Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
File: 215a2c9b-4dc1-48db-846e-de75149ba3ec.roa (raw, json)
Hash identifier: 2+yJrX8cxQvk3/COYkhB/H6i3rhfUEcM4vh5TUm+H+8=
Subject key identifier: 7A:75:45:B1:5E:88:81:1A:04:23:CB:77:F5:8D:7D:AD:5C:93:2B:90
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7053CFCD41B0086B29D8E9363B62A93EF08A2401
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
Signing time: Tue 15 Jul 2025 00:30:43 +0000
ROA not before: Tue 15 Jul 2025 00:30:43 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:53:cf:cd:41:b0:08:6b:29:d8:e9:36:3b:62:a9:3e:f0:8a:24:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:43 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=eadfbdd217f6985e0a5f9f166448dcb218e6344622ab632d848b464ab663c41d, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:59:04:e0:1e:cc:a9:bb:bc:87:86:dc:a7:eb:
24:b3:50:26:53:ca:18:be:f7:e3:22:b0:13:a2:09:
4a:db:b2:1c:89:ed:c5:ec:b0:16:d3:3a:95:fd:95:
37:ba:97:fe:76:9b:29:55:bc:cf:dd:19:cc:e4:14:
c7:02:45:46:b2:d1:6c:9f:d8:46:96:cf:13:ff:c4:
d9:73:fd:3d:37:04:4b:ee:c6:76:71:72:68:67:d7:
5b:ab:d6:8f:b2:e2:40:4d:9e:c3:9d:a0:03:a9:f9:
67:03:3d:2b:ec:e4:52:16:a5:f6:7d:50:e1:6d:1b:
24:73:0e:6b:cc:0e:5e:ed:e4:59:d2:f6:2a:75:21:
5c:d0:ec:8a:fc:cd:a9:7b:01:10:3a:f6:8b:bb:2f:
a3:15:db:49:ac:78:f7:bc:d4:55:4c:ec:1e:b6:b6:
aa:b5:79:c8:4a:74:1b:69:53:7e:f3:a7:1c:2b:c9:
59:d3:d7:c1:b0:91:05:a3:ef:84:02:93:8f:1b:13:
7f:42:5d:a9:c1:ac:ea:47:8a:3b:67:bc:2b:b1:ed:
07:9b:78:d5:ae:15:71:f6:fe:c4:e9:c7:df:cb:c9:
1f:f1:e9:0d:f0:f5:75:4f:23:42:62:5c:4c:08:71:
aa:47:a0:24:c0:ad:87:f9:c5:cb:63:ae:ec:ee:0e:
fd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:75:45:B1:5E:88:81:1A:04:23:CB:77:F5:8D:7D:AD:5C:93:2B:90
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc2::/32
Signature Algorithm: sha256WithRSAEncryption
16:6a:c7:28:6b:e2:cc:9a:8c:f9:93:04:90:56:39:75:ec:0d:
5a:cb:86:df:54:6a:e1:31:9d:df:67:73:2a:64:59:e2:23:a6:
4d:06:69:1d:67:ff:01:51:35:2c:3a:b3:73:dd:98:76:34:05:
01:5e:61:89:b2:ca:3b:d7:b7:27:62:08:08:93:a7:27:62:c4:
84:91:f0:d6:02:ba:ea:65:44:5f:8d:4c:5e:e0:58:25:51:55:
96:7d:f2:7f:c4:8b:ba:d0:e8:3a:9d:91:9a:22:f0:16:f1:2b:
d1:02:5c:00:fb:fa:ab:ce:fb:92:4f:13:f6:0e:c0:00:be:2a:
9b:aa:9d:ce:69:f5:73:50:94:a6:cb:11:d8:8d:b1:11:89:63:
e1:d5:73:55:d1:47:a0:17:db:80:be:7c:c3:12:3d:1a:7f:31:
b6:f9:4b:3a:99:c9:92:dd:84:b8:d7:5a:3c:ff:91:b5:bc:14:
33:d9:1a:57:82:cc:87:31:8f:f5:e1:8c:8c:8c:99:56:85:d8:
91:1e:07:6c:a4:71:2a:b7:70:01:ab:83:c7:f8:4a:f9:c2:0e:
5b:bf:3b:d6:ed:98:da:c1:38:69:b9:ca:02:9a:d9:80:71:87:
5c:d9:4c:cc:64:63:a1:27:95:23:a0:57:4e:cb:d8:20:7e:e8:
68:b7:8b:65
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUcFPPzUGwCGsp2Ok2O2KpPvCKJAEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwNDNaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhZGZiZGQyMTdmNjk4NWUwYTVmOWYxNjY0NDhkY2IyMThlNjM0NDYyMmFi
NjMyZDg0OGI0NjRhYjY2M2M0MWQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN9ZBOAezKm7vIeG3KfrJLNQJlPKGL734yKwE6IJStuyHIntxeywFtM6lf2V
N7qX/nabKVW8z90ZzOQUxwJFRrLRbJ/YRpbPE//E2XP9PTcES+7GdnFyaGfXW6vW
j7LiQE2ew52gA6n5ZwM9K+zkUhal9n1Q4W0bJHMOa8wOXu3kWdL2KnUhXNDsivzN
qXsBEDr2i7svoxXbSax497zUVUzsHra2qrV5yEp0G2lTfvOnHCvJWdPXwbCRBaPv
hAKTjxsTf0JdqcGs6keKO2e8K7HtB5t41a4Vcfb+xOnH38vJH/HpDfD1dU8jQmJc
TAhxqkegJMCth/nFy2Ou7O4O/SMCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBR6dUWx
XoiBGgQjy3f1jX2tXJMrkDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MjE1YTJjOWItNGRjMS00OGRiLTg0NmUtZGU3NTE0OWJhM2VjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Iw
DQYJKoZIhvcNAQELBQADggEBABZqxyhr4syajPmTBJBWOXXsDVrLht9UauExnd9n
cypkWeIjpk0GaR1n/wFRNSw6s3PdmHY0BQFeYYmyyjvXtydiCAiTpydixISR8NYC
uuplRF+NTF7gWCVRVZZ98n/Ei7rQ6DqdkZoi8BbxK9ECXAD7+qvO+5JPE/YOwAC+
Kpuqnc5p9XNQlKbLEdiNsRGJY+HVc1XRR6AX24C+fMMSPRp/Mbb5SzqZyZLdhLjX
Wjz/kbW8FDPZGleCzIcxj/XhjIyMmVaF2JEeB2ykcSq3cAGrg8f4SvnCDlu/O9bt
mNrBOGm5ygKa2YBxh1zZTMxkY6EnlSOgV07L2CB+6Gi3i2U=
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:35 2025 by rpki-client