Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
File: 336f8390-241d-4b6f-9822-91232dc553f3.roa (raw, json)
Hash identifier: bZvSrwTwsdXDAUhbrjDO/TMnhxKZW9MMTRqqIdXT8Ek=
Subject key identifier: 14:81:E2:4C:4D:30:8B:4A:1A:AA:3A:EA:65:03:6D:D4:59:3C:0F:DA
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 58A5582D378FC1084842456C1D5ED4B018E231F9
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
Signing time: Sat 09 Aug 2025 00:20:06 +0000
ROA not before: Sat 09 Aug 2025 00:20:06 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:6800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:a5:58:2d:37:8f:c1:08:48:42:45:6c:1d:5e:d4:b0:18:e2:31:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:06 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=1619e249a3d1d1643c513b56adfd53f7182519f5af8c828a9c5283b9f4bb0ccc, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e7:c1:22:ae:8d:f8:f0:75:10:4e:38:9e:bd:
e8:78:1f:62:f5:7f:52:b5:8e:1c:87:e6:44:15:96:
a1:8f:bc:fd:a2:75:cd:89:f5:6d:52:5e:0b:85:7e:
46:87:f0:5a:12:e4:6c:19:0d:23:a1:ce:d1:63:12:
5a:50:3f:d2:02:d3:72:ef:7b:4e:a0:88:4b:7a:3b:
d3:08:77:c6:c5:e8:02:e4:d6:2f:92:31:7b:37:c0:
2a:dc:04:c4:02:b6:c2:43:8d:39:b6:ca:70:77:c5:
bc:41:68:37:56:d0:cf:a1:1a:46:c0:6f:7e:6b:e6:
74:dd:df:2a:ec:0a:3a:79:74:e6:f8:41:70:e0:f8:
39:8d:9e:89:f1:fd:a5:49:62:a1:2b:c3:e7:fe:4a:
4d:0a:1f:e5:25:16:4b:81:b3:5a:27:d6:53:98:e1:
11:13:33:ab:82:02:1b:16:ef:1d:18:8f:9a:c9:a7:
10:c5:ae:d6:4e:8a:76:de:70:b5:12:fe:2a:13:20:
db:92:e1:de:7d:e8:36:56:71:dc:f1:fe:f0:eb:ac:
82:09:1c:5c:6f:8d:5a:7a:1d:9b:1a:cd:57:8b:f5:
48:fc:b8:2d:14:08:da:cd:de:b7:a9:30:08:22:ca:
20:cf:89:2e:72:92:cb:8a:15:bc:3a:8e:b9:52:17:
51:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:81:E2:4C:4D:30:8B:4A:1A:AA:3A:EA:65:03:6D:D4:59:3C:0F:DA
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:6800::/40
Signature Algorithm: sha256WithRSAEncryption
60:4a:86:49:8a:20:1b:11:c0:a5:3a:2d:86:92:04:d8:66:af:
3c:56:fe:87:ce:e7:b6:93:28:9c:bb:c0:75:80:5f:48:09:c5:
3c:fa:6c:1b:22:92:b6:9f:4f:ed:e7:f8:cd:9c:07:55:e0:eb:
cf:29:21:a7:03:33:53:09:70:5e:a7:ee:75:db:73:76:0e:ba:
71:11:de:4c:02:9f:8c:c4:4d:cf:05:9c:b7:06:18:f2:1e:7a:
b0:81:50:c9:41:8b:c7:4d:07:7b:32:08:b9:b4:8c:7d:f8:80:
3b:26:23:5e:87:d6:a6:fb:84:5b:ec:03:ea:64:33:a5:73:df:
c4:eb:35:85:61:97:e2:7f:cf:66:fc:b4:24:2d:6f:4c:0e:fe:
66:56:20:92:04:ec:6f:92:fd:24:19:6f:f7:3e:85:1c:11:4b:
73:75:d9:40:1f:25:68:99:cb:b2:7e:91:f3:aa:a8:90:2b:25:
68:f9:e4:27:c4:2d:f3:ac:1f:25:3c:7e:31:7e:66:18:df:bc:
9e:85:a1:31:2a:95:49:81:58:fd:dd:f0:b5:43:df:74:a8:58:
e0:a1:0f:cf:bc:4e:1d:9c:85:81:6f:65:a7:95:fe:fc:96:2a:
cc:02:07:88:9e:11:75:cb:79:63:5d:f1:51:64:fa:fe:44:bf:
2d:a1:48:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWKVYLTePwQhIQkVsHV7UsBjiMfkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwMDZaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MTllMjQ5YTNkMWQxNjQzYzUxM2I1NmFkZmQ1M2Y3MTgyNTE5ZjVhZjhj
ODI4YTljNTI4M2I5ZjRiYjBjY2MxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3nwSKujfjwdRBOOJ696HgfYvV/UrWOHIfmRBWWoY+8/aJ1zYn1bVJeC4V+
RofwWhLkbBkNI6HO0WMSWlA/0gLTcu97TqCIS3o70wh3xsXoAuTWL5IxezfAKtwE
xAK2wkONObbKcHfFvEFoN1bQz6EaRsBvfmvmdN3fKuwKOnl05vhBcOD4OY2eifH9
pUlioSvD5/5KTQof5SUWS4GzWifWU5jhERMzq4ICGxbvHRiPmsmnEMWu1k6Kdt5w
tRL+KhMg25Lh3n3oNlZx3PH+8OusggkcXG+NWnodmxrNV4v1SPy4LRQI2s3et6kw
CCLKIM+JLnKSy4oVvDqOuVIXUWkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQUgeJM
TTCLShqqOuplA23UWTwP2jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzM2ZjgzOTAtMjQxZC00YjZmLTk4MjItOTEyMzJkYzU1M2YzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8do
MA0GCSqGSIb3DQEBCwUAA4IBAQBgSoZJiiAbEcClOi2GkgTYZq88Vv6Hzue2kyic
u8B1gF9ICcU8+mwbIpK2n0/t5/jNnAdV4OvPKSGnAzNTCXBep+5123N2DrpxEd5M
Ap+MxE3PBZy3BhjyHnqwgVDJQYvHTQd7Mgi5tIx9+IA7JiNeh9am+4Rb7APqZDOl
c9/E6zWFYZfif89m/LQkLW9MDv5mViCSBOxvkv0kGW/3PoUcEUtzddlAHyVomcuy
fpHzqqiQKyVo+eQnxC3zrB8lPH4xfmYY37yehaExKpVJgVj93fC1Q990qFjgoQ/P
vE4dnIWBb2Wnlf78lirMAgeInhF1y3ljXfFRZPr+RL8toUgD
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:31:32 2025 by rpki-client