Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/015f4a0b-cf81-407c-9b60-8f76998937f0.roa
File: 015f4a0b-cf81-407c-9b60-8f76998937f0.roa (raw, json)
Hash identifier: TNKA3WjQRH+A33TBIKVn+6KF+NsXFfRyzG+pz+g8JS4=
Subject key identifier: F9:28:67:B1:F0:12:5A:D2:15:90:FA:B3:7A:2D:F7:8F:8E:D4:1F:99
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 02AF9A928581140DC3120E2E79047D669AEA478F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/015f4a0b-cf81-407c-9b60-8f76998937f0.roa
Signing time: Tue 15 Jul 2025 00:21:20 +0000
ROA not before: Tue 15 Jul 2025 00:21:20 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:b800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:af:9a:92:85:81:14:0d:c3:12:0e:2e:79:04:7d:66:9a:ea:47:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:20 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=e89e78cf92af5aedd857f5bf0c9881b63b8abc58f3a70b5b645c6c86dea6db53, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4f:9d:b7:e2:0b:02:ce:a8:19:d2:2e:11:72:
37:c6:a9:a3:6b:8b:01:63:4c:c0:f2:49:28:d3:8b:
a7:e8:00:fd:63:b7:2b:b1:be:27:9a:4f:d5:3c:b0:
76:48:87:25:56:d3:c0:20:da:9c:14:2e:6f:5c:a1:
f7:af:c5:ab:ba:2e:43:2d:ae:7b:5f:15:98:4c:17:
2e:e0:cd:d2:d2:09:11:8b:50:f5:b3:a5:26:09:ae:
84:a9:aa:97:97:60:2c:0f:e8:f7:c5:90:15:a9:20:
bb:3e:dd:cb:80:38:c9:9e:48:6f:19:1d:36:28:ed:
9f:7c:fd:73:a0:34:16:bf:35:f7:c9:d7:1a:ec:bb:
ac:95:0c:f8:f3:77:4f:93:6b:68:56:36:f1:64:9a:
24:67:0d:bf:b3:e0:6c:a2:8b:34:a6:47:c2:23:04:
56:61:1a:4f:31:7a:16:a5:01:bd:a6:6d:32:a8:a8:
9f:af:e9:07:38:e5:f1:77:f5:8f:b2:4e:03:9f:30:
08:4f:ac:66:e5:22:43:c2:50:51:9f:de:21:51:c7:
6b:82:cb:b7:ca:54:12:80:f9:e0:71:cd:2c:a3:36:
e5:f0:05:58:95:1d:96:42:fd:8c:be:5f:bb:09:bc:
fa:88:d9:44:d7:8f:80:ba:a5:05:f2:9d:af:d0:85:
5e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:28:67:B1:F0:12:5A:D2:15:90:FA:B3:7A:2D:F7:8F:8E:D4:1F:99
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/015f4a0b-cf81-407c-9b60-8f76998937f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:b800::/40
Signature Algorithm: sha256WithRSAEncryption
64:c4:0f:18:ac:3b:a5:e9:5f:cf:7d:6f:da:5b:87:84:14:0d:
20:81:85:51:cb:f0:5f:75:50:53:3a:3b:f9:fb:57:03:36:d6:
00:f4:29:1c:a2:c5:a0:44:e2:b1:ad:e6:68:a7:9f:ff:61:27:
43:99:61:1a:f1:9a:04:aa:53:b2:c7:ed:ec:c7:8d:d3:91:24:
b2:78:2a:06:cd:73:2e:96:f3:2b:25:8c:c8:4f:cf:82:f4:41:
d8:3e:cb:80:2e:3f:aa:5a:0f:a9:6e:74:26:c3:ea:8d:7a:a0:
be:05:88:a2:2c:57:74:6d:52:e2:e6:37:20:05:0c:9f:17:a7:
2e:72:0c:fb:7d:90:27:4b:cf:31:b4:15:93:c9:de:a0:7d:3b:
85:9a:a4:b6:a6:16:92:48:4a:46:1b:f8:eb:03:ca:75:c0:37:
79:78:3f:bc:da:2b:57:48:75:41:a1:55:7a:52:f4:07:19:22:
7c:24:62:ee:4f:d3:f1:ee:75:6b:a7:1e:09:55:dd:33:a5:3a:
53:5a:6a:c2:e2:b2:6f:25:bc:82:55:f2:1c:4a:53:f5:3c:9b:
c4:18:83:2b:e1:11:3a:f2:e4:f3:9e:a0:b3:d7:a5:60:f9:30:
34:1e:3b:fc:cc:b6:31:48:d4:46:79:6b:1c:56:a2:eb:6f:a1:
8c:25:3f:2f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAq+akoWBFA3DEg4ueQR9ZprqR48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMjBaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4OWU3OGNmOTJhZjVhZWRkODU3ZjViZjBjOTg4MWI2M2I4YWJjNThmM2E3
MGI1YjY0NWM2Yzg2ZGVhNmRiNTMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhPnbfiCwLOqBnSLhFyN8apo2uLAWNMwPJJKNOLp+gA/WO3K7G+J5pP1Tyw
dkiHJVbTwCDanBQub1yh96/Fq7ouQy2ue18VmEwXLuDN0tIJEYtQ9bOlJgmuhKmq
l5dgLA/o98WQFakguz7dy4A4yZ5IbxkdNijtn3z9c6A0Fr8198nXGuy7rJUM+PN3
T5NraFY28WSaJGcNv7PgbKKLNKZHwiMEVmEaTzF6FqUBvaZtMqion6/pBzjl8Xf1
j7JOA58wCE+sZuUiQ8JQUZ/eIVHHa4LLt8pUEoD54HHNLKM25fAFWJUdlkL9jL5f
uwm8+ojZRNePgLqlBfKdr9CFXn0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT5KGex
8BJa0hWQ+rN6LfePjtQfmTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDE1ZjRhMGItY2Y4MS00MDdjLTliNjAtOGY3Njk5ODkzN2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8e4
MA0GCSqGSIb3DQEBCwUAA4IBAQBkxA8YrDul6V/PfW/aW4eEFA0ggYVRy/BfdVBT
Ojv5+1cDNtYA9CkcosWgROKxreZop5//YSdDmWEa8ZoEqlOyx+3sx43TkSSyeCoG
zXMulvMrJYzIT8+C9EHYPsuALj+qWg+pbnQmw+qNeqC+BYiiLFd0bVLi5jcgBQyf
F6cucgz7fZAnS88xtBWTyd6gfTuFmqS2phaSSEpGG/jrA8p1wDd5eD+82itXSHVB
oVV6UvQHGSJ8JGLuT9Px7nVrpx4JVd0zpTpTWmrC4rJvJbyCVfIcSlP1PJvEGIMr
4RE68uTznqCz16Vg+TA0Hjv8zLYxSNRGeWscVqLrb6GMJT8v
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:19 2025 by rpki-client