Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f8610070-4efe-423a-a72e-bfc906b441cc.roa
File: f8610070-4efe-423a-a72e-bfc906b441cc.roa (raw, json)
Hash identifier: RZMPxNOsPmfa2mFfWwkzCRdPv6PSxLX+GsBIZjrKrnQ=
Subject key identifier: 90:AA:AC:C8:B0:8C:16:E5:A5:1A:15:E6:96:D1:B6:23:14:A0:A1:47
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5D54B015231584D957CCD2F98D5133E35A90CE19
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f8610070-4efe-423a-a72e-bfc906b441cc.roa
Signing time: Fri 08 Aug 2025 00:40:09 +0000
ROA not before: Fri 08 Aug 2025 00:40:09 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:4800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:54:b0:15:23:15:84:d9:57:cc:d2:f9:8d:51:33:e3:5a:90:ce:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 8 00:40:09 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=1d88948f49d46281f743595862c2c1e5c35c11e067a6cba6676a5bee35d7ec39, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0d:d5:4e:fb:69:b4:7c:cd:fd:24:6c:2c:28:
15:f6:cc:f0:e6:ab:69:b6:17:29:d2:f4:ba:cb:4a:
10:42:16:2e:4d:f2:0f:4a:b3:c3:2a:68:6b:c2:af:
26:11:5e:40:90:b1:c9:b2:d4:90:63:f2:81:40:2c:
ef:ad:ba:bb:8f:bd:4f:2b:75:a2:da:42:95:c2:33:
16:f2:ae:c0:49:53:49:a2:ad:d9:ac:63:dd:df:8c:
8a:21:f8:5d:b9:f6:77:c7:a9:91:22:1b:88:48:74:
5d:fd:03:69:71:68:e8:72:d9:a8:33:ac:13:04:89:
aa:e2:52:34:a2:45:11:b5:c6:7b:5d:77:3d:16:87:
64:e0:30:b9:a8:1a:02:2d:a8:03:6d:5b:ec:ad:c4:
80:da:7e:d9:64:9f:e7:61:5c:aa:b4:e9:df:1d:7e:
e3:63:ba:cd:30:17:b5:a4:68:06:8f:7c:ed:60:2d:
20:5b:e3:94:fe:31:be:e7:50:f2:34:18:41:1c:4b:
4e:60:9d:12:c2:a9:56:0e:ee:27:dc:3e:09:c2:e0:
16:f3:8f:0f:9d:4f:42:2e:28:93:fd:12:a1:01:49:
86:53:68:9d:28:e2:d1:41:7a:59:f9:85:63:a6:dc:
9e:ea:c3:4e:2a:11:20:89:0d:cd:21:a4:ef:82:6d:
ed:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:AA:AC:C8:B0:8C:16:E5:A5:1A:15:E6:96:D1:B6:23:14:A0:A1:47
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f8610070-4efe-423a-a72e-bfc906b441cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4800::/40
Signature Algorithm: sha256WithRSAEncryption
39:c8:73:72:41:90:14:73:a6:22:3a:c8:1b:cb:7b:68:01:58:
b2:4c:8e:5d:5d:81:2c:9c:b7:25:8d:0d:2d:f6:e3:0a:24:c5:
9f:5b:24:3c:0a:c4:5a:c3:03:15:bd:bd:6f:00:85:c4:34:74:
13:cc:a3:0f:06:32:b5:71:a8:c7:fc:6a:d0:d1:d1:6b:3f:ef:
b5:35:6d:92:07:18:b7:23:c1:fa:f0:ae:d8:16:87:10:c2:42:
ac:d0:62:68:c4:45:5a:aa:6d:6f:a1:d3:cb:d6:3b:30:5b:e7:
81:e5:7c:5b:99:4a:6e:c4:e8:2b:3a:9f:81:2e:ee:af:97:61:
3b:db:46:2e:eb:48:f3:a7:b9:b8:f3:2b:f6:fe:ef:3d:ac:a9:
1d:0c:80:f8:5e:25:2d:dd:44:67:1d:e9:08:bd:cd:06:e0:f9:
f4:b1:ee:ee:f7:5c:f3:21:85:97:34:be:01:c4:4d:29:9f:39:
9f:71:d9:52:1d:13:3f:b7:60:a9:ed:8b:ec:70:e0:55:ca:86:
13:8b:78:47:c5:4b:81:cc:f1:b4:25:72:7b:c7:5e:76:1c:ee:
50:da:e8:94:1a:db:4b:cd:b7:8e:37:55:d1:95:65:c1:08:66:
a6:c5:ad:cc:79:a9:79:b1:0c:65:0e:3c:68:a6:11:40:80:5c:
c9:e3:bd:ab
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXVSwFSMVhNlXzNL5jVEz41qQzhkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDgwMDQwMDlaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkODg5NDhmNDlkNDYyODFmNzQzNTk1ODYyYzJjMWU1YzM1YzExZTA2N2E2
Y2JhNjY3NmE1YmVlMzVkN2VjMzkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4N1U77abR8zf0kbCwoFfbM8OarabYXKdL0ustKEEIWLk3yD0qzwypoa8Kv
JhFeQJCxybLUkGPygUAs7626u4+9Tyt1otpClcIzFvKuwElTSaKt2axj3d+MiiH4
Xbn2d8epkSIbiEh0Xf0DaXFo6HLZqDOsEwSJquJSNKJFEbXGe113PRaHZOAwuaga
Ai2oA21b7K3EgNp+2WSf52FcqrTp3x1+42O6zTAXtaRoBo987WAtIFvjlP4xvudQ
8jQYQRxLTmCdEsKpVg7uJ9w+CcLgFvOPD51PQi4ok/0SoQFJhlNonSji0UF6WfmF
Y6bcnurDTioRIIkNzSGk74Jt7SMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSQqqzI
sIwW5aUaFeaW0bYjFKChRzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Zjg2MTAwNzAtNGVmZS00MjNhLWE3MmUtYmZjOTA2YjQ0MWNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dI
MA0GCSqGSIb3DQEBCwUAA4IBAQA5yHNyQZAUc6YiOsgby3toAViyTI5dXYEsnLcl
jQ0t9uMKJMWfWyQ8CsRawwMVvb1vAIXENHQTzKMPBjK1cajH/GrQ0dFrP++1NW2S
Bxi3I8H68K7YFocQwkKs0GJoxEVaqm1vodPL1jswW+eB5XxbmUpuxOgrOp+BLu6v
l2E720Yu60jzp7m48yv2/u89rKkdDID4XiUt3URnHekIvc0G4Pn0se7u91zzIYWX
NL4BxE0pnzmfcdlSHRM/t2Cp7YvscOBVyoYTi3hHxUuBzPG0JXJ7x152HO5Q2uiU
GttLzbeON1XRlWXBCGamxa3Meal5sQxlDjxophFAgFzJ472r
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:50 2025 by rpki-client