Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
File: e75e46c0-2d4d-42fd-a050-85f835672397.roa (raw, json)
Hash identifier: mChkbOSTHwIqmWFb8GUnW5uIqi7+MabL6FLI7yDcTRM=
Subject key identifier: 6B:6F:46:6C:F3:06:EF:81:06:62:CD:00:F3:08:82:09:01:F4:DB:07
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4750B5ACDD54507E939E416025131549A10D8E61
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
Signing time: Tue 15 Jul 2025 00:30:38 +0000
ROA not before: Tue 15 Jul 2025 00:30:38 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:9000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:50:b5:ac:dd:54:50:7e:93:9e:41:60:25:13:15:49:a1:0d:8e:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:38 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=c825810c2b07e65a3ad47193ac2532eab616ab7bfd2f68936408e27da1f697c5, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d5:11:2d:04:32:a4:1e:86:2f:b5:01:f9:77:
7d:9c:eb:f9:e4:fe:4d:fe:1f:f6:1b:6a:94:45:9e:
73:68:ad:73:a9:1d:1a:c4:0d:09:79:a7:86:7b:cc:
aa:f1:d5:06:0d:d4:94:3c:86:4e:97:58:7a:3d:b5:
44:0f:98:0b:31:f7:9a:c0:6e:a0:9f:00:22:a7:af:
4a:db:3f:cf:66:89:dc:3c:fb:a9:77:08:39:72:c8:
90:69:07:86:06:9e:30:ee:8a:7c:af:2a:80:05:b0:
93:92:30:8c:dd:59:ba:5c:52:d5:1a:d6:3b:d7:47:
0f:1e:cc:6c:ba:40:c2:ca:85:47:81:22:18:e3:07:
02:87:6c:d9:c4:63:a5:f9:93:96:c8:6a:cd:84:92:
72:93:4b:87:ab:67:50:1b:08:cc:2a:5f:2f:fa:ae:
8a:0e:3f:de:60:4b:fa:23:e2:cf:82:6e:dc:14:8a:
98:5d:cf:97:a2:45:60:31:1d:1c:11:f9:af:7a:09:
b5:79:3d:18:dc:7b:84:70:6f:5a:a7:a9:c4:35:b0:
38:41:f0:11:71:51:bb:84:fe:d5:85:9a:a3:e2:70:
69:3b:29:6c:84:ac:f4:53:b2:5d:0c:29:32:0b:2e:
4c:f8:2d:46:36:23:d5:64:8e:f9:1a:cd:29:d4:53:
0e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:6F:46:6C:F3:06:EF:81:06:62:CD:00:F3:08:82:09:01:F4:DB:07
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:9000::/36
Signature Algorithm: sha256WithRSAEncryption
6e:4f:bb:9a:45:a7:db:93:d1:df:0f:51:4a:41:f2:2d:3b:b6:
18:9a:f6:5a:08:a0:84:38:7e:7c:22:c6:bf:85:78:62:7e:76:
a2:9a:ac:17:6c:b6:df:ae:c5:dc:59:5e:7f:74:07:99:2a:ee:
d4:53:eb:c7:d7:c0:43:07:33:b1:96:1d:2a:b7:59:35:a6:7e:
a3:53:1e:70:5c:13:c4:dd:40:c1:83:2f:80:4c:f8:c1:b0:5e:
95:85:ff:ce:e0:84:7d:3e:75:69:76:34:6e:de:26:ae:1d:8f:
00:f1:2f:63:ab:60:fb:09:0b:4c:97:42:f1:e2:89:c3:df:89:
55:f0:a9:f6:39:e9:04:63:02:93:6d:b1:f4:9d:ec:91:bc:05:
4a:99:d8:51:5f:13:c9:89:4a:49:4d:e7:04:b6:77:b7:f1:fe:
e8:8b:0e:7c:25:ff:93:c4:4e:39:bd:86:b5:47:b5:97:ac:af:
ee:a7:54:f0:08:6f:38:73:8b:3c:24:1c:06:a9:ba:b9:e6:48:
5a:62:41:af:b6:af:5f:2d:38:4e:3f:c5:6c:d6:ef:61:06:4f:
e6:a9:a7:06:2c:87:e3:8b:39:4b:22:4f:e2:e9:c1:ac:c9:f6:
23:da:22:ab:97:5d:a1:0b:9e:06:18:08:28:3e:45:8d:73:8e:
35:97:6f:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR1C1rN1UUH6TnkFgJRMVSaENjmEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMzhaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4MjU4MTBjMmIwN2U2NWEzYWQ0NzE5M2FjMjUzMmVhYjYxNmFiN2JmZDJm
Njg5MzY0MDhlMjdkYTFmNjk3YzUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTVES0EMqQehi+1Afl3fZzr+eT+Tf4f9htqlEWec2itc6kdGsQNCXmnhnvM
qvHVBg3UlDyGTpdYej21RA+YCzH3msBuoJ8AIqevSts/z2aJ3Dz7qXcIOXLIkGkH
hgaeMO6KfK8qgAWwk5IwjN1ZulxS1RrWO9dHDx7MbLpAwsqFR4EiGOMHAods2cRj
pfmTlshqzYSScpNLh6tnUBsIzCpfL/quig4/3mBL+iPiz4Ju3BSKmF3Pl6JFYDEd
HBH5r3oJtXk9GNx7hHBvWqepxDWwOEHwEXFRu4T+1YWao+JwaTspbISs9FOyXQwp
MgsuTPgtRjYj1WSO+RrNKdRTDqUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrb0Zs
8wbvgQZizQDzCIIJAfTbBzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZTc1ZTQ2YzAtMmQ0ZC00MmZkLWEwNTAtODVmODM1NjcyMzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBuT7uaRafbk9HfD1FKQfItO7YYmvZaCKCEOH58
Isa/hXhifnaimqwXbLbfrsXcWV5/dAeZKu7UU+vH18BDBzOxlh0qt1k1pn6jUx5w
XBPE3UDBgy+ATPjBsF6Vhf/O4IR9PnVpdjRu3iauHY8A8S9jq2D7CQtMl0Lx4onD
34lV8Kn2OekEYwKTbbH0neyRvAVKmdhRXxPJiUpJTecEtne38f7oiw58Jf+TxE45
vYa1R7WXrK/up1TwCG84c4s8JBwGqbq55khaYkGvtq9fLThOP8Vs1u9hBk/mqacG
LIfjizlLIk/i6cGsyfYj2iKrl12hC54GGAgoPkWNc441l29r
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:30:30 2025 by rpki-client