Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/b128bc8d-b462-4700-9503-592938317487.roa
File: b128bc8d-b462-4700-9503-592938317487.roa (raw, json)
Hash identifier: CTZCdrCA8dDyr3bMBY4CJDKDGynylvVC7BFnANFuJnQ=
Subject key identifier: 95:F2:81:43:10:40:28:D7:D9:BC:FA:8D:88:86:54:D4:E5:AD:7B:7E
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 331674562438B32EE74702F59DDFF412F97B4C9C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/b128bc8d-b462-4700-9503-592938317487.roa
Signing time: Tue 15 Jul 2025 00:20:59 +0000
ROA not before: Tue 15 Jul 2025 00:20:59 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:16:74:56:24:38:b3:2e:e7:47:02:f5:9d:df:f4:12:f9:7b:4c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:59 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=120005a864941d63763845484f284d6bd1f3f8fd5e7b95b04c58e48d1061ae21, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:50:ee:36:41:04:dc:68:a8:d7:7e:86:c0:88:
8f:93:1e:45:a0:36:9d:ac:a6:62:ec:1b:e3:d7:18:
80:b6:75:7c:59:30:83:17:c4:28:03:43:a1:6b:5d:
a3:56:1a:19:71:39:cf:83:ee:88:c3:0c:84:cf:0d:
12:4e:60:b5:cf:2e:53:42:a2:55:36:1b:0d:86:f3:
be:e2:ad:5f:9f:a1:0b:c2:f7:d1:17:f4:c1:eb:17:
96:0f:bc:b7:d0:e6:e6:3d:3f:34:1c:dc:a2:9f:5c:
48:4e:62:10:4c:16:d4:20:f2:fc:24:c7:67:da:13:
d2:3f:96:b2:e0:70:39:30:75:97:48:a6:22:d2:8d:
4b:96:b2:2c:be:28:10:5f:36:5e:49:9a:ae:ca:10:
bc:4d:34:f3:9f:ed:1b:b9:f6:1f:56:38:88:52:c1:
ce:54:7f:f2:24:b8:34:0e:1c:0a:a5:e8:1a:f8:6d:
c3:84:27:16:8f:8f:c6:7e:8e:ef:24:d6:08:af:2a:
44:0b:6a:a5:44:92:63:62:25:5f:8d:d2:02:d5:0c:
1a:62:72:cb:d1:26:6f:d0:da:ee:ad:17:81:03:05:
87:7d:95:ac:2c:87:55:ce:26:04:fa:9f:31:95:72:
37:a7:2e:ce:93:ee:0e:12:36:98:01:90:f9:58:70:
4e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F2:81:43:10:40:28:D7:D9:BC:FA:8D:88:86:54:D4:E5:AD:7B:7E
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/b128bc8d-b462-4700-9503-592938317487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:880::/48
Signature Algorithm: sha256WithRSAEncryption
96:fe:f8:bc:1d:0d:98:8d:6a:48:3d:88:96:f0:f9:c7:fe:b1:
d8:a9:7e:7a:f2:25:a6:bc:e8:cc:66:f7:9c:3a:0c:0a:da:24:
d0:13:83:1a:88:4c:20:98:80:23:da:00:15:ff:a5:ae:94:94:
9f:00:85:c3:3a:5c:da:5b:f5:64:c6:7b:b8:bc:29:65:68:45:
6f:12:a5:3b:30:40:cc:bb:e0:cc:ea:db:71:88:1e:f6:57:2b:
6b:e4:34:5f:48:10:af:d6:b3:bd:62:e7:4a:7b:81:16:b9:55:
78:87:20:32:74:64:79:45:b1:bf:96:85:ec:e4:dd:7a:e3:39:
46:8a:69:dd:3e:09:1b:37:67:dc:2e:a3:e4:cf:d0:02:61:a2:
cf:1d:8a:a2:9f:04:d0:bd:5a:22:90:ca:91:3c:2b:37:32:c2:
72:fa:91:c8:a3:12:8a:87:bb:67:81:79:8e:81:3a:1d:1a:59:
ba:f0:7f:de:54:10:0a:1d:bd:b2:2f:c6:62:50:bf:5b:b8:fd:
d4:60:90:51:53:ad:0d:56:ea:f6:6a:78:b5:17:ed:43:e9:55:
0b:ed:c4:c1:0e:53:34:e2:c7:60:34:92:ba:17:f5:c1:b5:06:
33:ca:d3:0a:75:4e:8a:16:d3:b1:3b:16:77:dc:dc:b5:f4:a9:
77:e8:42:34
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMxZ0ViQ4sy7nRwL1nd/0Evl7TJwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwNTlaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyMDAwNWE4NjQ5NDFkNjM3NjM4NDU0ODRmMjg0ZDZiZDFmM2Y4ZmQ1ZTdi
OTViMDRjNThlNDhkMTA2MWFlMjExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdQ7jZBBNxoqNd+hsCIj5MeRaA2naymYuwb49cYgLZ1fFkwgxfEKANDoWtd
o1YaGXE5z4PuiMMMhM8NEk5gtc8uU0KiVTYbDYbzvuKtX5+hC8L30Rf0wesXlg+8
t9Dm5j0/NBzcop9cSE5iEEwW1CDy/CTHZ9oT0j+WsuBwOTB1l0imItKNS5ayLL4o
EF82XkmarsoQvE0085/tG7n2H1Y4iFLBzlR/8iS4NA4cCqXoGvhtw4QnFo+Pxn6O
7yTWCK8qRAtqpUSSY2IlX43SAtUMGmJyy9Emb9Da7q0XgQMFh32VrCyHVc4mBPqf
MZVyN6cuzpPuDhI2mAGQ+VhwTq0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSV8oFD
EEAo19m8+o2IhlTU5a17fjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YjEyOGJjOGQtYjQ2Mi00NzAwLTk1MDMtNTkyOTM4MzE3NDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
gDANBgkqhkiG9w0BAQsFAAOCAQEAlv74vB0NmI1qSD2IlvD5x/6x2Kl+evIlprzo
zGb3nDoMCtok0BODGohMIJiAI9oAFf+lrpSUnwCFwzpc2lv1ZMZ7uLwpZWhFbxKl
OzBAzLvgzOrbcYge9lcra+Q0X0gQr9azvWLnSnuBFrlVeIcgMnRkeUWxv5aF7OTd
euM5Ropp3T4JGzdn3C6j5M/QAmGizx2Kop8E0L1aIpDKkTwrNzLCcvqRyKMSioe7
Z4F5joE6HRpZuvB/3lQQCh29si/GYlC/W7j91GCQUVOtDVbq9mp4tRftQ+lVC+3E
wQ5TNOLHYDSSuhf1wbUGM8rTCnVOihbTsTsWd9zctfSpd+hCNA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:50:30 2025 by rpki-client