Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
File: 1e498054-99a2-4f2b-82cb-7448499c313c.roa (raw, json)
Hash identifier: 2ErBKGBEEBu0Yoh5geImD2pUMqlsJvqgFOCSOAdFHLI=
Subject key identifier: E8:F0:66:3E:90:83:1E:C8:69:C1:12:F0:68:CF:F2:E5:20:1F:55:A6
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5E1919489214E2C596DB2F33B4541DEC2BC8EE4A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
Signing time: Sat 09 Aug 2025 00:30:05 +0000
ROA not before: Sat 09 Aug 2025 00:30:05 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:19:19:48:92:14:e2:c5:96:db:2f:33:b4:54:1d:ec:2b:c8:ee:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:30:05 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=e152b7dad3b620373bc1aca2e8ec48fc8bb362b2da1dda693961d26b1d2fc2b7, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a2:6a:dd:c4:68:37:61:f2:70:df:4e:ac:9e:
8d:ff:e7:2e:29:6d:a6:10:35:d7:7a:e0:8f:e0:2e:
7d:c5:89:8b:8b:91:31:47:7a:6f:b3:18:25:6a:25:
fc:a6:9c:e9:6b:ba:d0:bc:a5:8d:27:8d:89:2c:ea:
61:1d:16:5c:41:4e:fa:79:78:1b:8a:3b:36:68:91:
a6:ca:6f:e6:69:e1:4d:6c:4c:8e:e9:85:2b:df:5b:
e8:0b:d1:93:ea:8c:fa:3c:b6:83:46:be:72:60:32:
a2:3e:bc:d3:73:05:f3:61:5c:a5:dd:6a:e0:87:21:
88:63:e2:76:10:40:b0:7a:d4:12:13:43:0f:88:83:
f6:c4:88:5f:cb:e1:07:70:4b:70:c9:8e:bb:8b:cf:
ab:42:86:e4:51:f0:ec:e8:1f:3b:6f:8a:ba:16:5e:
d1:b7:69:d3:4c:70:3e:b3:f9:1d:ff:e6:5b:12:6e:
ec:90:b6:16:c8:62:75:8a:2b:0b:d6:c6:8c:ec:82:
05:f6:31:6b:90:e6:8f:1e:02:f1:87:07:16:a5:2a:
f4:c6:cd:50:52:6f:11:b3:ed:28:aa:09:0e:9e:fe:
f4:7e:1c:fd:1b:12:cc:a8:fc:97:28:48:3a:7f:20:
77:9f:f9:d2:38:3b:ce:b5:8e:52:05:0d:ac:f2:cd:
34:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:F0:66:3E:90:83:1E:C8:69:C1:12:F0:68:CF:F2:E5:20:1F:55:A6
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:33:f0:b5:09:0d:00:3d:95:fe:9c:7c:8f:71:4b:12:61:ef:
20:21:32:6b:cc:86:2a:f7:00:5c:17:ce:f6:92:6a:1f:d5:3e:
85:10:6b:6a:f5:d2:f6:64:2f:9e:c0:d0:74:0c:dd:b1:5b:3c:
59:30:49:0c:1d:32:a7:98:ff:28:9e:7a:44:82:dc:5b:7e:b5:
e9:46:97:4d:58:e8:b9:f1:cb:1f:75:2f:0d:fa:cd:7f:9b:d3:
e2:ca:fd:7f:47:50:2e:cc:ba:c4:a9:03:db:a9:92:1e:d7:b8:
f1:3d:7b:08:d9:61:a6:0d:ba:cc:2b:46:7f:84:c3:eb:28:f1:
d1:a3:46:05:85:8b:47:64:86:82:47:61:ff:60:8e:df:fa:e4:
3f:9f:73:90:81:96:7e:3b:c1:bf:ca:03:cb:72:05:d8:d2:f4:
ba:5b:de:5e:28:49:b0:95:fa:54:9a:04:6b:b5:fc:ad:54:6a:
80:39:fc:7a:3e:47:9f:5c:d5:f4:16:d6:e2:8d:75:49:f4:d9:
2c:a0:41:ab:a8:9e:5a:4a:e3:62:f9:b5:4b:5e:f4:62:25:74:
5f:10:7e:9f:55:de:b1:6a:f3:76:8a:16:0e:36:b9:00:56:0d:
78:53:51:e6:48:3d:51:f5:28:f3:61:e5:4d:09:f9:58:c6:67:
97:98:44:ec
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUXhkZSJIU4sWW2y8ztFQd7CvI7kowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDMwMDVaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxNTJiN2RhZDNiNjIwMzczYmMxYWNhMmU4ZWM0OGZjOGJiMzYyYjJkYTFk
ZGE2OTM5NjFkMjZiMWQyZmMyYjcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCiat3EaDdh8nDfTqyejf/nLiltphA113rgj+AufcWJi4uRMUd6b7MYJWol
/Kac6Wu60LyljSeNiSzqYR0WXEFO+nl4G4o7NmiRpspv5mnhTWxMjumFK99b6AvR
k+qM+jy2g0a+cmAyoj6803MF82Fcpd1q4IchiGPidhBAsHrUEhNDD4iD9sSIX8vh
B3BLcMmOu4vPq0KG5FHw7OgfO2+KuhZe0bdp00xwPrP5Hf/mWxJu7JC2FshidYor
C9bGjOyCBfYxa5Dmjx4C8YcHFqUq9MbNUFJvEbPtKKoJDp7+9H4c/RsSzKj8lyhI
On8gd5/50jg7zrWOUgUNrPLNNJ8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTo8GY+
kIMeyGnBEvBoz/LlIB9VpjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWU0OTgwNTQtOTlhMi00ZjJiLTgyY2ItNzQ0ODQ5OWMzMTNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyABP8Aw
DQYJKoZIhvcNAQELBQADggEBAFsz8LUJDQA9lf6cfI9xSxJh7yAhMmvMhir3AFwX
zvaSah/VPoUQa2r10vZkL57A0HQM3bFbPFkwSQwdMqeY/yieekSC3Ft+telGl01Y
6Lnxyx91Lw36zX+b0+LK/X9HUC7MusSpA9upkh7XuPE9ewjZYaYNuswrRn+Ew+so
8dGjRgWFi0dkhoJHYf9gjt/65D+fc5CBln47wb/KA8tyBdjS9Lpb3l4oSbCV+lSa
BGu1/K1UaoA5/Ho+R59c1fQW1uKNdUn02SygQauonlpK42L5tUte9GIldF8Qfp9V
3rFq83aKFg42uQBWDXhTUeZIPVH1KPNh5U0J+VjGZ5eYROw=
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:03:27 2025 by rpki-client