Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
File: 0869fd21-e07d-44bc-b068-73be998c5028.roa (raw, json)
Hash identifier: bZUGnn6+0zzx5VjHwgGumJzixBZ4Jd+Cby1FXlzkNLM=
Subject key identifier: A0:7A:C1:60:22:24:CC:D6:10:D6:10:72:DA:6F:5E:87:1B:76:EE:FF
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2CE1D02ED7BA1EC02A79C209393474EE559D6AB3
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
Signing time: Sat 09 Aug 2025 00:20:49 +0000
ROA not before: Sat 09 Aug 2025 00:20:49 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:e1:d0:2e:d7:ba:1e:c0:2a:79:c2:09:39:34:74:ee:55:9d:6a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:49 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=7250fe7cbe70bbb6d51cfa3cd2b7262f1c62887bf6d42664d8ec46c703044a28, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:62:97:61:56:56:f4:1b:81:d9:c8:03:1f:97:
33:6a:fb:49:28:41:1d:a3:49:a0:5d:b1:e4:bd:6b:
10:9c:46:9f:a4:28:81:8f:0e:b4:5f:b0:86:9a:b9:
15:1b:4b:89:5e:41:1a:f8:b9:eb:15:4e:42:f1:d8:
e0:a4:ad:62:e3:e9:95:db:4b:9c:3b:ae:5e:b0:b4:
92:36:3c:1d:6c:92:3d:e7:29:70:b2:c5:18:0e:8e:
99:3f:5a:55:4f:d0:dc:fd:23:e4:71:14:79:db:62:
2c:eb:82:55:17:00:5f:b0:64:dd:4b:a5:2e:03:df:
88:8b:5d:63:4c:40:3d:b8:b1:b4:52:67:f4:d5:81:
e8:c1:3a:c7:ff:ba:95:75:a9:5e:6b:27:8b:e0:bf:
b3:9b:a9:b8:a0:94:61:73:20:c1:1e:e8:b2:43:5a:
cc:8e:f5:63:15:ad:50:b6:e4:9b:e9:24:b5:e1:52:
f6:ea:8d:91:d0:7d:56:a9:1b:b4:2f:b4:ad:6b:2c:
c3:53:ee:de:eb:7b:73:e6:2e:53:90:07:0f:c1:66:
aa:0b:43:c6:6f:15:4f:61:79:f3:73:16:5a:70:a0:
7d:bf:e7:df:8c:5b:dd:08:8b:62:79:c3:29:7a:a1:
e6:bb:e6:08:b5:30:4d:ba:71:a8:32:39:83:4c:36:
6f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:7A:C1:60:22:24:CC:D6:10:D6:10:72:DA:6F:5E:87:1B:76:EE:FF
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f800::/40
Signature Algorithm: sha256WithRSAEncryption
92:d0:f6:ee:1e:d5:79:08:e2:a2:a6:d6:af:e0:2b:31:11:06:
e3:3d:cd:1b:d2:ae:8b:3a:62:85:11:f5:f3:cd:f8:ee:0b:22:
b5:ba:f1:30:73:39:83:8f:7e:6a:f9:37:82:d2:04:a8:bd:b4:
f8:ad:ae:53:a5:f6:6f:5f:9d:69:a7:22:27:2e:55:7d:cc:92:
37:93:24:4a:54:bd:b5:ec:cf:63:9d:5c:72:7a:92:38:b6:63:
4b:92:90:e5:34:25:76:fe:bf:80:01:4e:22:ba:4b:01:4d:c0:
32:33:96:be:c9:ae:33:44:b1:c7:bd:63:3c:bd:69:d6:48:48:
7a:24:ff:2c:80:0e:08:15:f4:fb:1e:e0:b1:7f:21:e6:25:aa:
a7:0a:ff:64:ac:1f:cc:54:4b:d3:89:0c:6d:f7:dd:23:35:51:
27:2a:1d:47:61:09:15:9a:63:5b:88:4b:2e:6d:0e:ab:dd:76:
43:fe:c4:e8:e5:f9:0a:55:b1:73:e1:ec:da:3e:7b:55:a5:b5:
e7:d1:6e:b7:86:ee:20:cb:62:20:3e:39:f0:03:32:f2:d4:82:
57:5b:89:97:3e:4e:7c:c0:fe:3b:e8:08:ea:8e:78:4d:fd:0a:
15:23:ad:09:f9:0c:f5:c6:d6:b8:ad:62:45:1c:68:36:99:a9:
44:d4:62:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULOHQLte6HsAqecIJOTR07lWdarMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwNDlaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyNTBmZTdjYmU3MGJiYjZkNTFjZmEzY2QyYjcyNjJmMWM2Mjg4N2JmNmQ0
MjY2NGQ4ZWM0NmM3MDMwNDRhMjgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFil2FWVvQbgdnIAx+XM2r7SShBHaNJoF2x5L1rEJxGn6QogY8OtF+whpq5
FRtLiV5BGvi56xVOQvHY4KStYuPpldtLnDuuXrC0kjY8HWySPecpcLLFGA6OmT9a
VU/Q3P0j5HEUedtiLOuCVRcAX7Bk3UulLgPfiItdY0xAPbixtFJn9NWB6ME6x/+6
lXWpXmsni+C/s5upuKCUYXMgwR7oskNazI71YxWtULbkm+kkteFS9uqNkdB9Vqkb
tC+0rWssw1Pu3ut7c+YuU5AHD8FmqgtDxm8VT2F583MWWnCgfb/n34xb3QiLYnnD
KXqh5rvmCLUwTbpxqDI5g0w2bzECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgesFg
IiTM1hDWEHLab16HG3bu/zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDg2OWZkMjEtZTA3ZC00NGJjLWIwNjgtNzNiZTk5OGM1MDI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8f4
MA0GCSqGSIb3DQEBCwUAA4IBAQCS0PbuHtV5COKiptav4CsxEQbjPc0b0q6LOmKF
EfXzzfjuCyK1uvEwczmDj35q+TeC0gSovbT4ra5TpfZvX51ppyInLlV9zJI3kyRK
VL217M9jnVxyepI4tmNLkpDlNCV2/r+AAU4iuksBTcAyM5a+ya4zRLHHvWM8vWnW
SEh6JP8sgA4IFfT7HuCxfyHmJaqnCv9krB/MVEvTiQxt990jNVEnKh1HYQkVmmNb
iEsubQ6r3XZD/sTo5fkKVbFz4ezaPntVpbXn0W63hu4gy2IgPjnwAzLy1IJXW4mX
Pk58wP476AjqjnhN/QoVI60J+Qz1xta4rWJFHGg2malE1GJM
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:03:43 2025 by rpki-client