Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
File: 1e498054-99a2-4f2b-82cb-7448499c313c.roa (raw, json)
Hash identifier: +hM3FaGJr/jwcWOM2Xdbdgzc6NThBNXm7WmxYmiM0HE=
Subject key identifier: BD:08:98:D2:89:8A:18:12:76:70:FB:D2:E7:E5:A6:A1:CD:34:6A:A7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 37F61CC9E1856DFD6429CD75B557A5699C2D5C3E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
Signing time: Fri 01 Aug 2025 17:20:03 +0000
ROA not before: Fri 01 Aug 2025 17:20:03 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:f6:1c:c9:e1:85:6d:fd:64:29:cd:75:b5:57:a5:69:9c:2d:5c:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 1 17:20:03 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=7166c16d7b7ab007a866afdf81a46766f2416d1870a0627beea02580d00c4495, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9c:37:2b:e1:15:ae:2f:34:40:82:6f:a7:8f:
43:9a:85:dc:3e:7b:73:61:6d:11:c0:26:e6:d0:42:
11:f2:16:85:16:2b:d6:d2:a3:54:c2:98:c2:be:45:
6e:14:78:51:14:eb:e2:e2:7d:bb:b1:3e:98:6f:52:
70:96:6d:fc:a7:cb:06:cd:92:ab:1a:d9:99:97:d8:
2a:07:d7:f7:7c:c9:79:68:8a:73:aa:63:e6:37:e8:
a0:da:5d:bb:86:eb:ed:b0:0e:42:be:0f:05:5b:38:
e3:c1:00:aa:83:b1:82:f5:c6:a3:c5:a6:ef:24:b6:
e3:25:dd:cd:48:c6:cd:17:aa:9f:ac:56:62:78:29:
38:28:01:d4:a5:ea:05:53:20:91:7e:1d:96:6a:0d:
94:db:36:87:7e:6e:59:12:0f:9b:a0:9f:9c:f7:d0:
d0:97:ba:f6:19:b7:9f:d1:25:94:4f:0d:fd:97:69:
39:80:f9:6b:03:b7:ba:7a:bd:7b:16:55:e3:bd:c6:
30:c3:e9:86:36:f1:4a:12:b2:1a:e8:0b:10:78:3a:
65:38:1d:4d:cb:44:a6:80:ad:1e:56:aa:66:44:02:
73:a7:bb:54:35:97:13:f9:62:f4:6a:05:cf:6c:58:
9c:97:ac:23:27:1b:97:39:ac:11:f9:64:b4:0d:1f:
52:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:08:98:D2:89:8A:18:12:76:70:FB:D2:E7:E5:A6:A1:CD:34:6A:A7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0::/29
Signature Algorithm: sha256WithRSAEncryption
45:18:9a:b5:fb:0e:29:c8:a6:2b:96:89:53:17:c7:06:54:1a:
8f:ca:39:8a:7d:bb:a6:a4:fd:c4:8c:5c:01:fa:13:c2:9a:62:
f2:17:98:b3:75:66:7f:a0:9f:69:3a:01:3e:26:ab:cd:80:6d:
3f:80:f3:3c:42:94:16:23:7d:66:8b:ec:58:21:c1:28:b7:2f:
03:00:af:06:e0:fa:a0:36:16:72:d5:40:7d:33:ba:30:4a:ba:
41:bf:4a:ba:74:a1:e7:cf:92:e1:f8:a5:9e:bb:ad:76:c6:ec:
29:06:14:d8:53:41:32:1a:3f:3c:74:fd:a2:f4:79:21:17:c9:
46:36:03:c4:2b:d4:dd:cf:39:93:fa:92:be:59:81:f7:d6:e9:
5f:f3:ee:01:7b:fc:40:c3:55:c6:86:54:3e:24:9b:d0:5c:78:
f7:9a:4b:68:b0:37:8d:8f:24:c4:4e:1d:2b:de:1b:54:08:04:
46:94:f8:da:78:99:a6:86:0e:c7:47:66:67:4b:79:ce:fd:c8:
15:d7:a7:9a:61:c3:01:84:b6:6e:00:90:fe:5f:3d:f1:0d:cf:
68:44:6b:ca:78:ed:05:4c:fc:21:2f:b7:2f:8c:44:97:64:e9:
c3:e1:09:ae:11:96:a6:e9:a5:22:12:b4:c5:bd:44:43:83:5e:
e5:d1:41:a5
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUN/YcyeGFbf1kKc11tVelaZwtXD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDExNzIwMDNaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxNjZjMTZkN2I3YWIwMDdhODY2YWZkZjgxYTQ2NzY2ZjI0MTZkMTg3MGEw
NjI3YmVlYTAyNTgwZDAwYzQ0OTUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmcNyvhFa4vNECCb6ePQ5qF3D57c2FtEcAm5tBCEfIWhRYr1tKjVMKYwr5F
bhR4URTr4uJ9u7E+mG9ScJZt/KfLBs2SqxrZmZfYKgfX93zJeWiKc6pj5jfooNpd
u4br7bAOQr4PBVs448EAqoOxgvXGo8Wm7yS24yXdzUjGzReqn6xWYngpOCgB1KXq
BVMgkX4dlmoNlNs2h35uWRIPm6CfnPfQ0Je69hm3n9EllE8N/ZdpOYD5awO3unq9
exZV473GMMPphjbxShKyGugLEHg6ZTgdTctEpoCtHlaqZkQCc6e7VDWXE/li9GoF
z2xYnJesIycblzmsEflktA0fUnsCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS9CJjS
iYoYEnZw+9Ln5aahzTRqpzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWU0OTgwNTQtOTlhMi00ZjJiLTgyY2ItNzQ0ODQ5OWMzMTNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyABP8Aw
DQYJKoZIhvcNAQELBQADggEBAEUYmrX7DinIpiuWiVMXxwZUGo/KOYp9u6ak/cSM
XAH6E8KaYvIXmLN1Zn+gn2k6AT4mq82AbT+A8zxClBYjfWaL7FghwSi3LwMArwbg
+qA2FnLVQH0zujBKukG/Srp0oefPkuH4pZ67rXbG7CkGFNhTQTIaPzx0/aL0eSEX
yUY2A8Qr1N3POZP6kr5ZgffW6V/z7gF7/EDDVcaGVD4km9BcePeaS2iwN42PJMRO
HSveG1QIBEaU+Np4maaGDsdHZmdLec79yBXXp5phwwGEtm4AkP5fPfENz2hEa8p4
7QVM/CEvty+MRJdk6cPhCa4RlqbppSIStMW9REODXuXRQaU=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:46:51 2025 by rpki-client