Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
File: 9195a704-de86-4692-95c9-30d458a106d5.roa (raw, json)
Hash identifier: wqj8FRlOc0i7ZFgySl54B0/L8Y5/hHiYxNIAiAheZPA=
Subject key identifier: 10:80:42:98:6D:B8:09:C4:F6:5A:EE:03:D7:6E:97:0F:30:A7:DD:3C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2CFCD03F7418C9CB7FC1BA4E130E21DB40A1A611
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
Signing time: Sat 09 Aug 2025 00:21:12 +0000
ROA not before: Sat 09 Aug 2025 00:21:12 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:fc:d0:3f:74:18:c9:cb:7f:c1:ba:4e:13:0e:21:db:40:a1:a6:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:12 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=f798e0b684830e4d48ccee6118cf77f859b67356233b6d0c36dd724c7d41b255, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d7:79:a8:76:66:98:56:83:3e:63:2e:71:9c:
3d:49:66:c1:a2:e7:ee:88:ef:81:60:e0:f9:d4:d1:
0d:2b:c4:00:1c:76:9e:dc:03:1d:ff:24:46:50:fb:
ef:70:0d:ef:12:3b:40:aa:03:90:bc:0e:9c:93:1d:
fd:bc:ac:63:c3:fe:76:0e:ad:92:ea:69:ef:bb:e3:
84:d4:8a:77:f1:bb:f0:da:5f:ec:90:40:60:74:54:
a5:74:9c:1f:4f:dd:c9:4a:85:62:89:fa:50:72:49:
96:fe:94:bf:19:86:db:b9:08:3d:0e:2d:29:0a:12:
d9:00:21:25:6a:d7:66:e8:fc:03:ba:c4:bb:0d:9b:
06:df:ec:b2:8c:32:b4:cf:5f:a2:de:59:2a:6a:2e:
c4:5d:26:8c:4d:9c:59:23:a0:94:b0:1d:fb:a6:69:
cf:e2:ad:db:b9:56:d5:3b:74:95:ba:50:eb:29:b4:
7f:48:62:3d:a5:92:fe:2a:b8:8e:8a:db:fb:a8:ab:
50:d9:35:63:38:5a:67:09:91:2e:13:31:d5:ff:86:
77:5d:e0:d4:dd:20:b0:15:8e:c2:9f:1b:8b:4d:d9:
c8:c6:1c:99:c8:99:6f:ad:f0:e0:20:62:60:e6:3a:
5b:81:e9:ea:d4:92:0c:e6:24:4b:8c:a0:5b:03:f5:
24:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:80:42:98:6D:B8:09:C4:F6:5A:EE:03:D7:6E:97:0F:30:A7:DD:3C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/36
Signature Algorithm: sha256WithRSAEncryption
0c:af:19:fd:2c:17:09:03:56:32:7d:5b:40:53:66:23:25:19:
07:36:e7:8f:b2:82:6f:24:d9:3f:0e:ca:9c:d5:ab:20:5c:55:
59:be:84:79:9d:eb:8d:58:b9:be:c9:a2:48:25:33:8f:0b:6f:
85:89:84:d6:6e:30:b9:b3:eb:e3:b2:31:12:42:5d:51:8e:d8:
24:95:8a:8c:a8:d0:d8:54:d3:3f:a8:e3:86:0c:a7:1d:c9:d5:
51:c4:fe:bf:8a:65:82:c6:2d:c7:03:c7:42:2d:a0:fd:1a:66:
b5:04:91:cf:5e:de:f7:31:a4:6a:6c:2d:60:47:6a:98:6e:aa:
b0:f5:d3:f9:87:07:e6:99:5c:3c:36:69:84:66:f8:33:ca:f2:
92:e1:94:58:02:df:3e:00:8e:ac:d2:2e:ed:7c:de:f0:54:78:
d6:31:72:c2:10:ff:29:55:82:6d:9d:36:95:e9:fa:51:0e:d9:
71:22:b2:88:ca:fd:ab:60:e6:06:09:8b:98:0d:8a:65:86:97:
9b:1f:d1:b2:86:c4:73:aa:25:44:eb:4a:b1:16:4c:20:9a:64:
b0:f1:bd:96:e1:a2:f6:f4:7e:2a:23:c0:54:f5:b0:45:c3:d8:
1d:b7:78:35:82:56:07:b2:eb:14:17:59:8c:ac:0d:94:60:eb:
85:6c:d2:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULPzQP3QYyct/wbpOEw4h20ChphEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMTJaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3OThlMGI2ODQ4MzBlNGQ0OGNjZWU2MTE4Y2Y3N2Y4NTliNjczNTYyMzNi
NmQwYzM2ZGQ3MjRjN2Q0MWIyNTUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzXeah2ZphWgz5jLnGcPUlmwaLn7ojvgWDg+dTRDSvEABx2ntwDHf8kRlD7
73AN7xI7QKoDkLwOnJMd/bysY8P+dg6tkupp77vjhNSKd/G78Npf7JBAYHRUpXSc
H0/dyUqFYon6UHJJlv6UvxmG27kIPQ4tKQoS2QAhJWrXZuj8A7rEuw2bBt/ssowy
tM9fot5ZKmouxF0mjE2cWSOglLAd+6Zpz+Kt27lW1Tt0lbpQ6ym0f0hiPaWS/iq4
jorb+6irUNk1YzhaZwmRLhMx1f+Gd13g1N0gsBWOwp8bi03ZyMYcmciZb63w4CBi
YOY6W4Hp6tSSDOYkS4ygWwP1JGECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQgEKY
bbgJxPZa7gPXbpcPMKfdPDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
OTE5NWE3MDQtZGU4Ni00NjkyLTk1YzktMzBkNDU4YTEwNmQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQAMrxn9LBcJA1YyfVtAU2YjJRkHNuePsoJvJNk/
Dsqc1asgXFVZvoR5neuNWLm+yaJIJTOPC2+FiYTWbjC5s+vjsjESQl1RjtgklYqM
qNDYVNM/qOOGDKcdydVRxP6/imWCxi3HA8dCLaD9Gma1BJHPXt73MaRqbC1gR2qY
bqqw9dP5hwfmmVw8NmmEZvgzyvKS4ZRYAt8+AI6s0i7tfN7wVHjWMXLCEP8pVYJt
nTaV6fpRDtlxIrKIyv2rYOYGCYuYDYplhpebH9GyhsRzqiVE60qxFkwgmmSw8b2W
4aL29H4qI8BU9bBFw9gdt3g1glYHsusUF1mMrA2UYOuFbNLi
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:18:59 2025 by rpki-client