Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/b128bc8d-b462-4700-9503-592938317487.roa
File: b128bc8d-b462-4700-9503-592938317487.roa (raw, json)
Hash identifier: aUt13tenbU1oHSDcePCUy9lmn+qvUsg1iMU7KWukH9Y=
Subject key identifier: 68:5E:EC:27:D3:ED:BE:06:BD:CD:8A:A0:80:61:6B:07:D8:A2:F4:4C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7DE93EDDF4F207B190935E7DA5B7C7CE48EB0D7D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/b128bc8d-b462-4700-9503-592938317487.roa
Signing time: Sat 09 Aug 2025 00:20:40 +0000
ROA not before: Sat 09 Aug 2025 00:20:40 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:e9:3e:dd:f4:f2:07:b1:90:93:5e:7d:a5:b7:c7:ce:48:eb:0d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:40 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=6568a958ea1ae824e5cc841f5bf97a6f5f159c294e2926092c59a4b6b63f81aa, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3e:78:6b:9b:da:40:d2:4c:93:48:2c:e5:27:
b6:d0:90:11:fe:2f:09:9e:e8:2d:fc:54:47:e3:af:
a6:18:e1:ca:7e:14:79:0f:77:66:c6:ac:de:95:46:
33:57:dc:9e:98:18:85:86:24:49:e2:3f:45:7e:fb:
cb:ad:f7:34:fc:a9:20:b0:76:70:16:dc:cf:a3:f8:
5b:68:76:75:bc:87:b3:6f:8a:fd:ac:e1:0c:aa:aa:
f8:91:ba:d5:20:26:1a:58:d1:3c:c1:92:2f:e4:42:
47:03:e2:de:81:31:28:5d:23:a9:20:f6:70:75:12:
97:5b:69:46:43:3a:e3:33:2a:5f:7c:b0:a4:06:27:
7f:d1:3e:3d:5d:ef:64:d3:50:03:19:db:70:b9:5a:
0e:4a:9c:77:a0:09:08:f6:57:be:cd:ac:e6:08:24:
ed:bd:31:44:ae:63:d3:02:83:cd:31:3d:59:b1:9d:
84:0f:49:bc:82:43:92:1d:dc:41:cb:26:98:9f:b9:
23:bb:10:2c:9b:df:14:6e:83:21:2a:88:32:8b:b9:
37:8e:81:53:b9:78:d0:3f:c5:35:74:2c:e2:6e:5f:
c4:42:48:70:23:83:66:22:33:64:fc:46:18:dd:d8:
43:19:88:f7:20:79:3f:95:15:86:58:46:3e:73:ac:
e6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5E:EC:27:D3:ED:BE:06:BD:CD:8A:A0:80:61:6B:07:D8:A2:F4:4C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/b128bc8d-b462-4700-9503-592938317487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:880::/48
Signature Algorithm: sha256WithRSAEncryption
46:b9:38:7a:97:94:89:8c:54:34:74:46:61:bb:e9:1e:61:60:
e3:29:46:5e:f2:46:ac:fe:a0:ce:2e:cc:4d:ea:3c:3f:76:40:
64:bd:63:4e:e6:15:09:41:e7:9e:8d:ae:34:85:04:23:82:f1:
64:46:fb:f2:e7:a1:06:c3:5d:7a:ba:7f:70:08:c5:62:a9:f6:
b9:0a:b9:8d:a2:79:d4:b1:5d:ca:98:9f:29:c6:07:36:f3:8c:
ff:a5:27:cc:68:b5:a5:eb:93:56:b3:00:6b:25:c8:97:9f:72:
2e:23:1f:e0:50:6e:7f:8c:26:56:19:65:a4:8e:b4:59:8a:05:
b6:b9:f3:ea:b9:1b:d5:06:e9:d4:79:f0:4a:1b:7f:9f:bd:79:
ad:c8:cf:93:f6:2c:45:5f:67:50:0d:e9:5d:17:e3:55:f3:fd:
ba:68:a3:c3:3a:1d:28:6b:af:32:b0:e4:32:1a:8d:31:0c:f0:
76:a1:c3:e7:c9:c6:e3:cf:23:0b:8f:c6:78:43:1c:8b:4d:22:
30:81:78:7c:27:a4:84:68:70:4d:78:d2:bf:c1:bf:90:59:40:
3e:84:59:f4:e2:f3:f9:7b:bb:4b:89:19:a1:ae:3e:31:20:e8:
ae:8d:51:35:9d:d4:eb:1a:9f:ec:24:06:f9:a3:ba:b7:9f:33:
55:04:03:8b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfek+3fTyB7GQk159pbfHzkjrDX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwNDBaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1NjhhOTU4ZWExYWU4MjRlNWNjODQxZjViZjk3YTZmNWYxNTljMjk0ZTI5
MjYwOTJjNTlhNGI2YjYzZjgxYWExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0+eGub2kDSTJNILOUnttCQEf4vCZ7oLfxUR+Ovphjhyn4UeQ93Zsas3pVG
M1fcnpgYhYYkSeI/RX77y633NPypILB2cBbcz6P4W2h2dbyHs2+K/azhDKqq+JG6
1SAmGljRPMGSL+RCRwPi3oExKF0jqSD2cHUSl1tpRkM64zMqX3ywpAYnf9E+PV3v
ZNNQAxnbcLlaDkqcd6AJCPZXvs2s5ggk7b0xRK5j0wKDzTE9WbGdhA9JvIJDkh3c
QcsmmJ+5I7sQLJvfFG6DISqIMou5N46BU7l40D/FNXQs4m5fxEJIcCODZiIzZPxG
GN3YQxmI9yB5P5UVhlhGPnOs5s8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRoXuwn
0+2+Br3NiqCAYWsH2KL0TDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YjEyOGJjOGQtYjQ2Mi00NzAwLTk1MDMtNTkyOTM4MzE3NDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
gDANBgkqhkiG9w0BAQsFAAOCAQEARrk4epeUiYxUNHRGYbvpHmFg4ylGXvJGrP6g
zi7MTeo8P3ZAZL1jTuYVCUHnno2uNIUEI4LxZEb78uehBsNderp/cAjFYqn2uQq5
jaJ51LFdypifKcYHNvOM/6UnzGi1peuTVrMAayXIl59yLiMf4FBuf4wmVhllpI60
WYoFtrnz6rkb1Qbp1HnwSht/n715rcjPk/YsRV9nUA3pXRfjVfP9umijwzodKGuv
MrDkMhqNMQzwdqHD58nG488jC4/GeEMci00iMIF4fCekhGhwTXjSv8G/kFlAPoRZ
9OLz+Xu7S4kZoa4+MSDoro1RNZ3U6xqf7CQG+aO6t58zVQQDiw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:12:55 2025 by rpki-client