Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
File: 215a2c9b-4dc1-48db-846e-de75149ba3ec.roa (raw, json)
Hash identifier: pLkUySrRsmVDeiZRMBDct2PXXdchIaiMA9D6J9KR1UQ=
Subject key identifier: D9:28:CD:58:1D:0A:A5:B9:BC:49:5D:4F:BB:50:28:0C:DF:81:24:D8
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 10C92D9FA3D6D81FE8B72C93D1A8BD9E9994BB40
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
Signing time: Sat 09 Aug 2025 00:21:22 +0000
ROA not before: Sat 09 Aug 2025 00:21:22 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:c9:2d:9f:a3:d6:d8:1f:e8:b7:2c:93:d1:a8:bd:9e:99:94:bb:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:22 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=c0f774c13b72b35771d032b1d39213a50ac7a0126ce5742afd60e8dd3bf05e1e, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:da:92:3b:ff:76:c3:f6:c7:85:db:ad:5f:d7:
b0:25:a0:a6:58:3a:4d:db:18:a9:12:34:a2:d5:99:
ce:a4:35:8e:92:98:41:bf:09:f1:2d:75:15:d9:f2:
82:8e:68:ee:78:6c:d9:a3:24:a7:b2:53:dc:d8:56:
31:73:db:04:0b:f8:53:39:63:41:8c:b2:12:15:ff:
00:86:01:83:94:e4:f9:a9:76:1c:19:24:64:ac:62:
d3:b3:01:23:00:c3:ab:7d:ad:a1:b1:b1:49:56:55:
0d:ef:95:c0:e9:1d:8d:a8:fb:3a:7b:c5:3c:02:c3:
72:95:40:83:97:e1:76:34:21:bc:0a:96:18:f3:22:
95:9e:5f:93:96:46:53:0b:5d:16:2e:d7:8c:9c:32:
96:e1:e1:fe:7e:ca:68:ee:4d:26:46:38:a1:31:d1:
83:32:54:75:ab:ed:be:36:9c:54:40:4a:e9:87:5f:
ed:96:c0:4b:86:02:7d:14:aa:7d:2d:64:d1:e0:de:
15:38:4d:8c:a2:05:fd:d8:70:0a:a8:70:4b:f1:d1:
6e:c0:cb:b6:62:2e:d9:c3:a6:3d:04:83:6a:93:85:
be:72:46:33:21:c5:0c:ae:ad:4e:b9:bf:9e:13:56:
c5:1c:bc:1c:62:43:53:80:82:5b:1c:1a:05:f0:b5:
e5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:28:CD:58:1D:0A:A5:B9:BC:49:5D:4F:BB:50:28:0C:DF:81:24:D8
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc2::/32
Signature Algorithm: sha256WithRSAEncryption
26:2d:8f:bc:bd:a9:77:b0:5b:10:9e:c2:52:fd:a4:d4:47:f4:
a9:bb:19:71:6d:dc:91:d5:31:e0:15:ab:4f:46:00:ef:38:9a:
4b:33:6c:8d:d8:5b:6f:05:70:f9:58:fa:25:95:5b:bf:09:f2:
91:4b:60:17:dc:ef:b5:f5:5c:d1:39:34:88:c5:86:44:18:f6:
f1:2b:93:e8:0a:66:d5:bc:d3:fb:7b:53:46:60:28:1c:74:a1:
75:d1:32:07:34:05:e5:56:6d:8a:6f:da:24:94:61:e7:d4:d8:
8c:45:06:f8:4b:95:bf:98:e3:8a:a1:49:2b:aa:c6:79:72:c5:
74:3c:cc:88:e0:d6:2f:7e:32:f9:ae:be:ee:71:b8:9f:59:71:
e0:4b:3f:a4:51:9e:c0:06:3f:c0:65:14:69:0a:f7:4b:dd:b5:
77:44:1f:74:24:52:ca:9e:dd:df:c4:81:04:1b:db:ae:ba:39:
1a:04:54:e8:1f:d2:ca:7b:f5:04:65:9b:ff:dc:3e:79:58:28:
7f:a2:8a:36:3d:11:5b:e6:9a:2d:1e:1c:57:1e:ad:e4:c5:34:
e8:b6:1d:c4:57:91:1f:cb:3b:e2:ed:d1:f3:2d:34:f5:0f:5a:
8d:b8:1c:51:90:4e:e3:62:39:0a:34:fd:5e:d6:db:fc:9b:da:
9a:01:77:67
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUEMktn6PW2B/otyyT0ai9npmUu0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMjJaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwZjc3NGMxM2I3MmIzNTc3MWQwMzJiMWQzOTIxM2E1MGFjN2EwMTI2Y2U1
NzQyYWZkNjBlOGRkM2JmMDVlMWUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPakjv/dsP2x4XbrV/XsCWgplg6TdsYqRI0otWZzqQ1jpKYQb8J8S11Fdny
go5o7nhs2aMkp7JT3NhWMXPbBAv4UzljQYyyEhX/AIYBg5Tk+al2HBkkZKxi07MB
IwDDq32tobGxSVZVDe+VwOkdjaj7OnvFPALDcpVAg5fhdjQhvAqWGPMilZ5fk5ZG
UwtdFi7XjJwyluHh/n7KaO5NJkY4oTHRgzJUdavtvjacVEBK6Ydf7ZbAS4YCfRSq
fS1k0eDeFThNjKIF/dhwCqhwS/HRbsDLtmIu2cOmPQSDapOFvnJGMyHFDK6tTrm/
nhNWxRy8HGJDU4CCWxwaBfC15dMCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTZKM1Y
HQqlubxJXU+7UCgM34Ek2DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MjE1YTJjOWItNGRjMS00OGRiLTg0NmUtZGU3NTE0OWJhM2VjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Iw
DQYJKoZIhvcNAQELBQADggEBACYtj7y9qXewWxCewlL9pNRH9Km7GXFt3JHVMeAV
q09GAO84mkszbI3YW28FcPlY+iWVW78J8pFLYBfc77X1XNE5NIjFhkQY9vErk+gK
ZtW80/t7U0ZgKBx0oXXRMgc0BeVWbYpv2iSUYefU2IxFBvhLlb+Y44qhSSuqxnly
xXQ8zIjg1i9+Mvmuvu5xuJ9ZceBLP6RRnsAGP8BlFGkK90vdtXdEH3QkUsqe3d/E
gQQb2666ORoEVOgf0sp79QRlm//cPnlYKH+iijY9EVvmmi0eHFcereTFNOi2HcRX
kR/LO+Lt0fMtNPUPWo24HFGQTuNiOQo0/V7W2/yb2poBd2c=
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:17 2025 by rpki-client