Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
File: 13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa (raw, json)
Hash identifier: kNFQRFf+lTo93h5vIJFAdXwdNNahi6akCWJddP2v7QI=
Subject key identifier: 09:60:C9:6A:08:08:43:77:37:B3:D8:28:3F:E3:87:6D:7C:1A:DA:DF
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 05287F753F482F7B046AF90F3CC88D407415EE53
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
Signing time: Sat 09 Aug 2025 00:20:44 +0000
ROA not before: Sat 09 Aug 2025 00:20:44 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:28c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:28:7f:75:3f:48:2f:7b:04:6a:f9:0f:3c:c8:8d:40:74:15:ee:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:44 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=f1780d78c95f1a2f375e98b8cf032a563adc144b7133bd9354241be465379faa, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:80:92:da:d6:3a:73:39:d8:9f:d3:d6:b5:4d:
04:ed:7f:9d:f5:97:fd:2a:68:4f:d5:db:af:39:c4:
03:de:df:1b:18:01:b6:23:66:66:34:6f:03:b7:26:
89:58:bf:eb:db:75:8d:bb:ba:f2:16:92:97:77:ec:
f9:d5:7f:7e:e0:89:8e:66:c5:b5:18:a2:ff:02:19:
55:f5:bb:d5:d9:e1:e4:9c:76:a3:9a:83:bc:06:71:
ae:2e:8a:12:c9:b5:d5:73:b9:f3:70:7f:b3:24:72:
93:23:69:09:79:e0:0d:ad:b3:f0:81:6b:61:03:ff:
8f:2f:a3:01:fd:3e:e0:23:75:fb:53:aa:94:ec:2b:
19:ec:f5:19:da:4d:00:43:ba:1b:7e:70:db:f2:23:
68:37:38:c7:e6:ce:22:1e:ac:57:ba:fc:31:f2:22:
cc:0c:49:70:8f:76:da:cc:7c:6d:11:d2:2a:f0:ab:
b5:f6:18:62:37:77:aa:d5:2a:42:81:09:2c:e2:64:
0f:0a:9c:e1:df:83:04:14:4a:6e:e0:58:85:d6:c9:
de:58:93:26:08:a2:cd:84:d2:d5:d3:52:9e:04:af:
11:05:8f:e1:67:07:d7:43:f2:9d:7e:67:65:88:5e:
d4:fd:5a:2b:9a:3d:79:a6:c7:39:f5:9f:f8:b5:28:
ab:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:60:C9:6A:08:08:43:77:37:B3:D8:28:3F:E3:87:6D:7C:1A:DA:DF
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
aa:85:e0:1f:da:f7:a4:38:ab:7b:03:f4:b3:65:39:dc:b4:cf:
68:1f:15:1b:92:43:6e:d7:e5:3c:a3:83:7b:91:b2:70:db:82:
76:99:c7:fc:21:c3:37:1d:a2:b2:49:33:ef:1a:14:d2:5f:53:
5f:70:22:66:48:34:1d:14:7b:ca:ee:25:5e:71:85:61:29:a9:
d5:b7:44:4d:8b:5c:0e:d9:af:e1:de:88:ab:2e:c1:d9:1c:c0:
e9:5f:20:a3:5c:43:94:5d:2f:54:f2:52:bd:d7:52:8f:f4:27:
4b:b2:66:db:72:b4:16:a1:36:05:4b:cb:68:a0:14:7e:aa:5d:
51:05:bf:2c:cb:57:54:d8:8b:64:88:77:b1:a8:8c:46:91:0c:
f8:88:34:f1:22:c5:55:54:5f:fd:43:37:78:68:6e:a7:9b:f1:
28:d8:1f:51:70:0f:31:02:34:e8:81:bf:a3:9f:77:9d:ce:b6:
56:33:3a:15:24:42:2f:f9:18:ed:19:ca:fe:21:14:d7:7b:eb:
9c:41:58:75:01:ab:8b:ca:49:27:01:f1:1d:7c:30:8a:10:3f:
3b:d4:49:20:c1:80:0b:0a:94:4f:6d:2f:dd:12:dd:1b:55:8f:
64:14:ab:92:04:92:4a:c7:af:b7:7d:6c:97:09:d5:0a:91:15:
33:27:7a:08
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBSh/dT9IL3sEavkPPMiNQHQV7lMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwNDRaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxNzgwZDc4Yzk1ZjFhMmYzNzVlOThiOGNmMDMyYTU2M2FkYzE0NGI3MTMz
YmQ5MzU0MjQxYmU0NjUzNzlmYWExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGAktrWOnM52J/T1rVNBO1/nfWX/SpoT9XbrznEA97fGxgBtiNmZjRvA7cm
iVi/69t1jbu68haSl3fs+dV/fuCJjmbFtRii/wIZVfW71dnh5Jx2o5qDvAZxri6K
Esm11XO583B/syRykyNpCXngDa2z8IFrYQP/jy+jAf0+4CN1+1OqlOwrGez1GdpN
AEO6G35w2/IjaDc4x+bOIh6sV7r8MfIizAxJcI922sx8bRHSKvCrtfYYYjd3qtUq
QoEJLOJkDwqc4d+DBBRKbuBYhdbJ3liTJgiizYTS1dNSngSvEQWP4WcH10PynX5n
ZYhe1P1aK5o9eabHOfWf+LUoq50CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQJYMlq
CAhDdzez2Cg/44dtfBra3zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MTNlMGIwYTMtNDliNC00OTkwLWExMDgtMWJlZGRiM2ExOGJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
wDANBgkqhkiG9w0BAQsFAAOCAQEAqoXgH9r3pDirewP0s2U53LTPaB8VG5JDbtfl
PKODe5GycNuCdpnH/CHDNx2iskkz7xoU0l9TX3AiZkg0HRR7yu4lXnGFYSmp1bdE
TYtcDtmv4d6Iqy7B2RzA6V8go1xDlF0vVPJSvddSj/QnS7Jm23K0FqE2BUvLaKAU
fqpdUQW/LMtXVNiLZIh3saiMRpEM+Ig08SLFVVRf/UM3eGhup5vxKNgfUXAPMQI0
6IG/o593nc62VjM6FSRCL/kY7RnK/iEU13vrnEFYdQGri8pJJwHxHXwwihA/O9RJ
IMGACwqUT20v3RLdG1WPZBSrkgSSSsevt31slwnVCpEVMyd6CA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:07:16 2025 by rpki-client