2NmZGM4ODMy
ODU1ZmM3MDkzMDdjMGU0MjNkMGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3da4BS/RMN/ICW2C5+B1oHzfeT//gxFP+2rLveJTtmU2yWF8vm0FReqfES
9Wp5Mg2LoJzYcriH3swo6yQ6bB09BnN63Uu4xNE13X7JL8TdOoZnKNOfvx4XTjEY
+TNfrfFt3QG4ZdDB5+9qxkXMSCvxCvyGdT+WrALFAqGUq1w0IhWSWn9soA7/scYT
QUsZWKdq8mAYE44Ea3QWfDyZUJOuoi2Kbqo4APr+eoaZsEUEHMizL9EtmcTeyA29
9sjmRyOgZVDAhzvJygG67fwTrJnKBzNoUtg31hMtVdtke8QvtfEPV9Msuj9UEN4Y
htSK9mSNrxxnoieWh2JPZuOeYSUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSBiNL0
PFWUk1azY/dKrDHrn8wBmDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQCGCiApXAw+6RIUtsfFG8aav2adwvyx6NWqZPH0q4aT
CnkEZa7R/k0e4SrXrxYqGN/WTI+AdMh2YJNTTnlRdttulHvlmOU0WKBK88reZziL
URjnFdZ/pFylI/uFmYUMa3ugr38E4+mTmv2H6MD2lbOMxE3tRy91ZTVP+BaeQARI
GRy6Cz+7W/WmWeEXGJj6mrEGgLWXDXAfI2+WE+I1likTro7+fMtNei82wr90m1Z5
xwUwc27U4DeJKZSK/JJI8m2KJYD0JLbHvrZ5pw0PBFxb44uffOjHQHiU5U1hd0hf
lLRC6hJuQsvU5rukPY22Ry5S9TgHfBex3sE68SfyZxLv
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:32:04 2025 by rpki-client