Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
File: 654f1481-ba50-463b-9997-0d385dd9b0a3.roa (raw, json)
Hash identifier: KvsvELb2zB5RX2OVbNxgNoiZr4ZKQDkqaUhCWwrCb7M=
Subject key identifier: 24:B9:96:D4:1C:D8:87:1B:CE:C5:57:16:C0:9C:50:E5:DC:EF:26:DD
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7112E06927C8C0FA7F4A059068486E7ECB623FC8
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
Signing time: Sat 09 Aug 2025 00:20:40 +0000
ROA not before: Sat 09 Aug 2025 00:20:40 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:12:e0:69:27:c8:c0:fa:7f:4a:05:90:68:48:6e:7e:cb:62:3f:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:40 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=d5c336383e467c70e623c8fb4cf233ca59365670459675e1ffe5f9483169c733, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:41:bc:84:84:23:be:5b:d8:4c:04:02:93:10:
14:99:0a:7f:1f:75:77:00:d1:d4:18:57:c0:e6:83:
a6:24:bd:82:46:10:6d:16:7a:66:3a:9f:d9:53:f5:
4a:ee:67:33:83:bd:cf:40:05:ce:f8:64:ab:a8:25:
bd:b7:cd:09:ae:e6:5f:8f:d6:40:75:db:42:e0:c4:
b8:36:84:09:e0:16:aa:a9:1e:98:d2:a4:dc:e3:14:
07:ba:37:1b:be:68:9b:fa:ae:e0:63:47:fc:9e:b1:
8c:dd:b3:64:76:a3:e9:bb:7b:14:cd:15:90:bd:45:
d3:4b:37:ef:76:f1:dc:16:94:48:8c:32:76:f0:18:
99:93:42:66:c3:95:3c:31:78:d8:95:89:8c:f5:e7:
b2:8c:dd:9c:9f:c4:db:aa:9d:a9:f7:95:88:e3:29:
b0:65:39:2c:46:2b:05:72:b9:94:a1:82:94:f5:ed:
cc:2e:4f:dd:6b:6f:1a:05:df:9e:85:fe:bf:59:a7:
fd:50:d6:de:e1:9d:a5:8c:ed:66:f8:5f:cf:0a:67:
6c:67:75:7e:40:d0:ec:a1:30:92:5d:7c:1f:d8:a7:
8d:68:0a:43:7f:65:f3:cd:0d:23:76:9d:fc:27:c1:
7c:98:59:5b:42:af:6e:6d:e0:1d:32:6d:a3:d1:da:
1b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B9:96:D4:1C:D8:87:1B:CE:C5:57:16:C0:9C:50:E5:DC:EF:26:DD
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:800::/40
Signature Algorithm: sha256WithRSAEncryption
57:c3:57:97:c2:cc:83:f5:63:cb:a8:0a:92:56:fe:dd:9c:a0:
a4:c1:9a:02:1f:6a:d1:f1:eb:f4:91:f3:22:c0:28:47:fe:83:
84:25:50:d2:a4:c8:66:4c:8f:22:9e:91:7b:ab:ca:72:3d:c3:
bf:c5:d7:13:54:99:7e:3a:7c:a7:72:e3:9a:6b:25:bf:4c:ad:
a0:d7:76:7b:97:05:8a:3b:f0:e2:0f:85:b0:33:b2:a5:a4:b4:
59:ff:f1:d3:55:51:12:bc:a4:62:81:29:ea:1c:62:85:77:ef:
76:f6:2c:4c:f5:26:24:a5:1b:fc:1b:33:c1:ed:66:eb:7b:66:
d8:00:35:91:32:8b:24:f4:20:7c:af:09:5a:a7:97:84:6c:f5:
46:52:e3:00:12:38:41:2a:3a:77:7d:54:65:7a:54:e7:69:98:
3e:6c:b9:b3:27:65:0f:c9:44:ce:e8:db:24:4a:03:51:cb:88:
8e:57:ed:7a:e2:48:d3:17:17:34:58:e7:19:a7:3e:45:75:d2:
c6:42:98:c4:b7:52:1e:50:81:45:52:30:0f:49:ae:fb:6e:aa:
98:b1:9f:e1:e6:79:bd:c2:c9:dc:4f:5e:1b:28:8c:fc:39:d2:
19:dc:44:72:af:3c:83:56:ca:26:86:61:f5:52:43:64:d5:f8:
e9:e4:c1:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcRLgaSfIwPp/SgWQaEhufstiP8gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwNDBaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1YzMzNjM4M2U0NjdjNzBlNjIzYzhmYjRjZjIzM2NhNTkzNjU2NzA0NTk2
NzVlMWZmZTVmOTQ4MzE2OWM3MzMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9BvISEI75b2EwEApMQFJkKfx91dwDR1BhXwOaDpiS9gkYQbRZ6Zjqf2VP1
Su5nM4O9z0AFzvhkq6glvbfNCa7mX4/WQHXbQuDEuDaECeAWqqkemNKk3OMUB7o3
G75om/qu4GNH/J6xjN2zZHaj6bt7FM0VkL1F00s373bx3BaUSIwydvAYmZNCZsOV
PDF42JWJjPXnsozdnJ/E26qdqfeViOMpsGU5LEYrBXK5lKGClPXtzC5P3WtvGgXf
noX+v1mn/VDW3uGdpYztZvhfzwpnbGd1fkDQ7KEwkl18H9injWgKQ39l880NI3ad
/CfBfJhZW0Kvbm3gHTJto9HaG4sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQkuZbU
HNiHG87FVxbAnFDl3O8m3TAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NjU0ZjE0ODEtYmE1MC00NjNiLTk5OTctMGQzODVkZDliMGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8AI
MA0GCSqGSIb3DQEBCwUAA4IBAQBXw1eXwsyD9WPLqAqSVv7dnKCkwZoCH2rR8ev0
kfMiwChH/oOEJVDSpMhmTI8inpF7q8pyPcO/xdcTVJl+OnyncuOaayW/TK2g13Z7
lwWKO/DiD4WwM7KlpLRZ//HTVVESvKRigSnqHGKFd+929ixM9SYkpRv8GzPB7Wbr
e2bYADWRMosk9CB8rwlap5eEbPVGUuMAEjhBKjp3fVRlelTnaZg+bLmzJ2UPyUTO
6NskSgNRy4iOV+164kjTFxc0WOcZpz5FddLGQpjEt1IeUIFFUjAPSa77bqqYsZ/h
5nm9wsncT14bKIz8OdIZ3ERyrzyDVsomhmH1UkNk1fjp5MEf
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:07:43 2025 by rpki-client