Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8d33474a-7193-4fb1-90e2-82106a40b461.roa
File: 8d33474a-7193-4fb1-90e2-82106a40b461.roa (raw, json)
Hash identifier: jywaohAyBvz4IHdXKOCoULioj6rNPKfoIWMlzx3ScHI=
Subject key identifier: B0:07:FD:DC:F4:92:45:56:A2:88:5D:12:12:9B:5F:71:F9:DE:1D:77
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 79EB424FC501535AA6E0DB990D36614097EB4F2A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8d33474a-7193-4fb1-90e2-82106a40b461.roa
Signing time: Tue 15 Jul 2025 00:20:07 +0000
ROA not before: Tue 15 Jul 2025 00:20:07 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:2800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:eb:42:4f:c5:01:53:5a:a6:e0:db:99:0d:36:61:40:97:eb:4f:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:07 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=32666e25b3469dfd67ad9e5fb130c91a4d228fb625d775921ca7a8e3743dd9a1, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:87:80:f4:cf:f6:b7:b9:b1:e8:90:51:f3:42:
6c:52:26:b1:5b:39:3d:26:a8:0a:22:19:3a:53:7e:
74:34:ef:1d:f7:f3:ca:94:67:a4:31:51:c8:99:a2:
6d:e6:de:eb:8d:77:8a:14:d7:9e:82:74:9c:34:a3:
7b:3f:26:b5:62:a8:4c:d3:38:40:7b:e6:65:1b:dc:
46:f5:a1:0a:19:fa:d8:68:4d:c5:ca:9e:33:96:80:
4f:7a:3b:3a:02:2c:7e:f0:a4:b0:ca:92:9f:9f:7a:
fc:ac:37:c7:42:e0:cf:4f:a0:07:d6:70:0a:b8:08:
f1:9f:83:e4:2b:b4:88:3a:17:10:6f:4d:ad:0a:dc:
08:e6:f3:7e:cd:74:fb:2a:b0:6c:c1:86:ab:c8:d0:
e3:a6:3e:fa:96:5f:50:0b:5e:b8:70:57:1a:40:ea:
cd:1f:74:0c:75:ca:e7:cd:ff:7c:b4:a8:89:fe:5a:
f1:2e:79:a9:7d:3c:fe:08:f6:d7:2a:ce:df:be:25:
73:d0:f1:22:03:7e:f7:75:60:a8:7b:56:3f:86:1d:
e6:01:95:d1:ee:03:1a:20:03:bd:95:bb:2e:17:04:
bd:b3:f6:f6:f5:04:52:0e:b6:8c:82:ee:f5:8d:ff:
3d:17:6e:04:f3:83:26:f4:93:13:1e:55:99:63:8f:
ea:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:07:FD:DC:F4:92:45:56:A2:88:5D:12:12:9B:5F:71:F9:DE:1D:77
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8d33474a-7193-4fb1-90e2-82106a40b461.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:2800::/40
Signature Algorithm: sha256WithRSAEncryption
63:8f:7c:f6:8b:d6:c5:dd:a4:ab:9b:ef:9a:1a:0f:4a:09:09:
3f:01:12:67:46:ae:ed:0b:47:69:f4:e2:56:ec:f1:d0:79:6d:
72:93:9d:f6:58:f8:f7:14:de:10:5c:70:8a:34:80:c1:4b:c5:
cd:92:55:1a:bd:21:31:0e:51:43:02:75:48:aa:56:48:7d:3b:
0b:67:71:33:f3:74:d0:87:6a:11:d3:42:3f:a2:ea:17:13:b2:
63:bb:3f:82:da:22:f1:dd:bf:e0:c2:ba:d9:12:91:54:e3:fb:
18:85:b2:c7:a4:ac:1c:a8:48:8a:98:f5:2f:fd:59:51:15:e8:
40:5d:49:b8:89:06:f9:6f:37:4d:38:41:0a:d9:9a:eb:a1:4b:
e6:30:5c:ad:8a:4f:cb:2d:a9:f1:85:f7:84:54:4a:06:c2:1f:
ce:5a:53:39:dc:bc:e6:1c:99:79:05:b3:ba:fc:25:0d:01:01:
14:7b:11:60:94:e3:38:56:4c:89:e1:00:9e:a2:0e:67:31:48:
37:af:e4:8a:47:a7:30:c1:36:db:c8:05:47:ab:f0:f2:f9:75:
48:ad:d8:be:86:db:92:2e:89:fd:2e:2f:31:6a:44:09:f0:98:
cb:38:60:8a:ab:90:ec:03:58:b3:9b:b8:56:67:86:b4:8a:a3:
f1:b5:5a:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeetCT8UBU1qm4NuZDTZhQJfrTyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwMDdaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyNjY2ZTI1YjM0NjlkZmQ2N2FkOWU1ZmIxMzBjOTFhNGQyMjhmYjYyNWQ3
NzU5MjFjYTdhOGUzNzQzZGQ5YTExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJCHgPTP9re5seiQUfNCbFImsVs5PSaoCiIZOlN+dDTvHffzypRnpDFRyJmi
bebe6413ihTXnoJ0nDSjez8mtWKoTNM4QHvmZRvcRvWhChn62GhNxcqeM5aAT3o7
OgIsfvCksMqSn596/Kw3x0Lgz0+gB9ZwCrgI8Z+D5Cu0iDoXEG9NrQrcCObzfs10
+yqwbMGGq8jQ46Y++pZfUAteuHBXGkDqzR90DHXK583/fLSoif5a8S55qX08/gj2
1yrO374lc9DxIgN+93VgqHtWP4Yd5gGV0e4DGiADvZW7LhcEvbP29vUEUg62jILu
9Y3/PRduBPODJvSTEx5VmWOP6gUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSwB/3c
9JJFVqKIXRISm19x+d4ddzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
OGQzMzQ3NGEtNzE5My00ZmIxLTkwZTItODIxMDZhNDBiNDYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8Mo
MA0GCSqGSIb3DQEBCwUAA4IBAQBjj3z2i9bF3aSrm++aGg9KCQk/ARJnRq7tC0dp
9OJW7PHQeW1yk532WPj3FN4QXHCKNIDBS8XNklUavSExDlFDAnVIqlZIfTsLZ3Ez
83TQh2oR00I/ouoXE7Jjuz+C2iLx3b/gwrrZEpFU4/sYhbLHpKwcqEiKmPUv/VlR
FehAXUm4iQb5bzdNOEEK2ZrroUvmMFytik/LLanxhfeEVEoGwh/OWlM53LzmHJl5
BbO6/CUNAQEUexFglOM4VkyJ4QCeog5nMUg3r+SKR6cwwTbbyAVHq/Dy+XVIrdi+
htuSLon9Li8xakQJ8JjLOGCKq5DsA1izm7hWZ4a0iqPxtVoL
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:48:52 2025 by rpki-client