Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
File: 1d757286-8eda-42c2-aecf-19a8c013dc64.roa (raw, json)
Hash identifier: nrCUp4f9vGWDLJ7VZT2pJidsaEDn7DUluG/SYFY734E=
Subject key identifier: F5:A3:4E:35:25:6A:E9:66:85:4E:5F:B5:BC:3B:F7:9E:B4:37:FE:2A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 05F10F1C921E28A5A2DA3F8DD56335A5AC55631E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
Signing time: Sat 09 Aug 2025 00:21:10 +0000
ROA not before: Sat 09 Aug 2025 00:21:10 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:f1:0f:1c:92:1e:28:a5:a2:da:3f:8d:d5:63:35:a5:ac:55:63:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:10 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=be25afdae02840d0e0ae64f7b6cb5a175fc0603c903ad0f997d24e248d4d93c7, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7f:7b:35:4d:f0:47:a2:74:7d:a0:0c:2f:ec:
62:06:5d:bb:be:91:1e:9f:9e:40:12:e0:b5:77:d2:
10:c5:07:3a:2e:02:c7:cc:21:13:8b:d1:44:8f:b1:
c5:2d:4a:16:12:b4:86:d9:b8:4e:07:7f:a7:6a:f9:
03:f5:33:79:2f:78:fd:2f:c9:28:12:8d:e2:71:01:
31:b5:05:bb:dd:31:96:e3:bb:08:19:8b:c6:0c:b0:
3b:37:01:1b:e0:9f:69:93:6f:c9:be:ec:32:c8:7e:
2f:22:95:03:2b:15:59:5c:2c:ee:e3:6b:23:1d:57:
0b:b1:aa:39:9e:9f:32:dc:47:6d:c6:92:0a:ee:61:
f4:ba:2d:3f:29:2a:65:fb:90:24:eb:a1:9d:8e:25:
6d:e2:05:8d:f5:92:f6:b9:e7:ed:3c:5e:be:0a:88:
bb:dd:d2:41:1c:d7:5d:02:86:c2:68:26:c7:fa:78:
fa:c2:58:9b:20:78:eb:7b:a1:77:f8:cc:e7:98:4f:
c5:6e:4d:99:f7:1b:8c:6a:0a:0b:9c:f9:25:ba:ae:
9a:dc:f8:2f:d0:39:48:ed:2f:96:87:60:5e:c7:8e:
c2:88:05:56:a3:a3:a9:96:db:1c:1c:72:d3:fd:66:
df:54:25:f1:70:f4:d2:df:6f:f5:23:f3:91:de:e7:
eb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A3:4E:35:25:6A:E9:66:85:4E:5F:B5:BC:3B:F7:9E:B4:37:FE:2A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8400::/38
Signature Algorithm: sha256WithRSAEncryption
27:2f:69:f5:52:6e:db:3b:8a:3d:d3:5b:a8:5c:e7:f7:31:b3:
77:e5:94:63:54:0e:0f:72:47:1f:c4:ff:4b:30:e0:50:d8:da:
6e:22:10:dc:95:a7:47:0b:b1:88:7b:da:d7:91:38:b0:97:5f:
a3:fb:c6:e2:5c:f7:8b:a5:bc:cb:fd:d9:f6:1d:6b:d5:a3:69:
23:06:f2:a9:ba:a5:19:cc:c1:71:82:f9:56:b8:b5:72:38:9f:
6d:0f:9a:93:c3:8b:02:04:8f:8e:7b:03:37:a6:f1:be:b9:6c:
11:6e:23:a2:4e:61:11:27:5b:22:f3:8b:61:a1:f3:3f:04:45:
47:f9:64:d6:0c:03:1f:80:2d:5e:c7:b4:c4:e6:eb:a7:72:69:
83:46:cc:66:40:cc:1e:7a:f4:e8:17:27:90:8a:ed:63:c2:15:
d5:35:18:17:2a:83:24:10:63:d8:a6:2e:13:c5:e1:be:6f:50:
c4:d6:e2:8d:bd:85:a8:6f:be:eb:7d:d4:84:2a:39:8b:70:da:
54:b5:84:24:06:41:83:0e:45:4a:9f:d9:87:36:0a:de:a0:bc:
2b:1e:d0:d4:a6:ec:03:a4:3b:19:11:03:6b:52:be:45:25:7b:
d2:b6:b3:91:7e:f8:04:e6:bb:61:52:c0:f8:01:d4:01:33:fa:
9b:6c:8a:8f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBfEPHJIeKKWi2j+N1WM1paxVYx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMTBaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlMjVhZmRhZTAyODQwZDBlMGFlNjRmN2I2Y2I1YTE3NWZjMDYwM2M5MDNh
ZDBmOTk3ZDI0ZTI0OGQ0ZDkzYzcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1/ezVN8EeidH2gDC/sYgZdu76RHp+eQBLgtXfSEMUHOi4Cx8whE4vRRI+x
xS1KFhK0htm4Tgd/p2r5A/UzeS94/S/JKBKN4nEBMbUFu90xluO7CBmLxgywOzcB
G+CfaZNvyb7sMsh+LyKVAysVWVws7uNrIx1XC7GqOZ6fMtxHbcaSCu5h9LotPykq
ZfuQJOuhnY4lbeIFjfWS9rnn7TxevgqIu93SQRzXXQKGwmgmx/p4+sJYmyB463uh
d/jM55hPxW5NmfcbjGoKC5z5Jbqumtz4L9A5SO0vlodgXseOwogFVqOjqZbbHBxy
0/1m31Ql8XD00t9v9SPzkd7n66cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT1o041
JWrpZoVOX7W8O/eetDf+KjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWQ3NTcyODYtOGVkYS00MmMyLWFlY2YtMTlhOGMwMTNkYzY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GE
MA0GCSqGSIb3DQEBCwUAA4IBAQAnL2n1Um7bO4o901uoXOf3MbN35ZRjVA4Pckcf
xP9LMOBQ2NpuIhDcladHC7GIe9rXkTiwl1+j+8biXPeLpbzL/dn2HWvVo2kjBvKp
uqUZzMFxgvlWuLVyOJ9tD5qTw4sCBI+OewM3pvG+uWwRbiOiTmERJ1si84thofM/
BEVH+WTWDAMfgC1ex7TE5uuncmmDRsxmQMweevToFyeQiu1jwhXVNRgXKoMkEGPY
pi4TxeG+b1DE1uKNvYWob77rfdSEKjmLcNpUtYQkBkGDDkVKn9mHNgreoLwrHtDU
puwDpDsZEQNrUr5FJXvStrORfvgE5rthUsD4AdQBM/qbbIqP
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:06:23 2025 by rpki-client