Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0921c3e8-5877-4b50-aeac-160b00663d91.roa
File: 0921c3e8-5877-4b50-aeac-160b00663d91.roa (raw, json)
Hash identifier: VOXXb1fsWBkbdb4q/MiMtg4sTFukfACP1yVUGKQ3NlQ=
Subject key identifier: 6F:1D:35:30:01:B5:39:0A:9D:BE:BE:4D:70:3D:3D:4E:6F:C8:14:E3
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 41B8696E98046348B064577942303C738AEC0A92
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0921c3e8-5877-4b50-aeac-160b00663d91.roa
Signing time: Mon 14 Jul 2025 16:37:08 +0000
ROA not before: Mon 14 Jul 2025 16:37:08 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:9800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:b8:69:6e:98:04:63:48:b0:64:57:79:42:30:3c:73:8a:ec:0a:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 14 16:37:08 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=ac596474ad2d8f0c46a0f03d30c046082049f2c55bebb0a8457dc7b8f9f5b5ec, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7f:c1:f4:5e:eb:6a:5e:f5:96:f2:dd:0c:5f:
b9:16:ea:5b:a0:ac:91:9e:7a:76:49:15:8e:b6:17:
36:2a:aa:f6:1e:35:d4:1b:8d:cc:bd:3e:50:75:00:
43:3d:9d:ba:72:05:e7:a7:5d:91:f4:fc:52:b1:9b:
21:11:b1:5e:c4:00:03:0e:e7:c9:80:1a:3c:7b:48:
25:77:1c:f3:64:51:99:e1:17:e9:fb:e1:ce:2c:cd:
16:50:80:84:29:69:5c:56:fd:cc:63:71:33:a7:bf:
b1:a7:fa:dd:18:d5:17:c3:ac:59:a7:0a:61:75:6b:
70:5b:cf:ee:33:e1:eb:35:45:11:c2:86:bd:b7:a4:
c4:87:e0:66:b2:6c:97:1f:9d:41:42:c7:62:7f:6f:
3b:57:43:5e:2f:f9:f9:e5:98:84:04:03:66:f0:fb:
da:5e:57:a6:03:e6:73:08:20:1c:86:e6:92:12:dc:
25:10:bf:05:c2:b0:5e:9f:c7:14:d9:2c:74:cb:b9:
71:64:54:dc:24:69:dc:23:4f:20:c2:60:e2:78:14:
5f:ea:f3:5a:17:d3:0f:ef:a6:de:10:66:d9:3c:56:
ef:61:b2:28:51:ad:a2:34:aa:db:4c:a6:e6:f3:90:
82:09:37:67:17:27:05:12:0b:45:66:1c:a3:de:dd:
32:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:1D:35:30:01:B5:39:0A:9D:BE:BE:4D:70:3D:3D:4E:6F:C8:14:E3
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0921c3e8-5877-4b50-aeac-160b00663d91.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:9800::/40
Signature Algorithm: sha256WithRSAEncryption
2d:54:fb:79:71:36:86:e7:aa:22:25:00:f2:d5:7e:2b:53:9d:
e1:a7:f3:cc:7b:1f:a4:59:04:c0:84:05:0b:96:e1:84:d9:bd:
8b:f8:1a:42:24:f5:8d:73:62:ed:9f:55:16:29:c5:af:4f:15:
4b:8d:00:79:89:0a:61:b3:1b:df:93:56:54:69:08:5f:d8:53:
6e:15:63:46:68:34:15:19:ec:85:c2:ab:94:65:15:83:5b:b5:
16:5b:fe:ec:47:8b:52:19:2a:65:7a:b7:b4:6e:95:08:83:7b:
73:0e:24:7a:92:e8:10:c6:fb:28:e4:52:33:20:28:f5:0d:15:
4f:9b:51:0c:b7:fd:49:ef:ea:6e:b8:fe:17:df:fb:cb:ec:da:
5f:28:80:bc:5e:9c:c8:1b:3a:b8:98:36:57:39:bb:e8:cd:5d:
8c:10:96:ac:35:dd:84:42:12:19:97:84:91:ab:96:e2:b3:0d:
e8:0d:b3:3a:d6:01:62:57:fb:51:7b:1f:cd:d3:7d:50:8e:5e:
f8:f1:5c:4b:c8:36:46:fe:66:a5:c9:86:f0:1d:b5:c1:17:28:
24:33:1f:bf:8a:b8:5c:6d:43:e0:2d:61:33:c7:bf:7a:f8:7d:
d0:2f:85:b3:87:23:16:f5:51:9e:c9:11:7f:37:eb:8f:13:df:
c0:4c:d2:c4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQbhpbpgEY0iwZFd5QjA8c4rsCpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTQxNjM3MDhaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjNTk2NDc0YWQyZDhmMGM0NmEwZjAzZDMwYzA0NjA4MjA0OWYyYzU1YmVi
YjBhODQ1N2RjN2I4ZjlmNWI1ZWMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZ/wfRe62pe9Zby3QxfuRbqW6CskZ56dkkVjrYXNiqq9h411BuNzL0+UHUA
Qz2dunIF56ddkfT8UrGbIRGxXsQAAw7nyYAaPHtIJXcc82RRmeEX6fvhzizNFlCA
hClpXFb9zGNxM6e/saf63RjVF8OsWacKYXVrcFvP7jPh6zVFEcKGvbekxIfgZrJs
lx+dQULHYn9vO1dDXi/5+eWYhAQDZvD72l5XpgPmcwggHIbmkhLcJRC/BcKwXp/H
FNksdMu5cWRU3CRp3CNPIMJg4ngUX+rzWhfTD++m3hBm2TxW72GyKFGtojSq20ym
5vOQggk3ZxcnBRILRWYco97dMtkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRvHTUw
AbU5Cp2+vk1wPT1Ob8gU4zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDkyMWMzZTgtNTg3Ny00YjUwLWFlYWMtMTYwYjAwNjYzZDkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8WY
MA0GCSqGSIb3DQEBCwUAA4IBAQAtVPt5cTaG56oiJQDy1X4rU53hp/PMex+kWQTA
hAULluGE2b2L+BpCJPWNc2Ltn1UWKcWvTxVLjQB5iQphsxvfk1ZUaQhf2FNuFWNG
aDQVGeyFwquUZRWDW7UWW/7sR4tSGSplere0bpUIg3tzDiR6kugQxvso5FIzICj1
DRVPm1EMt/1J7+puuP4X3/vL7NpfKIC8XpzIGzq4mDZXObvozV2MEJasNd2EQhIZ
l4SRq5bisw3oDbM61gFiV/tRex/N031Qjl748VxLyDZG/malyYbwHbXBFygkMx+/
irhcbUPgLWEzx796+H3QL4WzhyMW9VGeyRF/N+uPE9/ATNLE
-----END CERTIFICATE-----
Generated at Wed Jul 23 01:23:51 2025 by rpki-client