Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json)
Hash identifier: 2wIV0EHOMPKxBhRYyp4wr00IjnQl5+qNPLzASjn0m04=
Subject key identifier: D4:AA:3A:A6:7C:A8:2E:C5:71:96:F6:10:33:CB:A8:F6:0C:A8:AC:9E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1DA996723CF322BE0FCEB81DE86C93D17B1742F9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
Signing time: Tue 20 May 2025 20:40:20 +0000
ROA not before: Tue 20 May 2025 20:40:20 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:a9:96:72:3c:f3:22:be:0f:ce:b8:1d:e8:6c:93:d1:7b:17:42:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:20 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=f67ba165b54b5e39df81a75aef84516474a2a76894a20ffc82e1c6e65b58ac88, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:98:25:ce:7d:1e:8b:92:09:c8:d1:01:77:8c:
d2:6f:33:9c:2b:dc:5c:aa:0a:5d:e0:6f:f6:16:d2:
2b:6a:16:94:fe:ee:ce:13:6b:a2:9a:81:4a:90:30:
46:97:1f:bb:e4:fa:9e:11:c6:88:81:ac:83:7f:47:
09:85:82:43:22:b9:a1:19:ac:14:b2:20:b1:a0:a5:
c9:c1:0f:d4:2c:56:f5:cf:88:e3:dc:80:f5:08:80:
57:e5:8d:80:5e:6f:cc:fd:2f:7f:d4:7a:d0:df:57:
d6:41:df:4c:2f:be:68:76:29:8e:99:84:53:8c:f6:
b4:32:17:f2:55:49:c3:f7:4b:57:15:d2:4a:ac:53:
f6:bf:0f:22:9f:18:29:62:16:38:b9:93:ee:d3:d3:
df:5f:38:e3:de:d7:d8:fa:b3:d3:37:b5:f8:4d:4c:
b3:32:b4:a1:1a:f6:d3:f9:85:0b:cf:aa:87:9b:74:
7e:8e:6a:14:6f:7c:74:b2:5e:5b:d4:8f:7a:a0:26:
9e:82:2b:91:52:ef:35:7c:b4:20:f9:e0:46:a2:d6:
3d:f5:1f:df:db:7e:f3:c3:46:a5:5e:07:14:c1:db:
df:e0:f5:df:38:65:9c:d2:bf:f5:37:d6:ad:7c:14:
12:25:18:a2:33:22:84:95:7b:4c:bd:22:6b:93:05:
dc:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:AA:3A:A6:7C:A8:2E:C5:71:96:F6:10:33:CB:A8:F6:0C:A8:AC:9E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b0:aa:7d:87:f7:e9:9b:7d:37:09:23:c0:1b:b7:39:79:46:1d:
dd:ab:f5:a0:f3:cb:e1:02:fd:c6:47:41:b8:40:62:31:ee:f1:
0a:9f:7d:fa:44:9a:e9:1b:77:cf:e9:c3:d7:ee:76:ad:d9:f4:
0d:15:0d:82:c1:59:79:93:a0:6b:7a:b0:96:40:ed:1d:1d:28:
69:7c:e4:45:03:cb:e6:bd:74:7e:4e:db:8f:9f:8a:3d:44:69:
1e:a3:68:43:2b:75:37:bc:ec:ef:2d:bb:0f:71:9f:a0:0f:d1:
12:0a:13:01:c4:30:44:a3:5a:7e:31:5c:db:13:f3:68:a0:2a:
b1:f1:c1:8a:c8:72:93:12:5c:a0:69:7e:c1:52:f1:36:20:a8:
ef:c4:9b:9d:f5:72:07:1d:75:a3:77:90:8b:10:9f:72:43:0c:
c3:32:ed:48:4e:58:43:0a:4b:86:fd:ee:8a:68:6e:0f:8d:f8:
5a:7d:28:e7:6b:51:2e:44:86:aa:85:cc:f9:1a:b9:36:75:2f:
30:f9:d5:2a:93:ca:ff:f4:9b:bf:b4:c2:43:96:8f:b6:c3:d8:
e1:40:40:eb:db:8a:f3:c4:65:17:8c:98:8b:54:86:48:3c:e8:
04:22:6e:8a:8c:ce:cd:4e:e5:05:5d:b7:c9:0b:50:3b:49:e7:
15:bc:2f:2f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHamWcjzzIr4Pzrgd6GyT0XsXQvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMjBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2N2JhMTY1YjU0YjVlMzlkZjgxYTc1YWVmODQ1MTY0NzRhMmE3Njg5NGEy
MGZmYzgyZTFjNmU2NWI1OGFjODgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmYJc59HouSCcjRAXeM0m8znCvcXKoKXeBv9hbSK2oWlP7uzhNropqBSpAw
Rpcfu+T6nhHGiIGsg39HCYWCQyK5oRmsFLIgsaClycEP1CxW9c+I49yA9QiAV+WN
gF5vzP0vf9R60N9X1kHfTC++aHYpjpmEU4z2tDIX8lVJw/dLVxXSSqxT9r8PIp8Y
KWIWOLmT7tPT3184497X2Pqz0ze1+E1MszK0oRr20/mFC8+qh5t0fo5qFG98dLJe
W9SPeqAmnoIrkVLvNXy0IPngRqLWPfUf39t+88NGpV4HFMHb3+D13zhlnNK/9TfW
rXwUEiUYojMihJV7TL0ia5MF3MMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTUqjqm
fKguxXGW9hAzy6j2DKisnjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQCwqn2H9+mbfTcJI8Abtzl5Rh3dq/Wg88vhAv3GR0G4
QGIx7vEKn336RJrpG3fP6cPX7nat2fQNFQ2CwVl5k6BrerCWQO0dHShpfORFA8vm
vXR+TtuPn4o9RGkeo2hDK3U3vOzvLbsPcZ+gD9ESChMBxDBEo1p+MVzbE/NooCqx
8cGKyHKTElygaX7BUvE2IKjvxJud9XIHHXWjd5CLEJ9yQwzDMu1ITlhDCkuG/e6K
aG4PjfhafSjna1EuRIaqhcz5Grk2dS8w+dUqk8r/9Ju/tMJDlo+2w9jhQEDr24rz
xGUXjJiLVIZIPOgEIm6KjM7NTuUFXbfJC1A7SecVvC8v
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:11 2025 by rpki-client