Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
File: 1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa (raw, json)
Hash identifier: srhmO780gkACPpfbaftAmu4EYwopk6/GNHzM+ve6KHA=
Subject key identifier: 22:24:D9:8B:0D:7F:17:68:2E:D7:A7:D8:73:CC:9F:D1:15:A9:88:AD
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 39F1D17CF5BD067A3A63590CAC802521BC16F63A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
Signing time: Wed 03 Sep 2025 00:20:36 +0000
ROA not before: Wed 03 Sep 2025 00:20:36 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:f1:d1:7c:f5:bd:06:7a:3a:63:59:0c:ac:80:25:21:bc:16:f6:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:36 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=61cdd851a6e09338c5dc0e60fb60d117b159ca9683f086c2206b11d3366bb9d8, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:14:be:d5:6b:2d:29:82:ad:67:53:82:40:19:
11:82:84:f9:45:92:32:81:e8:cd:68:6e:23:f2:9f:
f9:b1:3a:af:29:22:9d:4b:53:35:6f:b6:89:d6:87:
a7:6b:13:65:40:6e:6b:c1:fd:be:e0:81:57:42:23:
7d:00:65:40:ed:14:70:bd:f1:f8:3a:ea:51:ca:6a:
6e:95:a6:22:de:53:83:76:b7:a9:0d:5e:e9:c4:96:
72:d5:85:9b:41:9a:38:2a:2b:aa:64:a8:63:b4:86:
7b:2b:9b:e5:c5:fa:f1:62:b6:c4:d8:e6:30:c5:ae:
99:1c:38:80:92:db:ea:d5:27:9c:cf:31:a3:16:a9:
4f:dd:82:19:54:56:b0:4c:96:23:6e:58:f8:02:fb:
70:82:2e:c9:bc:4c:c3:49:a8:67:21:be:e7:69:9d:
ce:15:bb:6a:3e:52:7b:f2:db:47:16:c3:61:76:fc:
e5:03:97:36:0c:06:a8:05:5d:aa:20:fd:e6:ef:4c:
c6:c0:30:2c:4c:c3:14:0b:43:ec:d4:17:07:40:11:
81:81:bb:ed:16:6c:dc:42:8d:e4:33:0e:42:52:2f:
70:8f:e6:f1:6a:fb:f4:8e:c4:df:98:62:c1:9a:dc:
b7:53:95:b3:39:5c:e8:33:81:a2:b5:f2:51:07:e3:
38:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:24:D9:8B:0D:7F:17:68:2E:D7:A7:D8:73:CC:9F:D1:15:A9:88:AD
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8c00::/38
Signature Algorithm: sha256WithRSAEncryption
3d:a6:76:d8:27:8d:63:b8:fd:74:91:d7:92:e3:a8:9c:51:6e:
e2:f1:4a:f9:61:82:e1:bf:53:69:ed:b9:62:8d:1f:d9:fe:82:
b3:2e:0a:29:fd:cd:50:5b:b7:57:43:e1:33:04:b8:c0:ec:cd:
8d:39:af:09:41:5a:64:6a:ec:1b:ed:20:75:11:db:62:a9:39:
fb:cb:34:24:02:8f:ac:26:b7:d1:c2:2f:2b:cf:c4:a1:83:e5:
51:0d:37:26:7b:5b:cf:99:33:28:0d:c3:08:2d:60:91:91:7a:
00:46:24:45:d3:b5:15:14:5b:77:de:d0:ce:25:99:ca:dd:a4:
13:0b:77:87:85:15:26:7f:e0:0e:9f:f2:60:e3:17:56:49:ae:
e7:86:c6:9d:5b:db:63:01:90:a3:08:14:e9:1c:40:ea:96:45:
3d:f6:37:2a:0c:3a:ad:93:fd:0e:fb:05:d9:bf:c6:a8:34:bc:
46:b6:1d:4e:37:b4:cc:60:29:d7:f9:29:4a:d1:72:0f:75:aa:
04:51:2b:f2:2f:a2:6d:49:20:1e:e7:9b:d2:85:cd:3e:44:cf:
4e:ca:d1:6d:14:53:ea:11:f9:d6:88:40:b0:f8:9a:bc:7b:fd:
0b:22:ab:55:38:fb:cf:b7:fe:36:70:42:2b:8c:16:3e:56:db:
4d:e9:de:bd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOfHRfPW9Bno6Y1kMrIAlIbwW9jowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwMzZaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxY2RkODUxYTZlMDkzMzhjNWRjMGU2MGZiNjBkMTE3YjE1OWNhOTY4M2Yw
ODZjMjIwNmIxMWQzMzY2YmI5ZDgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0UvtVrLSmCrWdTgkAZEYKE+UWSMoHozWhuI/Kf+bE6rykinUtTNW+2idaH
p2sTZUBua8H9vuCBV0IjfQBlQO0UcL3x+DrqUcpqbpWmIt5Tg3a3qQ1e6cSWctWF
m0GaOCorqmSoY7SGeyub5cX68WK2xNjmMMWumRw4gJLb6tUnnM8xoxapT92CGVRW
sEyWI25Y+AL7cIIuybxMw0moZyG+52mdzhW7aj5Se/LbRxbDYXb85QOXNgwGqAVd
qiD95u9MxsAwLEzDFAtD7NQXB0ARgYG77RZs3EKN5DMOQlIvcI/m8Wr79I7E35hi
wZrct1OVszlc6DOBorXyUQfjOEkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQiJNmL
DX8XaC7Xp9hzzJ/RFamIrTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWY3YjJlMzQtYTA0MS00YjEyLWE1YjAtNWFmMGQ2ZjQzYjlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GM
MA0GCSqGSIb3DQEBCwUAA4IBAQA9pnbYJ41juP10kdeS46icUW7i8Ur5YYLhv1Np
7blijR/Z/oKzLgop/c1QW7dXQ+EzBLjA7M2NOa8JQVpkauwb7SB1EdtiqTn7yzQk
Ao+sJrfRwi8rz8Shg+VRDTcme1vPmTMoDcMILWCRkXoARiRF07UVFFt33tDOJZnK
3aQTC3eHhRUmf+AOn/Jg4xdWSa7nhsadW9tjAZCjCBTpHEDqlkU99jcqDDqtk/0O
+wXZv8aoNLxGth1ON7TMYCnX+SlK0XIPdaoEUSvyL6JtSSAe55vShc0+RM9OytFt
FFPqEfnWiECw+Jq8e/0LIqtVOPvPt/42cEIrjBY+VttN6d69
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:54 2025 by rpki-client