Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
File: 0b1379a0-a965-4871-ba33-de2086e8028e.roa (raw, json)
Hash identifier: rKw0G7bZle1JThQ9VZsKfxvXq27CfJX744DRmXUuvmE=
Subject key identifier: 56:AE:FA:CF:58:F3:FB:48:0E:B9:96:00:7E:CE:5E:B1:E8:74:71:1D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 61E4C9C01516E4E656562837A824BD3C21705E60
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
Signing time: Sat 09 Aug 2025 00:21:19 +0000
ROA not before: Sat 09 Aug 2025 00:21:19 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:e4:c9:c0:15:16:e4:e6:56:56:28:37:a8:24:bd:3c:21:70:5e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:19 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=73da1b841b7243924dfa16279879e99818a37009cfa0a7aee75e2adee75fe1c1, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f6:bb:13:90:12:52:32:72:d1:39:52:fb:f4:
6f:26:41:c3:07:52:e4:cf:5c:89:fb:c5:69:9d:95:
b6:2b:71:d9:36:d3:8c:b6:7a:43:4d:ae:df:24:be:
74:f7:39:6c:2c:6e:35:e7:d3:7d:87:b7:aa:0b:ea:
d0:20:15:be:fa:72:04:5a:e5:f5:37:69:b9:c8:9f:
de:12:95:9c:00:6a:7c:7a:d0:b1:d3:93:39:02:f8:
48:39:65:94:c1:4b:13:41:1e:7e:43:39:32:ed:92:
0c:00:a6:76:0c:31:32:6d:5b:12:82:dc:0c:2e:43:
6e:15:d7:74:a7:46:5a:e7:15:f8:6c:99:67:51:78:
3a:f8:e7:f7:ea:b0:1f:2e:b8:dd:ed:a6:81:eb:e0:
68:ff:ca:78:fa:3b:07:d5:ef:5e:69:46:e5:9e:14:
e7:ac:9a:7d:9a:e5:3e:57:5e:48:7c:18:47:72:5a:
10:9c:30:0a:73:3a:c0:70:c9:2a:f3:18:d8:a2:fd:
20:f6:a9:b5:f5:d2:74:0d:e2:89:93:e5:6c:c2:25:
6f:d2:2e:fc:bb:48:b2:72:d6:a4:f0:cf:d8:15:fd:
2c:a8:c4:ec:59:17:e5:8f:15:3c:69:83:b8:3e:8c:
e6:50:86:a7:a4:d7:ff:f1:4f:6d:dc:e7:66:ac:ff:
63:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:AE:FA:CF:58:F3:FB:48:0E:B9:96:00:7E:CE:5E:B1:E8:74:71:1D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f000::/36
Signature Algorithm: sha256WithRSAEncryption
88:61:aa:da:3e:21:d5:f7:70:63:98:c8:f2:59:5a:4a:5c:fb:
57:09:e4:6e:b6:4e:27:94:71:fa:f9:11:b1:69:98:60:5d:9c:
6f:35:8f:8f:7a:34:d2:5f:3c:66:03:0a:2b:b1:1b:12:fa:5f:
ae:da:d7:4a:3b:28:7c:c9:59:56:c3:9f:f7:e8:25:69:9c:52:
15:be:4d:5f:21:66:9b:9a:79:e7:87:e7:85:96:f5:63:20:07:
6a:48:d7:e5:4c:0b:cf:0f:ca:de:48:cd:c4:6b:ea:06:9e:fc:
29:07:dc:4e:21:70:0b:69:66:c4:37:8d:ba:7d:b5:f7:b9:4f:
03:d6:28:29:ff:91:24:c6:fe:ce:d1:72:36:f7:c6:d7:c2:a4:
86:fa:2d:cd:ad:48:c4:76:7b:9c:47:7c:5e:d7:51:75:26:13:
c1:6b:76:44:d2:d7:b2:6e:31:0b:e3:10:85:d3:d8:4f:69:6d:
21:58:48:b6:5b:5d:c8:9e:5f:7f:c1:f6:83:1f:c2:3a:8f:d5:
66:03:a6:63:ce:56:7f:ed:d7:73:60:49:92:cb:e3:e1:1d:ed:
f5:67:ad:72:5b:db:80:6d:1a:05:7e:b3:db:b0:a1:96:a3:6b:
46:21:8a:6c:12:c9:93:88:8a:e0:bb:04:13:1d:f2:b0:66:bd:
e5:64:dc:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYeTJwBUW5OZWVig3qCS9PCFwXmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMTlaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDczZGExYjg0MWI3MjQzOTI0ZGZhMTYyNzk4NzllOTk4MThhMzcwMDljZmEw
YTdhZWU3NWUyYWRlZTc1ZmUxYzExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJX2uxOQElIyctE5Uvv0byZBwwdS5M9cifvFaZ2Vtitx2TbTjLZ6Q02u3yS+
dPc5bCxuNefTfYe3qgvq0CAVvvpyBFrl9Tdpucif3hKVnABqfHrQsdOTOQL4SDll
lMFLE0EefkM5Mu2SDACmdgwxMm1bEoLcDC5DbhXXdKdGWucV+GyZZ1F4Ovjn9+qw
Hy643e2mgevgaP/KePo7B9XvXmlG5Z4U56yafZrlPldeSHwYR3JaEJwwCnM6wHDJ
KvMY2KL9IPaptfXSdA3iiZPlbMIlb9Iu/LtIsnLWpPDP2BX9LKjE7FkX5Y8VPGmD
uD6M5lCGp6TX//FPbdznZqz/Y78CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRWrvrP
WPP7SA65lgB+zl6x6HRxHTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MGIxMzc5YTAtYTk2NS00ODcxLWJhMzMtZGUyMDg2ZTgwMjhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fw
MA0GCSqGSIb3DQEBCwUAA4IBAQCIYaraPiHV93BjmMjyWVpKXPtXCeRutk4nlHH6
+RGxaZhgXZxvNY+PejTSXzxmAworsRsS+l+u2tdKOyh8yVlWw5/36CVpnFIVvk1f
IWabmnnnh+eFlvVjIAdqSNflTAvPD8reSM3Ea+oGnvwpB9xOIXALaWbEN426fbX3
uU8D1igp/5Ekxv7O0XI298bXwqSG+i3NrUjEdnucR3xe11F1JhPBa3ZE0teybjEL
4xCF09hPaW0hWEi2W13Inl9/wfaDH8I6j9VmA6ZjzlZ/7ddzYEmSy+PhHe31Z61y
W9uAbRoFfrPbsKGWo2tGIYpsEsmTiIrguwQTHfKwZr3lZNyC
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:07:47 2025 by rpki-client