Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
File: 1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa (raw, json)
Hash identifier: TsA7Y7A1y8bjAhKQRu/gsYnUQYGKsFJ2eBuetfqG4Ao=
Subject key identifier: AB:DC:3A:4D:1A:68:1B:F9:EF:C6:6E:F8:89:EE:A4:5D:9C:C2:9E:10
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4A3F862439A86BE84FF9A474572B959E6824D751
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
Signing time: Sat 09 Aug 2025 00:21:13 +0000
ROA not before: Sat 09 Aug 2025 00:21:13 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:3f:86:24:39:a8:6b:e8:4f:f9:a4:74:57:2b:95:9e:68:24:d7:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:13 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=898124b7432658f9a86eda0c49bfc95e24b2f696cc23699da35ffa3bb61d8b87, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:34:c4:4c:be:1b:53:51:2d:0b:4d:8c:4e:45:
05:36:16:33:fb:40:0f:39:e5:d2:2c:a1:5d:a5:36:
fc:a8:62:5d:87:80:70:31:75:f9:7f:a6:30:23:4c:
51:e2:eb:cc:c4:ad:11:df:bc:25:02:79:7f:b7:d1:
62:46:04:b9:f3:9c:d1:cc:9c:9b:c8:2b:72:d0:74:
7d:f0:3e:a8:30:7b:01:b8:5c:b9:b8:88:4e:a8:1d:
e7:88:a2:57:c3:70:6c:fe:94:69:c0:c1:e9:f2:da:
26:ed:a2:ac:34:10:2a:a9:fe:ac:8d:85:fb:04:5e:
a6:e6:97:38:d8:40:0c:56:3e:99:7e:0e:34:61:2b:
85:2e:5b:06:a1:62:52:44:49:73:35:99:fd:c7:cc:
5a:c8:7d:d6:97:09:38:3b:c7:28:f7:d4:64:87:3f:
44:b5:bb:21:cd:1b:47:11:3e:db:56:56:51:e4:cc:
f5:4a:a5:c8:ab:93:e1:54:c2:15:93:e1:a7:6e:81:
91:42:9f:e1:f0:e5:bc:eb:76:30:70:94:a5:db:96:
fc:bf:54:7f:94:1c:3e:3f:ce:2d:f6:f9:b4:84:44:
15:3e:e1:e8:6e:cc:78:90:81:a9:34:7c:04:33:b3:
64:39:76:02:ae:9a:35:81:d7:b1:22:a1:f6:16:92:
f4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:DC:3A:4D:1A:68:1B:F9:EF:C6:6E:F8:89:EE:A4:5D:9C:C2:9E:10
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8c00::/38
Signature Algorithm: sha256WithRSAEncryption
5f:5a:e3:70:17:70:ee:cf:e6:fa:25:80:71:78:a9:d2:dd:ce:
ed:68:dd:22:fc:b8:6d:00:b2:aa:1d:0f:b7:c3:a3:91:0c:af:
32:9f:97:8b:fe:77:4b:33:4e:d4:21:ea:40:21:31:e7:93:f9:
ef:b1:3a:42:40:05:fa:b2:10:7e:e5:53:9e:34:77:84:df:21:
1f:9d:3d:4e:24:a7:d9:a1:ee:c9:d9:25:33:d4:8d:50:1a:ef:
36:86:06:89:d1:fa:33:26:6d:a7:10:13:1d:1e:22:f3:27:b6:
2a:b3:fc:7c:14:5d:67:8a:b0:4c:d9:a9:ae:8f:87:85:82:fd:
b1:0c:fb:ec:61:7e:85:c8:2b:86:e2:f3:82:87:a3:57:b2:66:
e1:29:4f:89:8b:45:ab:3e:07:35:d9:68:e6:b6:c9:3e:13:77:
42:e4:ce:96:93:a2:18:00:99:b9:17:2c:b5:be:0d:e2:20:c4:
36:b4:65:bc:bf:db:10:4f:ea:5e:4e:87:98:80:0a:51:99:57:
02:47:a3:9d:f3:15:29:ac:29:d0:b5:78:fe:30:38:d5:ab:fc:
f6:36:7c:cd:16:b8:6b:7a:c0:11:05:29:c6:48:a3:e6:32:b0:
5a:68:90:80:0b:f9:cb:25:71:4f:ea:38:51:cf:dd:64:7d:f2:
55:dd:24:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSj+GJDmoa+hP+aR0VyuVnmgk11EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMTNaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5ODEyNGI3NDMyNjU4ZjlhODZlZGEwYzQ5YmZjOTVlMjRiMmY2OTZjYzIz
Njk5ZGEzNWZmYTNiYjYxZDhiODcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALg0xEy+G1NRLQtNjE5FBTYWM/tADznl0iyhXaU2/KhiXYeAcDF1+X+mMCNM
UeLrzMStEd+8JQJ5f7fRYkYEufOc0cycm8grctB0ffA+qDB7AbhcubiITqgd54ii
V8NwbP6UacDB6fLaJu2irDQQKqn+rI2F+wRepuaXONhADFY+mX4ONGErhS5bBqFi
UkRJczWZ/cfMWsh91pcJODvHKPfUZIc/RLW7Ic0bRxE+21ZWUeTM9UqlyKuT4VTC
FZPhp26BkUKf4fDlvOt2MHCUpduW/L9Uf5QcPj/OLfb5tIREFT7h6G7MeJCBqTR8
BDOzZDl2Aq6aNYHXsSKh9haS9D8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSr3DpN
Gmgb+e/GbviJ7qRdnMKeEDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWY3YjJlMzQtYTA0MS00YjEyLWE1YjAtNWFmMGQ2ZjQzYjlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GM
MA0GCSqGSIb3DQEBCwUAA4IBAQBfWuNwF3Duz+b6JYBxeKnS3c7taN0i/LhtALKq
HQ+3w6ORDK8yn5eL/ndLM07UIepAITHnk/nvsTpCQAX6shB+5VOeNHeE3yEfnT1O
JKfZoe7J2SUz1I1QGu82hgaJ0fozJm2nEBMdHiLzJ7Yqs/x8FF1nirBM2amuj4eF
gv2xDPvsYX6FyCuG4vOCh6NXsmbhKU+Ji0WrPgc12Wjmtsk+E3dC5M6Wk6IYAJm5
Fyy1vg3iIMQ2tGW8v9sQT+peToeYgApRmVcCR6Od8xUprCnQtXj+MDjVq/z2NnzN
FrhresARBSnGSKPmMrBaaJCAC/nLJXFP6jhRz91kffJV3SQD
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:03:57 2025 by rpki-client