Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
File: f4581009-959f-4805-904e-a85043ac559b.roa (raw, json)
Hash identifier: eeBpI8iUY0MJ/6AzyE82BOOluEQYxq46J1+RJVdkz9U=
Subject key identifier: 9E:4E:06:81:4C:00:00:EA:DD:65:E2:D4:42:0F:91:2D:02:7F:22:A5
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 50B044A318EE79973BAFAB64A08FF15E54A83440
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
Signing time: Sat 09 Aug 2025 00:20:25 +0000
ROA not before: Sat 09 Aug 2025 00:20:25 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:a800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:b0:44:a3:18:ee:79:97:3b:af:ab:64:a0:8f:f1:5e:54:a8:34:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:25 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=54814535bfaff318de58dfcd769d40b55f78268ece20f4cad0485a563afc3f53, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:65:79:17:be:b8:02:df:e6:f8:ba:6d:12:50:
01:ec:72:29:5a:96:f5:a5:94:e7:68:7b:4f:66:26:
fd:bc:e7:71:a9:6a:e7:da:9a:67:00:e7:01:bf:10:
ab:c9:0d:c0:1e:5e:a0:68:4c:73:b8:82:9b:0c:31:
85:ab:e4:78:b3:95:ee:81:89:eb:a6:6c:0a:1e:d6:
af:0d:7e:ab:93:9d:ca:41:41:3f:90:9d:3d:30:99:
bd:80:d3:fe:e3:2b:8e:ac:26:86:b6:c5:38:5f:a1:
36:25:6a:22:ee:71:f1:f2:2e:8e:16:25:7e:eb:d8:
bd:b2:af:7b:fc:c4:6d:ef:4f:5a:68:63:15:6e:14:
5b:e3:2d:1e:96:00:38:40:6e:ca:33:f5:3b:6c:05:
38:ff:f2:81:75:99:00:70:87:a0:96:87:77:9a:58:
82:9d:12:e3:32:6e:84:c7:64:1b:d6:7f:f0:f3:14:
91:02:60:9e:69:f7:b8:b6:f4:e4:66:28:2e:27:05:
d6:49:f3:aa:12:e5:c6:2c:b3:8d:46:39:ba:e1:46:
c7:f3:4d:dc:36:08:99:55:3b:5d:56:47:48:81:79:
f9:b9:f3:b9:a2:7d:15:12:8a:7b:8b:20:ff:34:b1:
bd:56:fc:33:d1:d7:8a:a7:0d:17:52:40:09:24:da:
f1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:4E:06:81:4C:00:00:EA:DD:65:E2:D4:42:0F:91:2D:02:7F:22:A5
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:a800::/40
Signature Algorithm: sha256WithRSAEncryption
44:ea:ea:f9:b1:6e:a8:9f:96:7e:4d:12:1a:89:77:5b:7e:7f:
cd:1b:02:a8:60:3e:b1:d5:f4:fe:86:39:57:38:f2:b0:41:79:
a2:0c:7d:c2:7a:61:2d:11:f7:f5:99:d2:95:64:dd:7e:a9:d8:
02:d2:e8:4b:16:94:f9:dd:a1:9f:fa:64:5f:2b:87:2b:a6:d1:
8e:97:c5:78:1c:3e:4f:53:03:d9:96:62:9b:0b:f9:96:26:b1:
e2:1e:e0:a8:df:2e:60:84:7e:29:8a:88:2e:59:c3:c2:17:39:
95:9a:0b:e9:0b:00:bd:7e:50:94:05:23:17:f5:88:87:a2:cf:
ab:b1:e6:57:cf:73:e9:7d:80:c9:ea:9b:a8:ba:dd:ac:5b:5d:
ef:ae:a2:f0:df:b7:52:72:af:cc:6a:19:17:e0:e2:f3:d2:42:
ee:5b:9c:1e:2b:f0:ba:8c:f4:99:d6:52:3d:ba:31:bd:68:66:
db:b4:6f:4b:b3:a5:7e:3e:f9:2e:f6:d8:c0:66:b4:ee:ca:b8:
ec:3b:f6:57:bd:21:7d:10:25:cf:d5:30:2f:0e:ac:66:b3:ac:
75:2b:60:9c:15:2c:0b:9b:15:d9:e1:40:4b:64:0d:bf:75:c3:
0d:a5:0f:53:e0:23:0f:36:66:c3:83:7e:15:08:46:c9:ad:b8:
f4:4a:01:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUULBEoxjueZc7r6tkoI/xXlSoNEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwMjVaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0ODE0NTM1YmZhZmYzMThkZTU4ZGZjZDc2OWQ0MGI1NWY3ODI2OGVjZTIw
ZjRjYWQwNDg1YTU2M2FmYzNmNTMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxleRe+uALf5vi6bRJQAexyKVqW9aWU52h7T2Ym/bzncalq59qaZwDnAb8Q
q8kNwB5eoGhMc7iCmwwxhavkeLOV7oGJ66ZsCh7Wrw1+q5OdykFBP5CdPTCZvYDT
/uMrjqwmhrbFOF+hNiVqIu5x8fIujhYlfuvYvbKve/zEbe9PWmhjFW4UW+MtHpYA
OEBuyjP1O2wFOP/ygXWZAHCHoJaHd5pYgp0S4zJuhMdkG9Z/8PMUkQJgnmn3uLb0
5GYoLicF1knzqhLlxiyzjUY5uuFGx/NN3DYImVU7XVZHSIF5+bnzuaJ9FRKKe4sg
/zSxvVb8M9HXiqcNF1JACSTa8bsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSeTgaB
TAAA6t1l4tRCD5EtAn8ipTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZjQ1ODEwMDktOTU5Zi00ODA1LTkwNGUtYTg1MDQzYWM1NTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8Oo
MA0GCSqGSIb3DQEBCwUAA4IBAQBE6ur5sW6on5Z+TRIaiXdbfn/NGwKoYD6x1fT+
hjlXOPKwQXmiDH3CemEtEff1mdKVZN1+qdgC0uhLFpT53aGf+mRfK4crptGOl8V4
HD5PUwPZlmKbC/mWJrHiHuCo3y5ghH4pioguWcPCFzmVmgvpCwC9flCUBSMX9YiH
os+rseZXz3PpfYDJ6puout2sW13vrqLw37dScq/MahkX4OLz0kLuW5weK/C6jPSZ
1lI9ujG9aGbbtG9Ls6V+Pvku9tjAZrTuyrjsO/ZXvSF9ECXP1TAvDqxms6x1K2Cc
FSwLmxXZ4UBLZA2/dcMNpQ9T4CMPNmbDg34VCEbJrbj0SgHn
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:13:32 2025 by rpki-client