Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa
File: 2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa (raw, json)
Hash identifier: 2+9UUk++buteCNFpYO7NM+CblCbELO4tH4cGQdr4InY=
Subject key identifier: 8C:17:F0:CB:6A:ED:85:C1:1D:EF:FB:CC:3A:6D:F3:97:ED:8E:E4:11
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4C6E3B12405D30F4D65B413966042A7D15BD24AB
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa
Signing time: Sat 09 Aug 2025 00:21:17 +0000
ROA not before: Sat 09 Aug 2025 00:21:17 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:6e:3b:12:40:5d:30:f4:d6:5b:41:39:66:04:2a:7d:15:bd:24:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:17 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=c38a78137f8a81041498d5e7b52859bed2253065c2f9603b600a057eb433f45d, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3b:a0:6a:c1:c7:74:11:7a:ce:4b:14:38:ec:
08:ec:fb:54:ff:90:da:37:93:39:52:03:48:ae:9c:
b2:ae:bf:81:41:6f:82:e3:75:bb:d6:7f:50:c1:7a:
05:77:b9:a0:4a:8e:f6:9a:00:db:50:ff:96:8f:03:
dd:b5:32:0b:50:a9:10:08:51:01:da:9c:63:41:2d:
17:ba:a3:73:38:a7:3d:c7:70:35:5d:d2:35:f2:af:
90:1c:a7:05:7b:4f:76:3d:c0:98:6d:d1:8b:c8:09:
d6:da:b3:39:2d:8f:a8:7a:27:07:0b:04:33:8c:a8:
6b:13:a0:86:2b:82:a1:46:f9:aa:dd:7e:97:5b:d9:
9d:21:32:d5:f4:86:c8:ac:db:a7:7c:b5:cc:06:e4:
9a:df:d9:34:57:ba:66:61:e6:80:e0:d1:46:f0:03:
73:8a:e4:c3:39:b6:48:e3:48:12:4b:58:28:ad:cc:
66:51:1f:f6:e3:88:9b:34:4a:ad:90:ea:dc:4e:c2:
15:81:5c:07:ec:c3:9b:44:13:86:85:5f:d6:ec:f4:
45:2b:94:39:63:28:34:bb:24:89:fe:f6:e3:c9:21:
cd:b7:e9:6f:12:f9:7f:75:96:fc:5f:4b:d2:15:74:
bc:2c:fb:f8:7f:fc:0d:9c:93:ba:c7:83:0e:a1:0e:
52:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:17:F0:CB:6A:ED:85:C1:1D:EF:FB:CC:3A:6D:F3:97:ED:8E:E4:11
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
aa:74:15:35:87:be:52:de:dd:28:e4:87:83:2b:e5:cc:95:2d:
c0:56:fe:9c:e8:35:04:41:be:de:80:f1:60:57:c3:95:6e:94:
fc:f0:36:dc:8a:e2:68:80:10:34:35:6f:6e:38:b3:4b:bf:d3:
fb:55:23:d4:b1:3e:e6:8b:cd:a1:c3:04:25:99:3f:92:e9:e4:
0d:7d:e3:fc:f5:2c:d1:19:5c:c9:a7:99:24:4b:00:42:e0:48:
7b:b0:ab:1f:bc:b5:9b:47:a4:ed:aa:1b:f7:02:df:88:c6:65:
10:e1:f7:c1:2a:33:8a:29:6b:f8:47:23:24:8c:b7:a9:69:91:
81:e3:3a:95:fa:63:ed:52:5d:8a:cf:cb:ef:f8:a0:6e:5f:e0:
ff:fd:2a:0e:9b:f6:64:a0:55:ea:b9:bb:23:15:45:dc:90:51:
d7:d8:58:39:58:9d:66:10:9a:73:9f:64:58:b1:8d:54:a6:c9:
7d:af:0b:6d:33:5d:80:45:44:a6:1d:2b:ba:bd:b4:f1:18:3a:
04:cd:82:18:17:45:7c:5a:ae:89:87:5a:e1:29:7a:e5:3e:da:
aa:a8:a7:1c:e9:44:7e:d4:13:f4:d3:09:26:02:fe:b3:8c:bb:
79:d0:25:65:84:89:c0:db:04:41:24:f0:2e:2a:e2:63:e6:c2:
e5:48:20:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTG47EkBdMPTWW0E5ZgQqfRW9JKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMTdaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzOGE3ODEzN2Y4YTgxMDQxNDk4ZDVlN2I1Mjg1OWJlZDIyNTMwNjVjMmY5
NjAzYjYwMGEwNTdlYjQzM2Y0NWQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL87oGrBx3QRes5LFDjsCOz7VP+Q2jeTOVIDSK6csq6/gUFvguN1u9Z/UMF6
BXe5oEqO9poA21D/lo8D3bUyC1CpEAhRAdqcY0EtF7qjczinPcdwNV3SNfKvkByn
BXtPdj3AmG3Ri8gJ1tqzOS2PqHonBwsEM4yoaxOghiuCoUb5qt1+l1vZnSEy1fSG
yKzbp3y1zAbkmt/ZNFe6ZmHmgODRRvADc4rkwzm2SONIEktYKK3MZlEf9uOImzRK
rZDq3E7CFYFcB+zDm0QThoVf1uz0RSuUOWMoNLskif7248khzbfpbxL5f3WW/F9L
0hV0vCz7+H/8DZyTuseDDqEOUpkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSMF/DL
au2FwR3v+8w6bfOX7Y7kETAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MmIzZmFmMjgtZThiNy00ZTM5LTk5ZTQtZTNjYjY1NzdkYWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQCqdBU1h75S3t0o5IeDK+XMlS3AVv6c6DUEQb7e
gPFgV8OVbpT88DbciuJogBA0NW9uOLNLv9P7VSPUsT7mi82hwwQlmT+S6eQNfeP8
9SzRGVzJp5kkSwBC4Eh7sKsfvLWbR6Ttqhv3At+IxmUQ4ffBKjOKKWv4RyMkjLep
aZGB4zqV+mPtUl2Kz8vv+KBuX+D//SoOm/ZkoFXqubsjFUXckFHX2Fg5WJ1mEJpz
n2RYsY1Upsl9rwttM12ARUSmHSu6vbTxGDoEzYIYF0V8Wq6Jh1rhKXrlPtqqqKcc
6UR+1BP00wkmAv6zjLt50CVlhInA2wRBJPAuKuJj5sLlSCAC
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:03:51 2025 by rpki-client