Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
File: e1d00d70-da0c-4922-8124-95401dba4efc.roa (raw, json)
Hash identifier: fgQtk8iDgujXuztnh562ri54BTlo/OuvTdIlQHDcD7c=
Subject key identifier: DA:75:FD:CA:52:69:D5:35:6A:35:C9:4B:BB:CF:7A:41:DC:8E:1E:FB
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 31FEA649997C912C9026D76A6F3C3DD879B6B956
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
Signing time: Sat 09 Aug 2025 00:20:47 +0000
ROA not before: Sat 09 Aug 2025 00:20:47 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:fe:a6:49:99:7c:91:2c:90:26:d7:6a:6f:3c:3d:d8:79:b6:b9:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:47 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=f0f596499a72f593571b28e8b15f8de4e5e64b637e93a610461ccae6c82d8dfe, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e9:b9:f9:04:bf:8e:8c:9d:89:3f:5d:47:8c:
ee:92:77:3d:43:a3:ed:aa:a7:57:56:0d:df:16:14:
ef:ce:8e:cc:b2:c2:17:65:59:cc:d3:17:72:d1:57:
47:49:64:13:ff:e0:e6:18:b5:cf:0f:92:76:cd:dd:
c9:f1:54:27:58:58:1e:52:19:e5:15:fc:17:a1:d4:
af:04:a9:b7:16:d8:2a:1b:b4:35:98:73:a0:0d:12:
22:36:24:2d:57:a1:71:30:95:e0:a3:31:4b:15:8a:
24:17:d1:48:11:be:9b:01:fb:09:6d:c1:87:06:bc:
5b:e9:c0:bd:f9:69:d2:ec:6c:1d:80:bd:b2:f5:61:
30:26:da:f3:aa:65:4f:f5:65:08:ba:79:70:f0:c4:
81:a1:ff:8a:52:3e:d8:9b:8b:bf:b8:19:b4:3e:fe:
62:3c:57:9e:fc:76:a1:eb:90:78:cc:72:ab:4e:a0:
9e:33:be:93:cb:37:a6:7f:7e:54:f4:c7:12:6b:5e:
ac:b7:07:17:b4:fa:a4:7b:74:7f:1e:27:78:52:3a:
5e:df:aa:d0:9a:60:c4:32:8e:17:0d:fb:aa:57:aa:
7e:db:a9:a8:86:2e:80:8e:a5:89:9a:93:be:1e:3c:
3c:3c:b2:87:21:78:54:b7:85:61:ff:2d:c8:35:14:
78:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:75:FD:CA:52:69:D5:35:6A:35:C9:4B:BB:CF:7A:41:DC:8E:1E:FB
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f8c0::/48
Signature Algorithm: sha256WithRSAEncryption
02:3a:7c:e2:d9:f8:4b:8f:35:2b:8a:98:50:41:02:e8:10:0c:
68:2f:ef:54:ab:49:36:94:dd:a7:46:98:70:a8:6f:e5:cf:1d:
34:9e:03:83:b6:8d:4f:93:e1:10:c9:20:25:a1:fa:3b:50:c0:
e9:45:3f:df:87:a3:1d:a4:1b:7f:b8:98:b3:80:02:b7:52:41:
6a:82:5e:c5:79:47:a2:20:f2:ad:dd:da:d0:bd:75:d9:58:0d:
92:bc:c3:cf:f7:08:f1:b6:54:00:5a:7f:14:ff:1e:78:61:c5:
44:b6:23:d7:d7:27:95:f1:9d:ac:9c:ec:9d:b9:d5:c9:ca:61:
96:0e:dc:49:d3:8f:19:ff:a2:91:32:49:72:d4:e0:09:29:25:
1a:9e:d1:db:eb:ba:f3:9f:2d:cc:4d:61:2c:5b:e6:55:a6:80:
93:88:b5:bc:6c:ff:93:99:bf:44:07:de:ec:e2:b6:4a:e1:39:
e8:d4:d0:5b:73:3e:b6:b9:2c:43:e9:40:3e:a0:d1:01:c7:f1:
83:e0:ff:34:8b:2d:e9:db:fc:c1:17:92:d5:e1:9b:02:eb:bb:
a7:4e:c8:24:7e:4e:bd:04:bd:11:1c:7b:85:fc:09:22:de:25:
29:69:e3:1e:53:a7:5d:c7:d8:02:38:5b:45:d7:02:96:4b:ee:
77:da:51:e2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMf6mSZl8kSyQJtdqbzw92Hm2uVYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwNDdaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwZjU5NjQ5OWE3MmY1OTM1NzFiMjhlOGIxNWY4ZGU0ZTVlNjRiNjM3ZTkz
YTYxMDQ2MWNjYWU2YzgyZDhkZmUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJTpufkEv46MnYk/XUeM7pJ3PUOj7aqnV1YN3xYU786OzLLCF2VZzNMXctFX
R0lkE//g5hi1zw+Sds3dyfFUJ1hYHlIZ5RX8F6HUrwSptxbYKhu0NZhzoA0SIjYk
LVehcTCV4KMxSxWKJBfRSBG+mwH7CW3Bhwa8W+nAvflp0uxsHYC9svVhMCba86pl
T/VlCLp5cPDEgaH/ilI+2JuLv7gZtD7+YjxXnvx2oeuQeMxyq06gnjO+k8s3pn9+
VPTHEmterLcHF7T6pHt0fx4neFI6Xt+q0JpgxDKOFw37qleqftupqIYugI6liZqT
vh48PDyyhyF4VLeFYf8tyDUUeMUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTadf3K
UmnVNWo1yUu7z3pB3I4e+zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZTFkMDBkNzAtZGEwYy00OTIyLTgxMjQtOTU0MDFkYmE0ZWZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
wDANBgkqhkiG9w0BAQsFAAOCAQEAAjp84tn4S481K4qYUEEC6BAMaC/vVKtJNpTd
p0aYcKhv5c8dNJ4Dg7aNT5PhEMkgJaH6O1DA6UU/34ejHaQbf7iYs4ACt1JBaoJe
xXlHoiDyrd3a0L112VgNkrzDz/cI8bZUAFp/FP8eeGHFRLYj19cnlfGdrJzsnbnV
ycphlg7cSdOPGf+ikTJJctTgCSklGp7R2+u6858tzE1hLFvmVaaAk4i1vGz/k5m/
RAfe7OK2SuE56NTQW3M+trksQ+lAPqDRAcfxg+D/NIst6dv8wReS1eGbAuu7p07I
JH5OvQS9ERx7hfwJIt4lKWnjHlOnXcfYAjhbRdcClkvud9pR4g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:05:14 2025 by rpki-client