Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1ae9d8b2-218c-4376-936d-185032ce890b.roa
File: 1ae9d8b2-218c-4376-936d-185032ce890b.roa (raw, json)
Hash identifier: C11g88Stkk22WUSD7VD5Z6O1B2DE7smjSCG0bbz3sME=
Subject key identifier: 8E:AF:24:8A:BD:09:D5:9D:9D:54:F7:E1:22:7A:0C:2B:EE:8A:FE:DE
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 32BFD87A7509BCA1705ACC9F0090A5733993C9F0
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1ae9d8b2-218c-4376-936d-185032ce890b.roa
Signing time: Sat 09 Aug 2025 00:20:57 +0000
ROA not before: Sat 09 Aug 2025 00:20:57 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:bf:d8:7a:75:09:bc:a1:70:5a:cc:9f:00:90:a5:73:39:93:c9:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:57 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=27c767c618482f788cb99319b6cc15eae1e29eeb0fd286b4eceb4365df24dc06, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e3:e2:3d:5a:f5:16:2a:48:7b:7e:37:1c:82:
1b:65:2f:d9:bf:49:48:84:48:48:0d:d0:e9:08:c9:
cb:42:d8:11:70:2c:1b:0e:42:27:03:07:16:3b:69:
fc:cf:04:de:72:a5:18:8d:cf:d3:7b:be:b1:bd:3e:
9c:cf:be:38:8c:22:5d:94:48:eb:24:bd:23:9d:57:
5d:69:d6:d0:9c:8e:22:fa:62:e5:2c:f8:79:33:7a:
8e:c1:60:fd:ad:fe:e8:f7:89:60:65:91:39:1d:ee:
8a:1f:21:b1:0c:d0:3f:b7:9e:5e:c6:6a:96:fc:19:
3e:95:c5:40:67:ba:c9:6e:de:5b:11:89:f3:95:e6:
de:a3:4b:f6:cf:c8:0b:97:d5:20:9c:61:89:af:a5:
9f:e2:3c:4e:be:77:f7:63:ba:6f:ce:45:db:7e:dc:
d8:dd:8b:3b:42:a2:40:fd:12:25:ca:5c:cc:f1:b1:
b7:14:5a:f0:42:4e:53:09:4e:e8:ad:04:c7:8f:35:
08:ec:51:6c:38:15:30:c1:d3:99:c4:6f:47:eb:6f:
b6:79:2c:22:a3:88:ac:6a:b0:ce:d6:3b:91:99:7f:
c2:5c:f3:ec:9f:f7:0a:c2:98:89:a5:f2:05:57:1e:
fc:2c:d4:a0:96:5a:c0:70:a5:f8:49:01:69:62:8c:
58:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:AF:24:8A:BD:09:D5:9D:9D:54:F7:E1:22:7A:0C:2B:EE:8A:FE:DE
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1ae9d8b2-218c-4376-936d-185032ce890b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f840::/48
Signature Algorithm: sha256WithRSAEncryption
9c:f7:0f:14:56:a6:59:3f:51:21:17:05:55:0e:86:01:f8:85:
c8:e9:d0:62:02:78:c4:dd:67:4c:52:65:71:f2:0b:8a:27:da:
81:6c:b2:43:10:d4:a2:64:a8:f4:08:1e:2a:c2:bf:25:84:02:
e9:90:5a:d3:4c:2b:5f:8f:57:10:18:ce:e5:82:d4:84:d9:0c:
d4:91:16:6a:2f:3e:a9:39:14:f5:10:23:0d:93:35:ab:26:ee:
8b:b6:13:6b:da:71:9c:b1:8f:80:19:47:97:01:df:d5:cc:34:
ca:f2:2a:58:c7:d8:66:55:e5:89:4b:13:08:32:cc:15:2e:9e:
1b:fe:0f:3b:66:be:b6:1d:d8:7b:16:59:83:93:a5:79:8d:04:
6c:d7:20:f0:44:96:4b:ad:98:63:63:b4:9c:a9:69:e1:75:f8:
e5:2d:10:6e:60:fc:a0:d4:c2:e7:27:c6:f9:43:ed:2f:98:3a:
26:61:8c:d9:1a:78:3e:48:9e:73:85:d9:8d:e1:a9:ab:ac:7f:
77:74:fb:86:bc:23:7f:1e:43:3c:a8:e0:f3:6b:fa:16:9a:d9:
43:fc:66:38:c6:97:51:89:f8:d5:e1:94:c3:f2:f2:6e:17:7a:
83:48:49:d7:5d:d4:73:cf:ca:bf:22:f6:e5:1a:29:3b:cd:43:
aa:c9:c4:fb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMr/YenUJvKFwWsyfAJClczmTyfAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwNTdaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3Yzc2N2M2MTg0ODJmNzg4Y2I5OTMxOWI2Y2MxNWVhZTFlMjllZWIwZmQy
ODZiNGVjZWI0MzY1ZGYyNGRjMDYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvj4j1a9RYqSHt+NxyCG2Uv2b9JSIRISA3Q6QjJy0LYEXAsGw5CJwMHFjtp
/M8E3nKlGI3P03u+sb0+nM++OIwiXZRI6yS9I51XXWnW0JyOIvpi5Sz4eTN6jsFg
/a3+6PeJYGWROR3uih8hsQzQP7eeXsZqlvwZPpXFQGe6yW7eWxGJ85Xm3qNL9s/I
C5fVIJxhia+ln+I8Tr5392O6b85F237c2N2LO0KiQP0SJcpczPGxtxRa8EJOUwlO
6K0Ex481COxRbDgVMMHTmcRvR+tvtnksIqOIrGqwztY7kZl/wlzz7J/3CsKYiaXy
BVce/CzUoJZawHCl+EkBaWKMWJECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSOrySK
vQnVnZ1U9+Eiegwr7or+3jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWFlOWQ4YjItMjE4Yy00Mzc2LTkzNmQtMTg1MDMyY2U4OTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
QDANBgkqhkiG9w0BAQsFAAOCAQEAnPcPFFamWT9RIRcFVQ6GAfiFyOnQYgJ4xN1n
TFJlcfILiifagWyyQxDUomSo9AgeKsK/JYQC6ZBa00wrX49XEBjO5YLUhNkM1JEW
ai8+qTkU9RAjDZM1qybui7YTa9pxnLGPgBlHlwHf1cw0yvIqWMfYZlXliUsTCDLM
FS6eG/4PO2a+th3YexZZg5OleY0EbNcg8ESWS62YY2O0nKlp4XX45S0QbmD8oNTC
5yfG+UPtL5g6JmGM2Rp4Pkiec4XZjeGpq6x/d3T7hrwjfx5DPKjg82v6FprZQ/xm
OMaXUYn41eGUw/Lybhd6g0hJ113Uc8/KvyL25RopO81DqsnE+w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:05:11 2025 by rpki-client