Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
File: 440b3734-74c6-4eea-9712-42440de9c3b4.roa (raw, json)
Hash identifier: AXjD/alb1Zi9KftdTZylJ6XOvVUOLJhBrwpmhDKdcYg=
Subject key identifier: 19:F8:BB:D0:6C:D7:C5:B2:C2:56:69:92:AA:A2:BD:3E:83:86:44:89
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7153F37C1CA477E52635F8D25D1D861949EB65D2
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
Signing time: Sat 09 Aug 2025 00:30:08 +0000
ROA not before: Sat 09 Aug 2025 00:30:08 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:53:f3:7c:1c:a4:77:e5:26:35:f8:d2:5d:1d:86:19:49:eb:65:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:30:08 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=fc4a375393526964a9d915dc8e7ce420163c46a8293fa7da43ead39af973b38e, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:76:d9:b2:d3:f0:cf:6f:e5:fa:7d:95:bf:72:
fe:66:18:27:4c:48:2d:c9:1a:77:10:77:0e:96:98:
d7:a0:b9:53:18:05:69:68:71:4a:ac:b5:72:a7:1d:
3e:5c:9a:e0:8c:87:48:59:be:1e:41:9d:db:9f:b7:
b9:3a:7e:18:c8:7f:56:41:54:5e:84:8d:bf:89:33:
34:76:04:e8:92:e2:ad:da:71:ae:07:0b:35:d8:f9:
cf:58:11:b3:a2:99:5c:dc:66:34:cf:ec:74:24:2f:
a7:01:ab:ad:fd:3b:9d:8a:9a:b2:b3:66:d7:d8:f5:
76:f0:5e:58:05:a7:cc:14:3f:28:5f:4c:4f:13:3a:
5e:89:e1:55:e4:ff:84:82:3d:7f:c7:04:b2:00:f7:
a7:b6:9c:09:db:77:7a:21:8c:9c:7d:3a:59:b6:dc:
0f:f7:8c:cd:0f:f1:03:dd:7a:bc:55:bf:09:12:b3:
d4:9b:4d:29:b6:62:93:c2:28:62:46:ab:71:3f:eb:
78:d1:44:23:95:58:f4:68:e3:45:2b:24:eb:84:c0:
10:f5:41:db:8d:ed:08:94:f9:0c:06:a2:05:55:36:
64:ea:ca:a5:eb:ab:3b:8b:38:90:9f:23:56:50:2c:
e3:ed:9a:11:f0:75:77:92:3f:ce:27:35:44:1a:65:
18:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:F8:BB:D0:6C:D7:C5:B2:C2:56:69:92:AA:A2:BD:3E:83:86:44:89
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7::/36
Signature Algorithm: sha256WithRSAEncryption
93:b4:65:8b:c8:e8:4e:2a:c1:89:aa:e7:4c:28:a2:fc:5e:af:
58:81:29:43:77:3c:32:b9:df:2f:31:68:23:64:b8:0a:24:eb:
44:b5:63:f6:b0:97:a3:74:b7:14:91:49:af:27:10:c7:4f:a4:
41:22:a1:60:e8:47:12:1b:df:3a:09:ff:35:58:c3:0c:d1:99:
d1:67:e0:1c:6d:10:a9:32:99:09:ec:ad:22:c8:11:f6:fc:13:
56:48:ef:f4:e8:a1:db:98:05:82:e9:00:3c:75:46:2a:b7:0f:
6a:70:20:80:ba:38:12:1c:ba:a6:e2:45:3b:df:fe:80:27:9b:
f8:59:9b:0b:16:f9:f2:c5:37:08:ac:f1:59:02:42:c3:40:b7:
63:26:81:e6:e6:0f:bd:6c:1d:03:f9:ba:66:7e:cf:6f:28:27:
e3:00:31:ea:1f:78:50:7b:1d:14:b5:b4:e0:25:33:85:f4:9c:
c1:01:ce:85:8a:a3:a5:c0:96:9a:6a:e4:8d:30:2a:2e:5d:c7:
15:c5:33:42:63:20:b3:67:8a:ac:4e:fc:10:dc:b9:07:8c:bc:
79:13:94:39:da:78:27:65:6e:4c:eb:ea:35:76:59:1e:e4:d6:
be:9d:79:b1:71:88:de:00:e9:bb:64:09:56:41:16:f1:67:19:
40:6e:cd:f1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcVPzfBykd+UmNfjSXR2GGUnrZdIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDMwMDhaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjNGEzNzUzOTM1MjY5NjRhOWQ5MTVkYzhlN2NlNDIwMTYzYzQ2YTgyOTNm
YTdkYTQzZWFkMzlhZjk3M2IzOGUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKV22bLT8M9v5fp9lb9y/mYYJ0xILckadxB3DpaY16C5UxgFaWhxSqy1cqcd
Plya4IyHSFm+HkGd25+3uTp+GMh/VkFUXoSNv4kzNHYE6JLirdpxrgcLNdj5z1gR
s6KZXNxmNM/sdCQvpwGrrf07nYqasrNm19j1dvBeWAWnzBQ/KF9MTxM6XonhVeT/
hII9f8cEsgD3p7acCdt3eiGMnH06WbbcD/eMzQ/xA916vFW/CRKz1JtNKbZik8Io
YkarcT/reNFEI5VY9GjjRSsk64TAEPVB243tCJT5DAaiBVU2ZOrKpeurO4s4kJ8j
VlAs4+2aEfB1d5I/zic1RBplGPECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZ+LvQ
bNfFssJWaZKqor0+g4ZEiTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDQwYjM3MzQtNzRjNi00ZWVhLTk3MTItNDI0NDBkZTljM2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cA
MA0GCSqGSIb3DQEBCwUAA4IBAQCTtGWLyOhOKsGJqudMKKL8Xq9YgSlDdzwyud8v
MWgjZLgKJOtEtWP2sJejdLcUkUmvJxDHT6RBIqFg6EcSG986Cf81WMMM0ZnRZ+Ac
bRCpMpkJ7K0iyBH2/BNWSO/06KHbmAWC6QA8dUYqtw9qcCCAujgSHLqm4kU73/6A
J5v4WZsLFvnyxTcIrPFZAkLDQLdjJoHm5g+9bB0D+bpmfs9vKCfjADHqH3hQex0U
tbTgJTOF9JzBAc6FiqOlwJaaauSNMCouXccVxTNCYyCzZ4qsTvwQ3LkHjLx5E5Q5
2ngnZW5M6+o1dlke5Na+nXmxcYjeAOm7ZAlWQRbxZxlAbs3x
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:09:54 2025 by rpki-client