Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
File: 5f7a981a-824d-48e6-969a-7779a7b7a199.roa (raw, json)
Hash identifier: RvJK4L5UmQjYx0iYtqIIh4CjAjbQCJGnU02adaejfwo=
Subject key identifier: 77:D0:E8:27:65:54:AE:7F:A1:0D:BE:E7:F2:43:29:B7:2D:E0:13:F6
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 220DBB65A8D7E5F54B878C3998F5320B556E5D8C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
Signing time: Sat 09 Aug 2025 00:21:15 +0000
ROA not before: Sat 09 Aug 2025 00:21:15 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:8000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:0d:bb:65:a8:d7:e5:f5:4b:87:8c:39:98:f5:32:0b:55:6e:5d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:15 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=a3d319346e2b9bcab4a18692c976bc392e3acc9f4e50d32e78ac53007f239aa0, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1b:62:86:4f:65:45:87:bf:b2:49:c6:1a:88:
52:b4:c7:a7:73:5f:f5:69:ba:f2:1b:e6:07:8c:70:
92:48:0e:f5:39:b2:59:ec:9f:84:39:c4:c5:17:c2:
9a:cd:94:1e:7b:44:bd:f9:15:ec:22:6c:68:74:de:
ff:85:e4:4d:6c:a9:c5:10:23:54:ff:70:3c:14:c5:
f7:39:91:ff:d0:7c:3c:6d:8a:6c:b4:2b:68:04:0b:
84:60:b6:6e:c0:fa:32:fd:a2:51:e6:ce:85:bd:e7:
83:eb:c6:41:e8:68:e2:7d:5c:c9:19:13:7d:22:ae:
57:4f:0e:53:fd:bd:7d:69:36:5e:fc:cf:d4:81:a5:
21:de:78:6a:69:2d:cc:15:c0:23:44:28:ea:40:eb:
5d:b4:d4:53:fa:0d:68:e9:c5:54:38:e9:8d:a2:fa:
c5:a7:31:47:56:53:c5:75:e4:1c:78:dd:8f:59:75:
13:bc:66:7b:8e:6d:f4:56:4b:36:1a:21:05:0c:3a:
3b:e0:ee:31:37:86:cd:e9:ed:a2:50:f3:96:39:27:
47:80:7d:86:e7:36:6e:4f:2b:45:d1:d5:17:1d:9d:
38:6e:5a:dc:b8:bc:1a:45:52:15:7d:c4:45:ce:9f:
cc:74:e4:2b:60:c0:50:b5:e9:2a:a3:4c:43:82:c6:
11:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D0:E8:27:65:54:AE:7F:A1:0D:BE:E7:F2:43:29:B7:2D:E0:13:F6
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:8000::/36
Signature Algorithm: sha256WithRSAEncryption
4a:ee:80:c5:e1:2f:ee:1d:e4:5a:59:f5:63:92:41:bd:50:35:
f7:31:e9:5b:11:46:f3:d2:f6:84:b0:eb:3b:09:95:66:63:e9:
b8:53:79:0f:c3:0f:43:82:4b:5b:e8:1f:c3:1a:6b:a9:3f:77:
12:23:45:61:f0:21:f8:b0:4b:f6:64:2d:51:ff:49:12:0a:fd:
25:48:a9:bc:cd:eb:9d:5d:66:1e:02:0f:b6:fa:be:3f:52:b0:
a3:5c:69:40:b3:d5:94:08:3e:bd:8b:84:d3:3b:38:68:2c:ed:
c6:09:75:49:31:39:4f:41:1d:a2:6d:b1:27:70:87:41:90:26:
75:42:6a:7a:02:a1:b4:2e:f5:e9:48:9c:ad:6a:a2:c6:29:8c:
fa:7a:2c:5a:37:9b:39:5b:f3:28:68:8d:e9:90:82:61:ff:aa:
fa:d6:fb:36:d5:73:ff:a0:b1:25:2f:59:8d:55:49:7a:db:57:
d5:b9:5c:cf:47:56:0b:4b:1b:0b:95:72:21:6c:39:8e:00:9a:
93:d3:99:a4:32:49:03:e1:b9:14:a0:9a:af:08:5e:d0:c2:4b:
a8:5c:bc:9e:b6:ad:c0:56:67:49:0e:53:77:5d:5e:29:3a:1f:
6d:d1:7a:09:58:9c:c9:da:0f:73:d5:84:37:0b:0a:22:78:4e:
5b:f0:70:6a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIg27ZajX5fVLh4w5mPUyC1VuXYwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMTVaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzZDMxOTM0NmUyYjliY2FiNGExODY5MmM5NzZiYzM5MmUzYWNjOWY0ZTUw
ZDMyZTc4YWM1MzAwN2YyMzlhYTAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUbYoZPZUWHv7JJxhqIUrTHp3Nf9Wm68hvmB4xwkkgO9TmyWeyfhDnExRfC
ms2UHntEvfkV7CJsaHTe/4XkTWypxRAjVP9wPBTF9zmR/9B8PG2KbLQraAQLhGC2
bsD6Mv2iUebOhb3ng+vGQeho4n1cyRkTfSKuV08OU/29fWk2XvzP1IGlId54amkt
zBXAI0Qo6kDrXbTUU/oNaOnFVDjpjaL6xacxR1ZTxXXkHHjdj1l1E7xme45t9FZL
NhohBQw6O+DuMTeGzentolDzljknR4B9huc2bk8rRdHVFx2dOG5a3Li8GkVSFX3E
Rc6fzHTkK2DAULXpKqNMQ4LGERsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR30Ogn
ZVSuf6ENvufyQym3LeAT9jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY3YTk4MWEtODI0ZC00OGU2LTk2OWEtNzc3OWE3YjdhMTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eA
MA0GCSqGSIb3DQEBCwUAA4IBAQBK7oDF4S/uHeRaWfVjkkG9UDX3MelbEUbz0vaE
sOs7CZVmY+m4U3kPww9Dgktb6B/DGmupP3cSI0Vh8CH4sEv2ZC1R/0kSCv0lSKm8
zeudXWYeAg+2+r4/UrCjXGlAs9WUCD69i4TTOzhoLO3GCXVJMTlPQR2ibbEncIdB
kCZ1Qmp6AqG0LvXpSJytaqLGKYz6eixaN5s5W/MoaI3pkIJh/6r61vs21XP/oLEl
L1mNVUl621fVuVzPR1YLSxsLlXIhbDmOAJqT05mkMkkD4bkUoJqvCF7QwkuoXLye
tq3AVmdJDlN3XV4pOh9t0XoJWJzJ2g9z1YQ3CwoieE5b8HBq
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:44:56 2025 by rpki-client