Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
File: 440b3734-74c6-4eea-9712-42440de9c3b4.roa (raw, json)
Hash identifier: xI9fGKtgECUJQfmVbrk5MU2qEvpkqvvU1LZP9AEPGeE=
Subject key identifier: F0:C3:45:0D:37:65:55:AD:EA:18:2E:CE:DA:5F:DF:E4:31:37:2A:99
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3534A18EED1E82038FB96F7D7AFE7878C38BFB04
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
Signing time: Tue 15 Jul 2025 00:30:39 +0000
ROA not before: Tue 15 Jul 2025 00:30:39 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:34:a1:8e:ed:1e:82:03:8f:b9:6f:7d:7a:fe:78:78:c3:8b:fb:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:39 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=366a42136b987982301e384b946eceff304537f5db027b914d238f816da8a0ed, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d7:fd:29:c2:27:34:81:d9:66:94:7a:e8:c2:
20:0c:30:bf:7d:a2:f1:f9:12:f5:5c:78:6b:07:98:
76:7b:81:59:8d:b9:5d:35:75:72:b6:a5:50:c0:19:
c2:c8:90:37:47:0d:cd:22:74:e6:42:82:26:c9:da:
ea:e7:08:5c:9b:49:a3:cd:30:4a:1d:3b:41:43:f0:
ff:bf:0f:7d:3a:53:fd:cb:f4:9a:f5:0b:55:b7:a9:
e4:86:cf:4a:22:c1:96:a6:53:19:ed:72:1f:21:ed:
af:05:73:73:8e:13:f8:51:2a:35:e2:2b:81:35:3f:
79:a0:7a:ee:88:e6:d0:5d:31:7c:04:60:05:bd:5c:
b8:39:16:b8:6e:45:64:df:a5:d9:73:c6:76:c4:d3:
3e:24:f0:cd:e0:8b:d8:3b:f8:3d:2f:d8:62:56:c8:
6a:3a:04:0e:8f:53:4e:f3:2e:e9:a3:76:d1:27:d2:
1e:8c:06:29:dc:36:1d:ab:82:98:ab:31:ff:c7:12:
fb:41:b6:30:2d:6d:98:68:c8:20:69:e1:8e:34:65:
58:a8:23:86:57:cd:28:26:18:2e:c1:cf:f9:93:2f:
98:83:63:28:e8:23:f9:85:2b:d1:02:64:27:31:2d:
6b:3a:79:31:42:c5:9b:a9:b6:0c:94:85:c5:45:d9:
d1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C3:45:0D:37:65:55:AD:EA:18:2E:CE:DA:5F:DF:E4:31:37:2A:99
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7::/36
Signature Algorithm: sha256WithRSAEncryption
11:c2:5c:e9:e9:18:03:48:94:4b:7d:da:f1:b7:67:28:4b:d9:
04:36:bf:be:0c:14:d2:00:15:8d:87:a5:d5:c4:00:76:01:32:
e6:a0:85:92:5b:61:3d:13:ee:97:15:11:95:4f:21:c4:32:d8:
3a:aa:33:e0:a2:b4:82:e7:37:7c:db:01:65:87:7f:50:c5:b3:
ab:29:77:20:aa:1d:02:69:04:46:d0:f8:97:1d:b5:bd:1a:82:
af:40:c3:e5:09:a3:5d:c8:d8:b8:bb:09:c6:34:d6:bf:8b:5d:
7a:67:d4:8e:60:62:6f:1b:ac:47:2e:5c:81:ba:8d:1b:14:54:
91:da:f9:c1:81:d4:b1:fc:bf:19:a5:da:5e:1a:31:9f:42:8c:
6d:9d:3b:36:eb:4d:7b:8f:42:56:05:61:89:f6:93:85:aa:08:
cf:46:cd:90:59:36:b5:c4:c2:2d:53:3d:d3:cc:6e:08:94:57:
e5:52:97:7a:53:7b:65:07:47:00:d9:4d:ef:ca:47:fd:57:aa:
c8:eb:1f:84:42:99:9e:bf:0e:86:8e:8b:57:60:78:44:5c:e2:
f9:86:20:ee:b4:89:c2:4f:da:69:e6:79:f5:06:05:f9:86:09:
12:cd:de:75:18:b0:97:da:e2:ad:ae:25:3c:e0:17:84:8a:f8:
98:ff:d4:fc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNTShju0eggOPuW99ev54eMOL+wQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMzlaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2NmE0MjEzNmI5ODc5ODIzMDFlMzg0Yjk0NmVjZWZmMzA0NTM3ZjVkYjAy
N2I5MTRkMjM4ZjgxNmRhOGEwZWQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJjX/SnCJzSB2WaUeujCIAwwv32i8fkS9Vx4aweYdnuBWY25XTV1cralUMAZ
wsiQN0cNzSJ05kKCJsna6ucIXJtJo80wSh07QUPw/78PfTpT/cv0mvULVbep5IbP
SiLBlqZTGe1yHyHtrwVzc44T+FEqNeIrgTU/eaB67ojm0F0xfARgBb1cuDkWuG5F
ZN+l2XPGdsTTPiTwzeCL2Dv4PS/YYlbIajoEDo9TTvMu6aN20SfSHowGKdw2HauC
mKsx/8cS+0G2MC1tmGjIIGnhjjRlWKgjhlfNKCYYLsHP+ZMvmINjKOgj+YUr0QJk
JzEtazp5MULFm6m2DJSFxUXZ0akCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTww0UN
N2VVreoYLs7aX9/kMTcqmTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDQwYjM3MzQtNzRjNi00ZWVhLTk3MTItNDI0NDBkZTljM2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cA
MA0GCSqGSIb3DQEBCwUAA4IBAQARwlzp6RgDSJRLfdrxt2coS9kENr++DBTSABWN
h6XVxAB2ATLmoIWSW2E9E+6XFRGVTyHEMtg6qjPgorSC5zd82wFlh39QxbOrKXcg
qh0CaQRG0PiXHbW9GoKvQMPlCaNdyNi4uwnGNNa/i116Z9SOYGJvG6xHLlyBuo0b
FFSR2vnBgdSx/L8ZpdpeGjGfQoxtnTs26017j0JWBWGJ9pOFqgjPRs2QWTa1xMIt
Uz3TzG4IlFflUpd6U3tlB0cA2U3vykf9V6rI6x+EQpmevw6GjotXYHhEXOL5hiDu
tInCT9pp5nn1BgX5hgkSzd51GLCX2uKtriU84BeEiviY/9T8
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:31:56 2025 by rpki-client