Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
File: 9195a704-de86-4692-95c9-30d458a106d5.roa (raw, json)
Hash identifier: nx1n4penxrpZbyr5CQNI1x4vhtrvnMsnCv5/NvN3g7M=
Subject key identifier: 08:39:A3:3B:2D:95:39:0E:C0:E4:74:32:92:12:9F:0D:4D:48:5F:93
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 518EB96AEB1AE7A673382F7970876A75C6AF49A5
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
Signing time: Tue 15 Jul 2025 00:30:33 +0000
ROA not before: Tue 15 Jul 2025 00:30:33 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:8e:b9:6a:eb:1a:e7:a6:73:38:2f:79:70:87:6a:75:c6:af:49:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:33 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=0f0e39e7a821327966f8853b5096dbad45dea52548235672d9c5f05d6f17a409, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:4b:b3:3c:ab:33:40:e7:de:42:04:ea:07:d1:
46:62:2b:3e:cd:14:c3:ff:07:c7:02:91:fb:d5:12:
ba:cf:c0:ce:3e:aa:13:71:a9:23:b3:cc:0f:e6:cc:
c0:45:ff:dd:c5:34:52:92:92:22:6c:b5:b3:71:f5:
c4:c7:d4:bb:46:50:28:55:f5:67:4b:ac:04:fa:7f:
d6:f5:ae:54:b6:77:d5:c4:05:66:a9:94:55:f2:ac:
c6:10:6e:02:ba:fe:a0:30:f4:2b:c8:61:89:c1:e2:
0d:58:a7:4b:6b:34:e9:30:0b:c9:4f:07:33:13:4f:
2d:1c:18:ea:ed:6e:73:8f:18:f3:91:51:30:cf:30:
be:8b:21:ad:8f:f3:68:15:31:82:c8:50:d4:5c:74:
87:b0:f4:b0:fa:e7:e0:b3:09:fd:16:05:f7:02:6c:
21:f7:95:48:57:cd:5d:8a:12:60:75:78:4b:3f:b5:
f7:01:25:64:ca:b3:0b:32:f2:42:fb:86:22:86:50:
3e:81:d4:01:7d:bd:fd:b6:43:53:17:89:04:35:04:
ba:9d:d0:2c:4a:87:07:1e:6d:ea:b1:3e:b7:80:39:
dd:29:be:6b:9b:c0:c2:ee:61:89:09:0c:c0:dc:6c:
30:2a:3c:4b:77:3e:cc:ff:d2:bd:9d:00:05:f9:27:
36:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:39:A3:3B:2D:95:39:0E:C0:E4:74:32:92:12:9F:0D:4D:48:5F:93
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/36
Signature Algorithm: sha256WithRSAEncryption
75:26:d7:21:c6:ce:97:2c:50:18:a7:5f:88:2c:8b:60:69:0e:
1a:96:6d:86:c7:dd:73:47:b0:25:12:10:4a:ac:a4:12:16:23:
b3:ff:35:03:5b:d4:c1:f7:c0:15:d2:74:a3:3e:fe:10:82:8f:
68:92:b3:3d:5f:ea:b6:d9:4b:79:2b:9a:ed:bc:37:60:cd:cb:
1b:ab:3a:7a:ca:ff:fa:25:50:91:20:c7:b4:b7:43:b9:5d:7d:
e5:12:1e:86:c0:76:5e:f2:0c:fd:52:74:28:0f:36:8c:72:f4:
14:f2:86:0f:6c:cd:a8:71:ff:52:49:ec:50:f8:b9:f3:64:4a:
3f:d9:50:42:5c:3d:5a:be:9e:ca:cf:40:e6:91:5a:3c:a0:2c:
51:2f:0d:87:27:92:d6:94:c9:8b:09:77:ce:d6:6b:e4:a7:70:
93:d7:b7:19:60:28:e2:7a:64:23:28:21:f4:9e:af:bc:e5:c9:
f7:ff:40:fd:35:82:27:e8:52:f5:a1:65:23:91:81:30:8e:1f:
45:e4:d5:a4:44:4b:99:1b:cf:97:a0:67:af:34:4f:36:a3:20:
9d:ee:92:b8:e5:ad:15:20:de:e9:be:0e:1a:67:24:87:c3:9d:
02:89:0c:be:cc:13:49:26:3d:30:7f:e4:46:d5:43:47:04:29:
aa:d6:c0:68
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUY65ausa56ZzOC95cIdqdcavSaUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMzNaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmMGUzOWU3YTgyMTMyNzk2NmY4ODUzYjUwOTZkYmFkNDVkZWE1MjU0ODIz
NTY3MmQ5YzVmMDVkNmYxN2E0MDkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAORLszyrM0Dn3kIE6gfRRmIrPs0Uw/8HxwKR+9USus/Azj6qE3GpI7PMD+bM
wEX/3cU0UpKSImy1s3H1xMfUu0ZQKFX1Z0usBPp/1vWuVLZ31cQFZqmUVfKsxhBu
Arr+oDD0K8hhicHiDVinS2s06TALyU8HMxNPLRwY6u1uc48Y85FRMM8wvoshrY/z
aBUxgshQ1Fx0h7D0sPrn4LMJ/RYF9wJsIfeVSFfNXYoSYHV4Sz+19wElZMqzCzLy
QvuGIoZQPoHUAX29/bZDUxeJBDUEup3QLEqHBx5t6rE+t4A53Sm+a5vAwu5hiQkM
wNxsMCo8S3c+zP/SvZ0ABfknNhMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQIOaM7
LZU5DsDkdDKSEp8NTUhfkzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
OTE5NWE3MDQtZGU4Ni00NjkyLTk1YzktMzBkNDU4YTEwNmQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQB1Jtchxs6XLFAYp1+ILItgaQ4alm2Gx91zR7Al
EhBKrKQSFiOz/zUDW9TB98AV0nSjPv4Qgo9okrM9X+q22Ut5K5rtvDdgzcsbqzp6
yv/6JVCRIMe0t0O5XX3lEh6GwHZe8gz9UnQoDzaMcvQU8oYPbM2ocf9SSexQ+Lnz
ZEo/2VBCXD1avp7Kz0DmkVo8oCxRLw2HJ5LWlMmLCXfO1mvkp3CT17cZYCjiemQj
KCH0nq+85cn3/0D9NYIn6FL1oWUjkYEwjh9F5NWkREuZG8+XoGevNE82oyCd7pK4
5a0VIN7pvg4aZySHw50CiQy+zBNJJj0wf+RG1UNHBCmq1sBo
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:51:19 2025 by rpki-client