Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
File: 640762f4-b911-441a-995b-675a2c1eb24d.roa (raw, json)
Hash identifier: v2cslqP/xy0yZ/DkcVgxg/1dA7EVXiSkjcGdg/MDH90=
Subject key identifier: 7F:27:C9:25:1D:D1:DF:1E:E4:56:27:49:89:9F:D3:50:C1:04:C6:C9
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5881B0B0F7397F07A331874F6F06CA0C5F346706
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
Signing time: Wed 03 Sep 2025 00:20:08 +0000
ROA not before: Wed 03 Sep 2025 00:20:08 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:81:b0:b0:f7:39:7f:07:a3:31:87:4f:6f:06:ca:0c:5f:34:67:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:08 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=ab818a26f29aab5dc4d39c8cc490221c85c190f49a8d77d497bf18c94b037a0b, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f2:7d:62:29:83:25:a8:60:98:9b:d3:db:5b:
5a:fc:7a:44:58:ae:98:6a:a0:ce:9f:ee:41:2b:c0:
db:af:9c:a0:8d:a9:7a:b2:84:40:c2:70:41:69:22:
f8:45:51:5c:23:3e:14:c7:ad:bc:d7:bd:13:4f:b6:
0e:f5:7b:1d:92:67:dc:bc:29:5a:bf:c3:58:29:f0:
17:29:d2:c1:93:b2:83:cb:08:43:82:a7:36:c4:27:
e0:89:5d:33:7e:d3:e4:e6:ea:0a:17:3c:d5:c3:ae:
47:b7:9b:3a:e3:57:85:9b:16:3c:44:c3:fd:d6:98:
08:33:52:59:0d:9b:b5:77:e0:03:b3:d4:80:84:5a:
eb:5e:e6:b8:a0:fc:08:9d:cf:49:f3:3e:0e:27:c9:
06:1e:b2:e9:c1:ce:73:18:cf:0b:33:08:ec:4c:6a:
6a:8f:2a:13:50:6d:3a:5a:72:71:06:c1:5e:54:69:
ec:17:6c:72:f5:de:80:93:57:d0:cf:11:ee:33:dd:
e3:12:1e:d0:06:2e:d9:8f:a3:fd:86:ab:34:9e:34:
e9:b9:a8:42:83:a0:52:25:70:50:1a:03:84:b4:64:
f6:0c:9d:5a:6b:04:0a:51:00:c4:f6:b2:43:c3:a7:
d7:4b:91:44:75:29:f9:ae:b2:db:9c:b6:1b:b2:1e:
a6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:27:C9:25:1D:D1:DF:1E:E4:56:27:49:89:9F:D3:50:C1:04:C6:C9
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2000::/36
Signature Algorithm: sha256WithRSAEncryption
01:86:75:2e:ab:f7:92:84:89:58:35:9a:ff:c7:2f:d9:cb:be:
c3:d9:3f:5c:62:73:57:00:6e:75:f6:a8:f8:33:94:c1:2e:52:
48:19:ea:79:cf:d8:b1:24:9a:3c:ef:1e:fd:09:42:13:f2:9e:
ed:15:e2:ea:cc:18:2e:39:43:94:8c:80:9c:9e:54:95:21:ad:
13:11:56:ef:20:ca:21:cc:82:9c:ef:d5:a7:44:83:ea:f5:2f:
a8:2e:69:c7:9d:99:88:e8:2a:c5:ee:ef:c0:e7:94:6f:08:9f:
3f:90:5e:9f:8e:ce:5b:35:13:67:c8:8e:3e:b3:02:5d:e2:61:
06:52:16:c6:ab:5f:74:39:e0:ff:7d:39:4f:9b:a4:54:bf:93:
92:b9:7e:a0:d2:d3:72:7c:2f:f1:18:66:bb:88:6d:d1:39:f7:
d8:51:bf:53:9a:d7:2e:cf:e4:d3:d8:4e:ea:dc:8b:30:8c:02:
3a:fb:04:fa:6e:d5:0d:73:20:cc:d2:61:48:38:83:44:0e:98:
de:b8:b5:40:5b:3a:06:b0:83:8b:a3:1e:8f:08:4f:a4:49:f1:
5b:50:bf:21:3d:78:14:9f:1e:ad:e0:79:45:eb:c3:89:50:09:
54:bb:55:f0:3a:35:82:be:4f:f4:fd:1b:f2:54:15:42:64:ed:
17:de:d9:27
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWIGwsPc5fwejMYdPbwbKDF80ZwYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwMDhaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiODE4YTI2ZjI5YWFiNWRjNGQzOWM4Y2M0OTAyMjFjODVjMTkwZjQ5YThk
NzdkNDk3YmYxOGM5NGIwMzdhMGIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbyfWIpgyWoYJib09tbWvx6RFiumGqgzp/uQSvA26+coI2perKEQMJwQWki
+EVRXCM+FMetvNe9E0+2DvV7HZJn3LwpWr/DWCnwFynSwZOyg8sIQ4KnNsQn4Ild
M37T5ObqChc81cOuR7ebOuNXhZsWPETD/daYCDNSWQ2btXfgA7PUgIRa617muKD8
CJ3PSfM+DifJBh6y6cHOcxjPCzMI7Exqao8qE1BtOlpycQbBXlRp7BdscvXegJNX
0M8R7jPd4xIe0AYu2Y+j/YarNJ406bmoQoOgUiVwUBoDhLRk9gydWmsEClEAxPay
Q8On10uRRHUp+a6y25y2G7IepnMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR/J8kl
HdHfHuRWJ0mJn9NQwQTGyTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NjQwNzYyZjQtYjkxMS00NDFhLTk5NWItNjc1YTJjMWViMjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cg
MA0GCSqGSIb3DQEBCwUAA4IBAQABhnUuq/eShIlYNZr/xy/Zy77D2T9cYnNXAG51
9qj4M5TBLlJIGep5z9ixJJo87x79CUIT8p7tFeLqzBguOUOUjICcnlSVIa0TEVbv
IMohzIKc79WnRIPq9S+oLmnHnZmI6CrF7u/A55RvCJ8/kF6fjs5bNRNnyI4+swJd
4mEGUhbGq190OeD/fTlPm6RUv5OSuX6g0tNyfC/xGGa7iG3ROffYUb9Tmtcuz+TT
2E7q3IswjAI6+wT6btUNcyDM0mFIOINEDpjeuLVAWzoGsIOLox6PCE+kSfFbUL8h
PXgUnx6t4HlF68OJUAlUu1XwOjWCvk/0/RvyVBVCZO0X3tkn
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:33 2025 by rpki-client