Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
File: 42a75e81-4259-49a6-bdf2-3b7976817e78.roa (raw, json)
Hash identifier: QfCL2NBIadcRY7uJr7G1U5wcS0LZA9p6m7E+bhOCdrc=
Subject key identifier: EC:9C:63:0D:57:48:87:EC:3C:DC:25:2F:B0:63:B9:69:AD:72:2F:68
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 719325DCD9C6608873F5E2B237A64397432FE883
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
Signing time: Tue 15 Jul 2025 00:20:33 +0000
ROA not before: Tue 15 Jul 2025 00:20:33 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:93:25:dc:d9:c6:60:88:73:f5:e2:b2:37:a6:43:97:43:2f:e8:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:33 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=a5e85277597c420392d20e8aa49a1411d291c66b26e533bec1074c8e9e6b76fb, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3d:5c:55:d0:93:08:51:c0:c0:b3:d8:cd:dd:
a1:a5:ee:42:17:0d:6c:16:71:be:0f:29:57:d4:4b:
b0:07:dc:f7:1c:47:f5:1e:74:8f:47:cb:98:16:96:
92:aa:7b:e0:6c:74:fa:6b:0e:23:9f:e2:be:da:b4:
ab:f8:3d:1f:14:6b:92:77:cf:00:fd:ce:53:de:1f:
8e:a7:cb:d4:ba:c5:d5:57:47:d8:51:a4:bc:1c:5c:
b5:60:15:95:ef:8d:41:d9:63:96:ac:cd:6b:54:78:
62:5e:93:ab:43:e1:bf:28:c8:a9:4a:c6:0c:50:de:
21:99:ac:cd:0d:20:61:c3:0a:7e:9a:b3:25:74:46:
4c:1d:2d:22:7f:aa:e9:08:91:10:79:89:10:02:b1:
48:20:90:e7:68:70:e9:7a:22:6a:06:4e:a3:17:99:
ea:3a:0d:f5:c6:f7:55:ae:ec:cd:ec:ea:46:ee:33:
db:7a:a6:a0:02:8f:40:d0:e6:28:99:25:b6:8f:72:
20:bc:10:2d:ef:9d:b3:05:87:14:91:67:5d:f2:d8:
1b:de:2a:9a:e0:bd:98:a7:5e:eb:c9:45:48:f9:14:
9b:a2:e3:1e:c2:e6:b4:0e:4d:57:0f:30:be:cd:7c:
b3:53:7c:39:33:70:a4:8f:84:6a:b9:de:55:9d:b5:
8f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:9C:63:0D:57:48:87:EC:3C:DC:25:2F:B0:63:B9:69:AD:72:2F:68
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:5000::/36
Signature Algorithm: sha256WithRSAEncryption
26:45:b9:bb:5f:b0:71:6e:3b:bb:5b:d0:15:62:a3:45:b4:e0:
6f:37:49:20:fe:bd:59:c4:57:4e:0c:a0:ad:db:7e:bb:98:d2:
c6:aa:fb:9e:53:6b:f1:fa:eb:db:a1:dc:01:11:19:12:e6:6e:
2b:27:5f:35:f7:c2:a1:ba:42:bf:f7:1e:32:bd:32:66:7e:87:
90:ce:90:9d:15:9a:b0:7d:33:e2:e7:f4:80:44:d2:84:af:6a:
aa:82:ed:5d:fa:d7:d1:4e:3d:87:0d:16:5e:61:dd:4c:ac:1b:
07:64:f5:78:1a:8c:71:e0:1d:25:e4:1d:4a:b6:41:be:39:87:
71:08:96:9e:f4:2f:bc:c7:c1:e7:0b:a3:c6:63:8d:23:54:8c:
4f:aa:f2:c6:89:80:1c:fb:be:9f:40:3c:98:82:4c:84:49:4e:
65:99:93:4f:fe:bb:b6:dd:a9:62:61:fb:62:55:aa:88:e7:1e:
48:55:32:51:d5:a7:67:d5:fb:ae:e6:21:4a:9d:c9:6d:68:4f:
0f:7d:16:73:41:ae:31:bb:a2:40:73:f0:ca:c9:7b:97:01:82:
d8:94:9c:e4:a7:f7:c5:bc:74:7d:9b:1e:3d:6d:4e:5a:e9:66:
34:a0:18:4d:82:fe:75:fc:53:da:ed:83:ad:fa:7d:16:c0:0c:
9e:33:d0:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcZMl3NnGYIhz9eKyN6ZDl0Mv6IMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwMzNaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1ZTg1Mjc3NTk3YzQyMDM5MmQyMGU4YWE0OWExNDExZDI5MWM2NmIyNmU1
MzNiZWMxMDc0YzhlOWU2Yjc2ZmIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM89XFXQkwhRwMCz2M3doaXuQhcNbBZxvg8pV9RLsAfc9xxH9R50j0fLmBaW
kqp74Gx0+msOI5/ivtq0q/g9HxRrknfPAP3OU94fjqfL1LrF1VdH2FGkvBxctWAV
le+NQdljlqzNa1R4Yl6Tq0PhvyjIqUrGDFDeIZmszQ0gYcMKfpqzJXRGTB0tIn+q
6QiREHmJEAKxSCCQ52hw6XoiagZOoxeZ6joN9cb3Va7szezqRu4z23qmoAKPQNDm
KJklto9yILwQLe+dswWHFJFnXfLYG94qmuC9mKde68lFSPkUm6LjHsLmtA5NVw8w
vs18s1N8OTNwpI+EarneVZ21j/kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTsnGMN
V0iH7DzcJS+wY7lprXIvaDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDJhNzVlODEtNDI1OS00OWE2LWJkZjItM2I3OTc2ODE3ZTc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAmRbm7X7Bxbju7W9AVYqNFtOBvN0kg/r1ZxFdO
DKCt2367mNLGqvueU2vx+uvbodwBERkS5m4rJ18198KhukK/9x4yvTJmfoeQzpCd
FZqwfTPi5/SARNKEr2qqgu1d+tfRTj2HDRZeYd1MrBsHZPV4Goxx4B0l5B1KtkG+
OYdxCJae9C+8x8HnC6PGY40jVIxPqvLGiYAc+76fQDyYgkyESU5lmZNP/ru23ali
YftiVaqI5x5IVTJR1adn1fuu5iFKncltaE8PfRZzQa4xu6JAc/DKyXuXAYLYlJzk
p/fFvHR9mx49bU5a6WY0oBhNgv51/FPa7YOt+n0WwAyeM9AH
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:31:22 2025 by rpki-client