Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json)
Hash identifier: LIs2N+yooARfX3Fa/QFtBQao6lSPcFNk1wGZseMfVxM=
Subject key identifier: 65:F5:25:5F:14:86:06:B3:B3:76:5B:67:B6:C5:09:E7:BD:FF:0D:5B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7FB6365CF8700D22C07993C3EA3B9DDBF242D433
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
Signing time: Mon 16 Jun 2025 21:51:32 +0000
ROA not before: Mon 16 Jun 2025 21:51:32 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:b6:36:5c:f8:70:0d:22:c0:79:93:c3:ea:3b:9d:db:f2:42:d4:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:51:32 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1104b919e14a4a4af61e5f673f43d0f465319e15aa79a70d0e5c7f2dbb99c0fd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a2:61:57:f0:39:70:e9:b1:44:73:a0:2a:bc:
e8:75:c7:a4:7e:73:2a:fc:b2:76:c4:4f:1b:f7:cc:
85:96:8f:a1:39:03:0a:70:40:78:96:86:a7:17:24:
d5:bf:33:94:b9:61:e9:bc:e7:d3:c2:ed:34:ce:3d:
5b:d8:b5:2f:0e:6f:2b:63:ad:af:29:12:a2:7c:b9:
b8:59:f4:0d:a7:a6:c1:a9:b7:30:97:66:73:e9:3f:
b1:9d:fa:43:22:72:7f:9f:ee:42:c1:e4:fb:77:8c:
8b:a5:fe:6f:6e:39:c7:49:4a:ca:21:af:87:80:30:
a2:5e:89:01:23:92:1b:15:58:69:4d:1c:f3:7e:e8:
c5:52:c5:06:59:c9:c8:f2:31:1f:8c:c2:3d:74:5f:
7e:cb:ed:06:11:9f:6a:8f:44:8e:e2:fb:a0:5b:e2:
67:01:03:50:97:73:ae:08:4d:c2:98:5d:37:53:dd:
2f:9b:54:b5:c7:b5:f7:92:5a:26:74:80:16:15:bd:
28:26:d1:3c:df:38:33:3c:38:ff:0f:73:d8:58:2a:
11:a1:07:57:52:5b:85:a6:18:b4:ec:a5:fb:55:65:
53:84:74:8c:93:3c:01:9c:a3:5d:ee:c6:f7:1b:a3:
f1:58:cb:16:8d:52:be:1a:4d:ca:af:71:02:bb:1b:
08:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F5:25:5F:14:86:06:B3:B3:76:5B:67:B6:C5:09:E7:BD:FF:0D:5B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ba:e8:ac:e4:9b:ea:f9:39:19:1f:dc:19:4f:40:cb:f0:c8:08:
66:dc:97:16:70:1a:db:ec:43:2a:b3:e5:73:aa:97:13:50:3d:
4d:1c:73:34:b3:8e:1c:47:3f:70:7d:17:8d:a4:fa:7d:47:ee:
11:44:41:55:3f:bb:ac:b3:1f:35:51:ba:a2:cc:92:be:f1:0f:
88:e0:71:f7:bf:9f:bc:77:c9:45:da:52:34:e2:92:1e:f8:9e:
54:4d:15:00:d2:08:e4:30:d1:e8:9f:97:6e:46:58:c6:a6:21:
ea:8b:8f:70:28:2d:f4:8c:e0:a8:f5:74:d5:e7:9f:d0:1e:c7:
70:43:1e:95:a1:29:4d:9a:06:bb:f9:4b:f0:93:3d:7e:89:f0:
2d:7b:d5:ae:35:da:8f:19:96:97:8f:43:63:7a:14:89:60:1a:
99:55:a7:2c:b7:99:9b:c3:a4:07:28:00:2f:06:60:b4:62:ff:
cc:88:ba:7f:7b:fc:25:ea:a0:e2:e8:c9:f6:53:27:4c:78:25:
ea:e4:1d:2a:58:b1:2a:91:2c:08:07:ee:18:ab:6f:43:2e:49:
63:cb:32:0c:52:a3:fd:64:fc:72:39:b6:b4:5d:eb:45:45:1c:
44:2c:05:fd:ab:58:9e:10:70:f2:71:8c:a5:0d:9a:c9:40:b8:
2b:f4:59:c2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUf7Y2XPhwDSLAeZPD6jud2/JC1DMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUxMzJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDExMDRiOTE5ZTE0YTRhNGFmNjFlNWY2NzNmNDNkMGY0NjUzMTllMTVhYTc5
YTcwZDBlNWM3ZjJkYmI5OWMwZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWiYVfwOXDpsURzoCq86HXHpH5zKvyydsRPG/fMhZaPoTkDCnBAeJaGpxck
1b8zlLlh6bzn08LtNM49W9i1Lw5vK2OtrykSony5uFn0Daemwam3MJdmc+k/sZ36
QyJyf5/uQsHk+3eMi6X+b245x0lKyiGvh4Awol6JASOSGxVYaU0c837oxVLFBlnJ
yPIxH4zCPXRffsvtBhGfao9EjuL7oFviZwEDUJdzrghNwphdN1PdL5tUtce195Ja
JnSAFhW9KCbRPN84Mzw4/w9z2FgqEaEHV1JbhaYYtOyl+1VlU4R0jJM8AZyjXe7G
9xuj8VjLFo1SvhpNyq9xArsbCHkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRl9SVf
FIYGs7N2W2e2xQnnvf8NWzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQC66Kzkm+r5ORkf3BlPQMvwyAhm3JcWcBrb7EMqs+Vz
qpcTUD1NHHM0s44cRz9wfReNpPp9R+4RREFVP7ussx81UbqizJK+8Q+I4HH3v5+8
d8lF2lI04pIe+J5UTRUA0gjkMNHon5duRljGpiHqi49wKC30jOCo9XTV55/QHsdw
Qx6VoSlNmga7+Uvwkz1+ifAte9WuNdqPGZaXj0NjehSJYBqZVacst5mbw6QHKAAv
BmC0Yv/MiLp/e/wl6qDi6Mn2UydMeCXq5B0qWLEqkSwIB+4Yq29DLkljyzIMUqP9
ZPxyOba0XetFRRxELAX9q1ieEHDycYylDZrJQLgr9FnC
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:55:28 2025 by rpki-client