Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
File: 07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa (raw, json)
Hash identifier: Cl9oc8DQRaDPi3p6bTnmsKE3jXekOgyQL/fh/mBEVbQ=
Subject key identifier: 7E:A5:68:60:71:E6:DF:AD:47:7C:9D:BC:4B:95:0B:9F:C1:5A:7C:9C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7E47EFB9F4D3F36F6C3FBF5F083405A3FC28A050
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
Signing time: Sat 09 Aug 2025 00:21:14 +0000
ROA not before: Sat 09 Aug 2025 00:21:14 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:47:ef:b9:f4:d3:f3:6f:6c:3f:bf:5f:08:34:05:a3:fc:28:a0:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:14 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=00355b7bf373aceab7866c3ed5a71dfb4698e56c840a014d3e927cff191c13f1, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:42:3c:bc:fc:b1:12:08:8e:de:d0:3e:e3:ca:
1e:b8:f6:74:48:e6:bc:bf:3a:68:c7:30:99:9b:7b:
d6:dc:e9:9c:52:ae:1d:71:d5:67:4b:da:41:e8:35:
24:58:42:c5:90:19:4e:6a:d5:47:a3:23:ae:4d:ea:
70:15:db:e7:0f:f1:40:43:0d:14:37:2d:d2:37:58:
0c:51:3e:b5:f8:e0:c4:3f:13:cf:3e:3c:a1:ff:ed:
fe:21:d6:5d:58:86:a6:13:22:65:66:df:ca:63:c2:
69:3a:81:68:be:fa:11:6e:20:2e:e9:1b:16:f1:e8:
27:b9:17:3f:38:ff:2d:e9:63:d1:c6:11:20:a5:d0:
c7:b5:37:12:5e:fa:a5:c9:b2:51:ee:14:c9:af:b1:
12:39:10:cf:28:f9:ae:d3:ac:73:e6:9b:3f:cf:36:
40:d1:0f:eb:b8:bb:82:16:d4:47:a7:23:42:b0:ac:
05:68:d9:fe:54:38:98:3e:10:56:3e:5f:97:bd:ee:
c6:17:e5:00:0c:9c:73:98:d3:0f:0a:71:50:98:c8:
63:30:fb:5d:2e:57:17:01:50:c0:38:df:78:c4:6d:
ce:40:fd:cf:04:d5:93:0f:68:3a:b6:18:ae:56:da:
79:97:4b:a0:0b:11:d6:ca:c0:b8:c4:2b:7c:35:9f:
2b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:A5:68:60:71:E6:DF:AD:47:7C:9D:BC:4B:95:0B:9F:C1:5A:7C:9C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/38
Signature Algorithm: sha256WithRSAEncryption
a0:dd:e8:25:95:17:81:f1:0c:ec:1a:86:cb:2b:1c:85:e8:f9:
50:1b:f0:b5:99:78:a0:c6:6b:f3:42:51:b1:3e:89:47:95:be:
2b:a0:14:23:8a:a4:db:74:cd:9d:04:06:6f:59:c7:5a:9a:5d:
70:e1:20:0e:85:08:34:90:1a:d2:c8:d1:18:81:e6:84:ea:2f:
d0:64:1e:cd:2d:90:49:86:f1:46:1a:ba:58:3d:43:d1:d7:7f:
a8:15:87:ad:58:c4:4c:ce:a9:71:db:0c:c1:a4:60:3a:6e:7b:
a0:ed:96:8f:8c:52:3b:c3:79:15:0c:fa:13:c7:68:28:a0:32:
ce:18:e3:a8:88:dd:f5:7e:9d:fe:b4:df:f2:a2:6c:19:03:6c:
55:f0:08:38:18:85:da:66:2b:fe:f4:ad:bd:7d:31:f8:41:ca:
c2:fa:f9:72:80:1f:21:63:c3:98:19:e4:5d:6f:c7:2a:d3:c0:
b8:6a:a7:76:92:69:1a:e1:1d:bd:23:c0:3d:3a:76:10:00:41:
fd:8e:63:06:27:db:25:22:30:60:70:a3:61:47:8e:ac:c7:38:
b0:01:0d:7e:1c:3e:6d:17:10:4f:75:63:36:7e:89:cb:8c:ea:
b2:80:9f:8c:03:f9:1c:27:58:8a:68:fb:0f:bc:34:07:22:c7:
1a:9b:23:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfkfvufTT829sP79fCDQFo/wooFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMTRaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwMzU1YjdiZjM3M2FjZWFiNzg2NmMzZWQ1YTcxZGZiNDY5OGU1NmM4NDBh
MDE0ZDNlOTI3Y2ZmMTkxYzEzZjExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9CPLz8sRIIjt7QPuPKHrj2dEjmvL86aMcwmZt71tzpnFKuHXHVZ0vaQeg1
JFhCxZAZTmrVR6Mjrk3qcBXb5w/xQEMNFDct0jdYDFE+tfjgxD8Tzz48of/t/iHW
XViGphMiZWbfymPCaTqBaL76EW4gLukbFvHoJ7kXPzj/Lelj0cYRIKXQx7U3El76
pcmyUe4Uya+xEjkQzyj5rtOsc+abP882QNEP67i7ghbUR6cjQrCsBWjZ/lQ4mD4Q
Vj5fl73uxhflAAycc5jTDwpxUJjIYzD7XS5XFwFQwDjfeMRtzkD9zwTVkw9oOrYY
rlbaeZdLoAsR1srAuMQrfDWfK10CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR+pWhg
cebfrUd8nbxLlQufwVp8nDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDdhYTI1NDktOWVlYS00MjhkLWEyM2QtYzBlNjZiNTljZGIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQCg3egllReB8QzsGobLKxyF6PlQG/C1mXigxmvz
QlGxPolHlb4roBQjiqTbdM2dBAZvWcdaml1w4SAOhQg0kBrSyNEYgeaE6i/QZB7N
LZBJhvFGGrpYPUPR13+oFYetWMRMzqlx2wzBpGA6bnug7ZaPjFI7w3kVDPoTx2go
oDLOGOOoiN31fp3+tN/yomwZA2xV8Ag4GIXaZiv+9K29fTH4QcrC+vlygB8hY8OY
GeRdb8cq08C4aqd2kmka4R29I8A9OnYQAEH9jmMGJ9slIjBgcKNhR46sxziwAQ1+
HD5tFxBPdWM2fonLjOqygJ+MA/kcJ1iKaPsPvDQHIscamyME
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:27 2025 by rpki-client