Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
File: 0869fd21-e07d-44bc-b068-73be998c5028.roa (raw, json)
Hash identifier: TMky9LBlx+thK+1nMbMTBTl/oZTYOWKtZi6Mpob4lA4=
Subject key identifier: 6C:F7:E1:B2:2E:28:D8:A1:8C:ED:48:B8:26:1B:0B:FB:03:05:35:A2
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 22FA4F1F65D6854E94AE11F7403891052B0B5596
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
Signing time: Tue 15 Jul 2025 00:21:10 +0000
ROA not before: Tue 15 Jul 2025 00:21:10 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 22:13:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:fa:4f:1f:65:d6:85:4e:94:ae:11:f7:40:38:91:05:2b:0b:55:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:10 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=257fe0c606bbf66ef2795a16236dcf7d4d951c74e20ed5899ecb9fe1c256279d, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a8:b7:df:51:ce:d6:46:2f:67:d1:eb:b1:45:
1e:bd:e3:8e:91:2e:cc:b1:56:27:9e:f4:80:c1:46:
b1:58:02:ec:b7:f3:88:48:03:5b:20:b1:52:da:03:
20:11:dc:2c:e1:02:e6:87:de:1a:72:b1:8c:79:bb:
d5:da:54:80:9f:86:db:d4:65:7b:8a:46:6d:c8:b4:
92:ee:8a:35:a1:49:a4:f9:58:d4:ac:6a:b5:32:fb:
fb:88:5c:12:a0:a0:7e:d4:c8:5e:f3:e1:46:d4:4b:
19:9f:89:6b:7d:1c:0e:70:6f:6c:f4:df:e2:53:54:
57:82:1e:b2:c1:1a:b5:af:e5:f2:0d:28:c2:d9:98:
e8:88:dd:f6:24:76:8f:f1:37:8a:a1:eb:c2:bd:16:
e9:f9:65:2d:5e:a6:d2:d7:6d:5d:d8:59:c4:c0:35:
67:99:0c:e1:60:dd:09:46:ed:0a:29:dc:06:a0:da:
04:07:e2:3a:2c:90:78:77:ef:80:98:a6:79:ce:3c:
62:8a:7a:f8:53:73:c9:c0:67:8d:5e:28:65:2c:08:
33:9f:c5:99:06:92:23:9c:97:c4:58:aa:8c:ef:e6:
c7:69:8e:29:2e:56:ed:51:e4:41:f2:fd:c2:e5:6f:
ed:aa:c7:8c:f1:cb:9d:04:a7:61:b7:8d:a9:f8:b8:
5a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F7:E1:B2:2E:28:D8:A1:8C:ED:48:B8:26:1B:0B:FB:03:05:35:A2
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f800::/40
Signature Algorithm: sha256WithRSAEncryption
02:8a:2d:9d:55:05:9b:be:63:3d:27:68:8c:6e:e6:f9:f1:c8:
2b:d6:c9:07:69:59:f2:0a:12:6a:e6:9f:e8:2b:f5:8c:81:d1:
e9:e6:7a:7b:61:be:6c:c1:e1:19:4e:a8:c7:f9:76:2f:53:90:
85:3a:47:bb:12:02:a9:d8:e7:e2:26:65:93:4f:43:50:a5:3d:
03:a2:4b:f7:c4:d4:1f:01:34:30:5b:df:cb:72:21:da:42:b4:
c4:aa:c0:9c:79:b4:15:7a:a3:98:94:b0:8b:2c:2d:38:a4:67:
a0:40:51:6c:74:4a:ba:ce:16:a1:a0:d1:d7:ae:a5:1b:03:94:
ab:25:f9:71:cb:33:2f:a6:4a:e4:38:bf:7c:13:0c:7f:de:15:
65:59:c8:30:60:27:cf:fb:58:b5:7c:e7:eb:56:9c:37:c9:c3:
8d:37:cb:17:aa:6a:9c:18:89:36:77:d1:1d:13:51:3a:4a:19:
37:b2:14:33:18:16:58:08:14:73:44:d7:a6:d8:45:e3:9f:f9:
a5:6c:fd:9f:e9:a4:86:a8:f7:6f:ed:cb:03:23:3b:0f:e4:44:
28:ce:fa:89:cc:36:1e:e5:63:be:13:ec:44:00:64:77:4b:e8:
2f:21:9b:50:10:45:4e:22:be:84:02:5b:6f:06:b5:1b:4d:b5:
ab:31:0b:2e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIvpPH2XWhU6UrhH3QDiRBSsLVZYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMTBaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1N2ZlMGM2MDZiYmY2NmVmMjc5NWExNjIzNmRjZjdkNGQ5NTFjNzRlMjBl
ZDU4OTllY2I5ZmUxYzI1NjI3OWQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyot99RztZGL2fR67FFHr3jjpEuzLFWJ570gMFGsVgC7LfziEgDWyCxUtoD
IBHcLOEC5ofeGnKxjHm71dpUgJ+G29Rle4pGbci0ku6KNaFJpPlY1KxqtTL7+4hc
EqCgftTIXvPhRtRLGZ+Ja30cDnBvbPTf4lNUV4IessEata/l8g0owtmY6Ijd9iR2
j/E3iqHrwr0W6fllLV6m0tdtXdhZxMA1Z5kM4WDdCUbtCincBqDaBAfiOiyQeHfv
gJimec48Yop6+FNzycBnjV4oZSwIM5/FmQaSI5yXxFiqjO/mx2mOKS5W7VHkQfL9
wuVv7arHjPHLnQSnYbeNqfi4WgkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRs9+Gy
LijYoYztSLgmGwv7AwU1ojAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDg2OWZkMjEtZTA3ZC00NGJjLWIwNjgtNzNiZTk5OGM1MDI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8f4
MA0GCSqGSIb3DQEBCwUAA4IBAQACii2dVQWbvmM9J2iMbub58cgr1skHaVnyChJq
5p/oK/WMgdHp5np7Yb5sweEZTqjH+XYvU5CFOke7EgKp2OfiJmWTT0NQpT0Dokv3
xNQfATQwW9/LciHaQrTEqsCcebQVeqOYlLCLLC04pGegQFFsdEq6zhahoNHXrqUb
A5SrJflxyzMvpkrkOL98Ewx/3hVlWcgwYCfP+1i1fOfrVpw3ycONN8sXqmqcGIk2
d9EdE1E6Shk3shQzGBZYCBRzRNem2EXjn/mlbP2f6aSGqPdv7csDIzsP5EQozvqJ
zDYe5WO+E+xEAGR3S+gvIZtQEEVOIr6EAltvBrUbTbWrMQsu
-----END CERTIFICATE-----
Generated at Fri Jul 25 06:07:07 2025 by rpki-client