Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
File: e75e46c0-2d4d-42fd-a050-85f835672397.roa (raw, json)
Hash identifier: 3nARbV/ry9u+7uLlyHURFaNE+gUwOOfgmLhGYn4pyjQ=
Subject key identifier: 33:4D:B2:D8:B5:7E:DC:4F:88:C4:1A:E9:14:46:3F:A5:86:72:41:99
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 74D3330120777EA3F0F5C7B194707CFD91C6B334
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
Signing time: Wed 03 Sep 2025 00:30:09 +0000
ROA not before: Wed 03 Sep 2025 00:30:09 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:9000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:d3:33:01:20:77:7e:a3:f0:f5:c7:b1:94:70:7c:fd:91:c6:b3:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:30:09 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=d16dcd32fbcaa92420e9bdc77ee527f727b06f860f5465dc1fdddec6878eec83, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4d:1d:1a:4d:d0:fe:67:0f:2a:5e:d0:33:7c:
17:d7:db:46:e2:5f:62:92:66:78:31:77:c3:db:f7:
df:1d:6e:01:86:4a:85:40:cc:6f:2e:db:58:e7:10:
49:bb:36:99:3f:8b:c8:48:b7:2c:29:29:e3:44:c4:
4f:ae:63:6a:30:27:58:50:a0:32:3d:23:76:68:95:
9c:f5:71:cb:6a:f4:22:f1:34:ac:b8:4a:3c:39:cb:
05:74:ed:9f:1a:ee:5a:97:ae:c2:ab:c5:d7:fb:06:
19:25:4b:d6:d1:09:34:a5:ec:22:10:c3:69:4a:a1:
c8:2a:6d:25:3d:d3:41:1e:b3:07:8c:0a:3e:b2:4f:
7b:a1:59:d6:50:79:03:b5:a1:94:48:b9:0d:f3:bf:
81:10:c3:20:24:2f:72:1e:b6:ed:dd:3f:33:2a:d4:
84:6b:27:38:04:05:4a:06:7f:ee:75:ad:b5:95:5d:
c5:f4:d9:07:eb:0f:2a:22:b9:0f:3c:91:49:33:cc:
f1:7c:69:e3:c2:47:ac:3c:c2:e8:6e:2c:a7:10:4b:
12:36:09:a0:23:8c:df:3a:ec:6d:88:7c:85:a9:e0:
ca:9b:01:6f:6d:96:0a:3b:22:4d:bb:c1:31:27:61:
16:e0:8c:f4:ed:f6:18:63:e2:e9:67:87:ff:5b:31:
31:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:4D:B2:D8:B5:7E:DC:4F:88:C4:1A:E9:14:46:3F:A5:86:72:41:99
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:9000::/36
Signature Algorithm: sha256WithRSAEncryption
36:36:05:a6:ad:41:bf:76:71:56:fe:6f:9f:9a:5f:46:d6:47:
de:99:6e:6f:89:ed:b3:c8:b2:eb:cd:6e:ee:df:7e:3b:4d:ee:
72:2c:49:df:3f:c1:16:46:09:62:23:27:a3:0e:10:1e:b9:37:
6c:3c:94:fe:aa:28:5f:00:ce:06:fb:3a:6e:43:12:e6:3d:70:
de:59:a8:50:df:02:67:34:87:23:52:76:51:44:6a:0b:56:cc:
8e:a0:1f:91:4e:af:e4:11:66:88:d5:1e:f4:5b:17:1b:bf:26:
d1:6b:f2:09:ea:b1:9d:0e:aa:e4:c0:e9:bd:76:71:d8:11:02:
8e:98:02:48:53:b4:92:d1:55:3a:9e:8b:d2:8b:d1:51:78:eb:
bd:c4:39:42:76:4b:b5:f3:2d:13:f0:e7:5f:e5:87:ea:9f:bc:
3e:e7:68:1b:1e:fb:f9:3e:0f:ef:3a:e0:f3:3c:e9:54:ac:9e:
d0:c2:3b:52:44:b9:9a:1e:13:2a:cd:1c:8f:55:1c:10:85:32:
ea:6a:d9:bc:7f:57:e5:47:e0:8e:6e:89:e6:56:6b:55:28:1f:
4c:2d:43:c2:c6:7e:ea:27:f7:b0:c3:d8:96:94:fc:94:54:41:
75:f4:b4:7a:60:b5:34:55:40:93:ae:9e:aa:34:e5:e0:2c:ea:
05:c8:2a:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdNMzASB3fqPw9cexlHB8/ZHGszQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDMwMDlaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxNmRjZDMyZmJjYWE5MjQyMGU5YmRjNzdlZTUyN2Y3MjdiMDZmODYwZjU0
NjVkYzFmZGRkZWM2ODc4ZWVjODMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNNHRpN0P5nDype0DN8F9fbRuJfYpJmeDF3w9v33x1uAYZKhUDMby7bWOcQ
Sbs2mT+LyEi3LCkp40TET65jajAnWFCgMj0jdmiVnPVxy2r0IvE0rLhKPDnLBXTt
nxruWpeuwqvF1/sGGSVL1tEJNKXsIhDDaUqhyCptJT3TQR6zB4wKPrJPe6FZ1lB5
A7WhlEi5DfO/gRDDICQvch627d0/MyrUhGsnOAQFSgZ/7nWttZVdxfTZB+sPKiK5
DzyRSTPM8Xxp48JHrDzC6G4spxBLEjYJoCOM3zrsbYh8hangypsBb22WCjsiTbvB
MSdhFuCM9O32GGPi6WeH/1sxMfECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQzTbLY
tX7cT4jEGukURj+lhnJBmTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZTc1ZTQ2YzAtMmQ0ZC00MmZkLWEwNTAtODVmODM1NjcyMzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA2NgWmrUG/dnFW/m+fml9G1kfemW5vie2zyLLr
zW7u3347Te5yLEnfP8EWRgliIyejDhAeuTdsPJT+qihfAM4G+zpuQxLmPXDeWahQ
3wJnNIcjUnZRRGoLVsyOoB+RTq/kEWaI1R70WxcbvybRa/IJ6rGdDqrkwOm9dnHY
EQKOmAJIU7SS0VU6novSi9FReOu9xDlCdku18y0T8Odf5Yfqn7w+52gbHvv5Pg/v
OuDzPOlUrJ7QwjtSRLmaHhMqzRyPVRwQhTLqatm8f1flR+CObonmVmtVKB9MLUPC
xn7qJ/eww9iWlPyUVEF19LR6YLU0VUCTrp6qNOXgLOoFyCoD
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:47 2025 by rpki-client