Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
File: afb29442-cb58-4fe7-9319-202c1646019f.roa (raw, json)
Hash identifier: 38YUwiwNyScRTQMnM9zoMRePbemGGBlgAOE0ph3lEQw=
Subject key identifier: 8E:6E:28:20:B8:DB:D1:21:54:5A:23:C2:60:4A:49:64:38:BD:ED:E0
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 46E95F040039286925A101B123FD95A4E099A402
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
Signing time: Sat 09 Aug 2025 00:20:23 +0000
ROA not before: Sat 09 Aug 2025 00:20:23 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:e9:5f:04:00:39:28:69:25:a1:01:b1:23:fd:95:a4:e0:99:a4:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:23 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=93103e5559acc6c87944889e9c76cd9af31d5528728dc9a7f02d878b8aa196d5, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:7a:43:82:a4:c7:0d:2b:4b:54:08:0b:50:6f:
a9:fe:c2:f8:fa:86:f9:f7:ef:08:ec:80:7a:15:35:
75:1c:b5:bf:ca:dd:e9:a8:70:c5:54:f5:99:2b:14:
b4:4e:7e:e9:68:8b:e3:69:f8:89:2f:48:10:35:db:
fe:32:54:35:eb:5d:d2:9f:c8:e7:cf:39:a4:5d:de:
6c:7d:18:17:b1:31:8f:f0:20:4d:37:e9:3c:33:9e:
19:6e:d8:05:1f:df:4b:c7:1e:60:ac:33:ab:bc:3b:
70:4a:a8:69:f9:6a:86:bf:88:f5:b3:18:0d:21:27:
d7:79:0e:ce:28:cb:b2:b2:0a:16:ff:1a:3c:65:da:
12:42:c9:b3:af:df:ab:22:8f:0c:80:4b:69:a9:4d:
3c:9b:a8:a0:ab:2f:93:a1:01:e6:1a:e1:52:0c:9b:
33:a2:e3:c9:5f:ec:62:d9:89:d1:c0:6d:d9:1e:3a:
be:9c:2f:35:55:1d:8b:fd:a8:73:4d:93:0c:7b:7f:
88:fd:88:85:27:95:5e:56:11:f4:e9:91:45:0b:86:
10:28:15:70:47:8a:ca:60:c0:51:84:72:db:6e:13:
87:91:d6:98:c1:d8:07:ca:82:97:b1:68:fe:9a:5c:
b2:99:98:03:d6:18:a6:f3:b8:16:7e:f3:98:25:ee:
98:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:6E:28:20:B8:DB:D1:21:54:5A:23:C2:60:4A:49:64:38:BD:ED:E0
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6::/40
Signature Algorithm: sha256WithRSAEncryption
5b:ad:48:26:b7:fa:3f:8b:8f:77:85:c8:01:1d:2c:41:f2:a2:
0b:2b:9a:1c:15:21:5f:58:44:5d:37:ad:1d:a9:78:c5:b5:63:
57:7f:91:55:79:b8:fd:56:6e:a1:ef:43:81:25:20:96:f0:71:
38:59:0b:9f:8f:e6:e1:8f:fc:78:b4:98:91:64:da:12:a6:f7:
bd:59:67:c6:41:db:56:f6:a4:6c:d1:53:06:53:80:9e:b4:ab:
a6:d7:08:6c:af:93:2f:f6:35:bf:f5:70:67:ca:c1:09:e7:ca:
ae:0b:af:4e:3c:c5:bc:73:bf:d6:4a:2f:00:a8:af:18:cd:60:
bc:b7:c2:0f:24:42:81:60:3d:6b:14:1d:32:9b:84:8a:5b:6b:
50:fc:31:51:d7:86:4b:67:c6:ee:04:d1:c3:2f:fb:ef:2a:bc:
4b:60:2c:7e:5c:65:06:3d:de:cc:01:3e:d5:09:d1:4b:9b:0b:
ff:ec:ba:46:29:c8:88:49:26:0b:0f:52:be:c5:12:5f:d3:91:
33:99:6f:cd:ca:56:6c:39:c9:34:3c:24:c7:98:10:de:f6:99:
ff:cc:6a:54:fa:9a:5b:60:74:e9:2e:75:02:86:46:f4:c2:bf:
f6:ba:56:ee:12:21:a2:ee:9c:d8:1e:7c:72:f5:e6:f4:9d:66:
b8:78:e1:e6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURulfBAA5KGkloQGxI/2VpOCZpAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwMjNaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzMTAzZTU1NTlhY2M2Yzg3OTQ0ODg5ZTljNzZjZDlhZjMxZDU1Mjg3Mjhk
YzlhN2YwMmQ4NzhiOGFhMTk2ZDUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANx6Q4Kkxw0rS1QIC1Bvqf7C+PqG+ffvCOyAehU1dRy1v8rd6ahwxVT1mSsU
tE5+6WiL42n4iS9IEDXb/jJUNetd0p/I5885pF3ebH0YF7Exj/AgTTfpPDOeGW7Y
BR/fS8ceYKwzq7w7cEqoaflqhr+I9bMYDSEn13kOzijLsrIKFv8aPGXaEkLJs6/f
qyKPDIBLaalNPJuooKsvk6EB5hrhUgybM6LjyV/sYtmJ0cBt2R46vpwvNVUdi/2o
c02TDHt/iP2IhSeVXlYR9OmRRQuGECgVcEeKymDAUYRy224Th5HWmMHYB8qCl7Fo
/ppcspmYA9YYpvO4Fn7zmCXumO8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSObigg
uNvRIVRaI8JgSklkOL3t4DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YWZiMjk0NDItY2I1OC00ZmU3LTkzMTktMjAyYzE2NDYwMTlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8YA
MA0GCSqGSIb3DQEBCwUAA4IBAQBbrUgmt/o/i493hcgBHSxB8qILK5ocFSFfWERd
N60dqXjFtWNXf5FVebj9Vm6h70OBJSCW8HE4WQufj+bhj/x4tJiRZNoSpve9WWfG
QdtW9qRs0VMGU4CetKum1whsr5Mv9jW/9XBnysEJ58quC69OPMW8c7/WSi8AqK8Y
zWC8t8IPJEKBYD1rFB0ym4SKW2tQ/DFR14ZLZ8buBNHDL/vvKrxLYCx+XGUGPd7M
AT7VCdFLmwv/7LpGKciISSYLD1K+xRJf05EzmW/NylZsOck0PCTHmBDe9pn/zGpU
+ppbYHTpLnUChkb0wr/2ulbuEiGi7pzYHnxy9eb0nWa4eOHm
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:08:09 2025 by rpki-client