Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
File: 00d32677-2dbe-47e3-a4b3-be1e601729bd.roa (raw, json)
Hash identifier: gBcikT5aP+RLtqSryhMiQO5oMIui87MKyndYzPZd+kw=
Subject key identifier: 6E:61:B4:58:41:CD:55:E8:18:83:AF:42:3E:2A:23:16:B0:51:8C:15
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 687AE48E7966678091CC93239C54D0BE7348197B
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
Signing time: Fri 08 Aug 2025 00:40:07 +0000
ROA not before: Fri 08 Aug 2025 00:40:07 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:9000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:7a:e4:8e:79:66:67:80:91:cc:93:23:9c:54:d0:be:73:48:19:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 8 00:40:07 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=bf3c4b4f95b622aa18d8cc907214fa67fcb1c6f8b014bcaa560a41a69ede6e63, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b2:72:c1:d4:87:c6:95:fa:68:36:f5:a3:bb:
dc:31:2e:81:7c:de:76:6e:d9:99:6e:1d:3c:5c:b9:
2c:2e:17:4d:9c:9c:0c:9c:73:ae:38:d3:4c:17:fe:
82:0c:89:50:87:59:60:8a:8a:e3:45:4c:44:80:e7:
c6:79:ef:18:3b:9c:7f:88:be:0b:29:eb:57:10:0e:
32:d7:2a:ae:0d:0c:2b:a4:96:72:e8:b7:d5:87:f6:
b2:51:db:e9:ee:a8:51:94:81:31:63:03:b3:b2:da:
4b:30:c3:48:a4:9b:88:e8:81:5d:bd:88:41:22:e0:
fb:76:b2:fc:77:18:53:ee:86:c3:1f:5f:9c:aa:9d:
19:66:c7:c0:5a:13:fc:ed:7c:74:c7:f1:3f:02:41:
50:b7:d8:4b:dd:a9:d8:e6:ea:3b:8f:07:19:91:21:
f0:6d:76:39:1e:63:a0:48:88:82:35:07:db:99:70:
9c:74:dd:ed:7e:75:d5:99:f1:f2:93:4e:28:61:c8:
40:bc:a6:ed:8c:74:43:9d:a1:06:21:11:19:98:45:
65:c8:d8:c7:9d:47:0b:2b:9e:b7:33:d6:81:96:44:
fb:0b:3b:98:eb:2d:72:ee:3b:ea:18:9f:1b:62:2a:
55:bb:17:a3:b8:45:db:81:3c:90:e9:5f:1a:7c:33:
fb:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:61:B4:58:41:CD:55:E8:18:83:AF:42:3E:2A:23:16:B0:51:8C:15
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:9000::/36
Signature Algorithm: sha256WithRSAEncryption
59:26:60:3e:6f:6c:c4:be:eb:c0:12:3b:10:26:09:32:fa:37:
e4:9c:a9:9f:18:ed:e7:d0:64:90:08:20:33:fb:12:31:e1:3a:
03:ab:bd:dc:97:57:7e:89:c9:80:78:e8:19:b7:7b:96:33:4c:
c3:95:7b:9b:05:67:c0:61:4b:d7:a5:d3:68:bf:ad:8d:90:7d:
9d:85:29:3d:57:74:ec:18:bd:5f:58:b5:68:27:d9:3d:4c:2b:
68:d9:3d:dd:53:67:10:f4:8c:5c:b3:b2:3b:43:44:e5:1e:4c:
c9:8d:a0:cf:57:b9:69:d6:10:1a:ab:af:70:14:77:69:32:1a:
29:52:58:8e:9d:a5:da:94:eb:7e:41:4a:d4:5a:3d:d1:97:97:
53:a8:02:7b:27:10:f0:98:d1:4c:1c:76:dc:c8:4b:6d:2d:c6:
6f:15:3e:60:83:86:59:f9:8b:0c:29:9f:d8:fd:d8:ae:72:8c:
c3:aa:76:55:3f:87:b1:98:49:2c:ed:a7:b9:61:e9:27:17:94:
85:68:e4:ba:96:f6:21:f9:77:e4:c8:57:93:d9:73:b7:93:e0:
99:53:a6:c6:bb:01:84:9a:a5:77:1f:34:17:7d:32:a6:32:4f:
2c:3e:ef:67:9e:04:46:35:3b:55:83:a9:c7:7f:79:6b:89:47:
4b:01:4c:09
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaHrkjnlmZ4CRzJMjnFTQvnNIGXswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDgwMDQwMDdaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmM2M0YjRmOTViNjIyYWExOGQ4Y2M5MDcyMTRmYTY3ZmNiMWM2ZjhiMDE0
YmNhYTU2MGE0MWE2OWVkZTZlNjMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiycsHUh8aV+mg29aO73DEugXzedm7ZmW4dPFy5LC4XTZycDJxzrjjTTBf+
ggyJUIdZYIqK40VMRIDnxnnvGDucf4i+CynrVxAOMtcqrg0MK6SWcui31Yf2slHb
6e6oUZSBMWMDs7LaSzDDSKSbiOiBXb2IQSLg+3ay/HcYU+6Gwx9fnKqdGWbHwFoT
/O18dMfxPwJBULfYS92p2ObqO48HGZEh8G12OR5joEiIgjUH25lwnHTd7X511Znx
8pNOKGHIQLym7Yx0Q52hBiERGZhFZcjYx51HCyuetzPWgZZE+ws7mOstcu476hif
G2IqVbsXo7hF24E8kOlfGnwz+0cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRuYbRY
Qc1V6BiDr0I+KiMWsFGMFTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDBkMzI2NzctMmRiZS00N2UzLWE0YjMtYmUxZTYwMTcyOWJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8WQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBZJmA+b2zEvuvAEjsQJgky+jfknKmfGO3n0GSQ
CCAz+xIx4ToDq73cl1d+icmAeOgZt3uWM0zDlXubBWfAYUvXpdNov62NkH2dhSk9
V3TsGL1fWLVoJ9k9TCto2T3dU2cQ9Ixcs7I7Q0TlHkzJjaDPV7lp1hAaq69wFHdp
MhopUliOnaXalOt+QUrUWj3Rl5dTqAJ7JxDwmNFMHHbcyEttLcZvFT5gg4ZZ+YsM
KZ/Y/diucozDqnZVP4exmEks7ae5YeknF5SFaOS6lvYh+XfkyFeT2XO3k+CZU6bG
uwGEmqV3HzQXfTKmMk8sPu9nngRGNTtVg6nHf3lriUdLAUwJ
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:44 2025 by rpki-client