Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
File: 640762f4-b911-441a-995b-675a2c1eb24d.roa (raw, json)
Hash identifier: WQXOt0LEjr5MCxCezFLTh+bHK1rAJrnu0TqPoiPXN4g=
Subject key identifier: 8B:45:DB:6D:1B:AB:99:A5:20:B1:81:E9:70:3E:2B:4E:F4:81:68:33
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 47C470358DE65770FD9C711C3939F14B2B6D4794
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
Signing time: Sat 09 Aug 2025 00:20:45 +0000
ROA not before: Sat 09 Aug 2025 00:20:45 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:c4:70:35:8d:e6:57:70:fd:9c:71:1c:39:39:f1:4b:2b:6d:47:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:45 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=3058da9675b64879a52565742a1cde2d90ddc940dce68d1ca69a53cfc94837ee, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9d:a1:66:9a:80:07:8b:3a:e9:f8:a0:fa:e3:
1d:d0:2b:51:31:91:a5:1c:48:36:6f:6f:16:07:93:
fd:71:66:24:8d:c3:e9:b9:f4:96:e2:7b:a6:2f:43:
82:11:38:a2:ce:2f:d6:8d:b8:86:7b:af:b7:6e:98:
50:e0:c0:29:8b:6f:bf:4d:93:ed:12:8f:57:5b:2d:
a8:36:61:5d:ec:75:35:a8:6a:ff:59:7d:57:bf:ad:
a6:46:3f:f5:7a:18:d9:86:7c:51:d3:b0:6c:93:e5:
a6:de:3b:da:ec:f3:9b:c2:a3:c1:47:a4:d9:f7:cf:
97:4d:fd:78:27:aa:07:4d:ff:5e:cc:8b:8b:71:c2:
1b:1f:c8:6c:4c:57:26:61:1b:e5:10:b8:5a:a6:58:
cc:65:e1:d4:47:af:b4:1e:54:2f:2a:30:b5:9c:2e:
86:12:d3:66:14:43:76:e8:ed:eb:48:5a:8e:15:f8:
c6:4c:df:b5:4a:8d:59:db:95:29:d8:8d:2c:c8:08:
a7:ce:27:31:c3:2c:6b:29:43:b6:21:45:eb:db:26:
54:4f:90:e8:32:94:f9:4c:c5:2b:f6:18:9a:17:65:
17:93:1b:a0:3e:d4:da:dd:75:6e:85:f4:bf:f7:49:
19:c6:c0:06:3c:f3:f3:9e:39:94:fb:fa:7c:e7:a9:
e4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:45:DB:6D:1B:AB:99:A5:20:B1:81:E9:70:3E:2B:4E:F4:81:68:33
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2000::/36
Signature Algorithm: sha256WithRSAEncryption
1f:a4:a7:de:a9:3b:59:38:6e:b6:f3:8a:79:8e:9c:d8:b2:43:
db:e3:31:22:7f:7a:28:e4:8a:78:69:d0:3d:f6:d1:a8:80:85:
47:03:95:4a:72:c8:77:8d:88:bb:8a:53:14:38:eb:8d:7a:fe:
c5:63:d6:63:04:ca:d1:f9:7d:f1:e1:b1:c7:12:6e:cc:1b:fa:
5f:0d:c2:6d:4c:08:d8:16:fc:d1:ba:fc:5f:27:a0:5e:bd:d9:
58:4e:dc:df:bf:a0:0d:f5:ef:64:b5:7c:e3:20:94:fc:7b:46:
0c:b9:5e:a4:c2:51:18:69:9e:c9:da:69:4d:ec:5d:13:bc:74:
e9:7e:cf:32:af:bd:1a:77:4b:be:e8:ac:ab:ae:ab:5e:52:db:
ce:8b:52:de:18:22:e3:f5:d2:13:04:7f:7c:01:05:86:c1:5c:
c0:b4:d0:0a:98:92:b6:dd:da:95:e8:5f:7d:1e:49:81:50:8b:
49:2a:14:6c:87:50:ba:a6:51:c1:ba:c8:3b:4d:c0:86:3f:05:
7b:9f:52:12:ad:5b:2c:49:0f:80:f1:1c:50:3d:ea:e9:a6:ff:
03:7e:1c:d2:0c:da:41:fa:c4:58:2c:4f:c1:56:72:83:74:4c:
cf:24:3e:2f:de:d1:87:22:fe:8d:94:84:68:2c:3a:9c:7c:a2:
7c:86:bc:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR8RwNY3mV3D9nHEcOTnxSyttR5QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwNDVaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwNThkYTk2NzViNjQ4NzlhNTI1NjU3NDJhMWNkZTJkOTBkZGM5NDBkY2U2
OGQxY2E2OWE1M2NmYzk0ODM3ZWUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJydoWaagAeLOun4oPrjHdArUTGRpRxINm9vFgeT/XFmJI3D6bn0luJ7pi9D
ghE4os4v1o24hnuvt26YUODAKYtvv02T7RKPV1stqDZhXex1Nahq/1l9V7+tpkY/
9XoY2YZ8UdOwbJPlpt472uzzm8KjwUek2ffPl039eCeqB03/XsyLi3HCGx/IbExX
JmEb5RC4WqZYzGXh1EevtB5ULyowtZwuhhLTZhRDdujt60hajhX4xkzftUqNWduV
KdiNLMgIp84nMcMsaylDtiFF69smVE+Q6DKU+UzFK/YYmhdlF5MboD7U2t11boX0
v/dJGcbABjzz8545lPv6fOep5EUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSLRdtt
G6uZpSCxgelwPitO9IFoMzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NjQwNzYyZjQtYjkxMS00NDFhLTk5NWItNjc1YTJjMWViMjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cg
MA0GCSqGSIb3DQEBCwUAA4IBAQAfpKfeqTtZOG6284p5jpzYskPb4zEif3oo5Ip4
adA99tGogIVHA5VKcsh3jYi7ilMUOOuNev7FY9ZjBMrR+X3x4bHHEm7MG/pfDcJt
TAjYFvzRuvxfJ6BevdlYTtzfv6AN9e9ktXzjIJT8e0YMuV6kwlEYaZ7J2mlN7F0T
vHTpfs8yr70ad0u+6KyrrqteUtvOi1LeGCLj9dITBH98AQWGwVzAtNAKmJK23dqV
6F99HkmBUItJKhRsh1C6plHBusg7TcCGPwV7n1ISrVssSQ+A8RxQPerppv8DfhzS
DNpB+sRYLE/BVnKDdEzPJD4v3tGHIv6NlIRoLDqcfKJ8hryZ
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:10:57 2025 by rpki-client