Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
File: 3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa (raw, json)
Hash identifier: QPW7giOSjCQ6a0ChEp0Vg984hKK15ogq2KAIprIWNT4=
Subject key identifier: A3:82:D9:37:CE:63:1E:49:61:65:F1:13:D2:DA:A2:2F:CB:15:B0:07
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6C5DAFEDE76620EDB1C44C6495385A124C8C08B5
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
Signing time: Sat 09 Aug 2025 00:20:46 +0000
ROA not before: Sat 09 Aug 2025 00:20:46 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:5d:af:ed:e7:66:20:ed:b1:c4:4c:64:95:38:5a:12:4c:8c:08:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:46 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=636db34157efdc23cceb0a77cd593c12276f6f00b2a183eeb8f88e4fe4359846, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:34:1c:54:f7:6b:20:77:9d:cb:77:c6:ad:15:
b9:8d:48:01:e4:85:9a:81:75:04:e7:ff:37:81:95:
6b:3c:0c:54:e0:85:cd:51:9a:5e:eb:9a:37:ea:35:
0d:e3:84:0f:eb:68:83:7b:55:3a:14:50:53:f6:7f:
21:20:a8:2a:7a:25:8c:5b:32:17:2e:68:64:aa:44:
6d:8a:05:cf:1e:1a:f4:47:e9:45:e7:3a:95:16:ff:
62:11:15:5c:f7:c1:26:dd:6d:1a:c9:c6:71:c7:02:
7b:7e:01:6e:6f:97:df:42:3e:15:e6:3f:92:eb:f3:
9d:4f:1c:f6:93:21:57:7f:a4:1d:6f:cb:a0:52:20:
c8:c4:a1:eb:56:02:eb:01:24:23:0a:a4:5a:1e:62:
e6:64:4b:26:6f:18:ea:76:88:59:9a:11:2a:e2:df:
64:c4:ee:fc:47:9e:a1:42:5f:4b:ec:0c:b8:8a:7a:
ca:7e:fc:17:73:de:3c:8b:79:6b:09:c3:d4:2a:55:
c3:44:4c:d3:c5:b7:3f:1a:b8:81:ae:77:5d:49:09:
91:3d:17:dd:bb:8a:3a:0c:6b:22:88:96:71:05:97:
1d:ef:9b:28:d0:31:83:f2:59:1f:ed:84:02:0b:94:
5e:78:9b:30:7c:e6:ab:62:23:fd:1d:f6:a9:a4:4f:
e1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:82:D9:37:CE:63:1E:49:61:65:F1:13:D2:DA:A2:2F:CB:15:B0:07
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2800::/40
Signature Algorithm: sha256WithRSAEncryption
82:99:45:08:d4:af:c8:94:1e:4a:06:eb:1f:71:2b:72:4c:e3:
4e:94:22:c0:d0:e8:63:4e:1c:59:bb:2e:d6:a6:eb:a2:5b:e6:
13:de:bc:95:ba:99:3d:e5:6c:83:fc:fc:1d:27:37:05:08:ef:
d1:94:37:24:5d:c5:2c:43:3c:f0:a4:bd:d5:e2:3e:02:fe:8b:
af:30:01:01:9d:00:28:36:fb:fb:fa:4e:64:5f:14:1f:13:d0:
49:68:3f:a6:51:f5:cb:52:e7:5d:32:63:2c:26:d6:dc:20:5c:
42:33:59:cd:ee:7c:5f:75:07:8a:25:e4:28:b4:9e:06:ca:62:
61:7d:a9:13:1f:21:de:ed:a4:12:cc:1a:23:bf:b1:ec:cb:2d:
09:bf:b4:7f:5e:ae:29:5f:dc:b9:54:d5:f1:58:63:71:fb:b6:
d1:94:c9:ba:ec:de:6c:74:43:48:97:28:c1:b5:26:3f:98:17:
e7:71:bf:c7:17:6d:ad:6a:91:71:5e:fb:bb:35:4b:1b:75:7d:
16:6d:73:86:70:e5:c8:51:37:d5:de:ed:af:19:b3:d9:6e:c8:
40:c2:7a:2a:ff:dc:d7:f1:8f:be:98:00:42:3b:27:47:c9:44:
4a:c1:39:47:b6:b0:a2:b9:15:3d:48:85:ee:df:52:6f:a6:24:
f0:d1:b0:bd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbF2v7edmIO2xxExklThaEkyMCLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwNDZaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzNmRiMzQxNTdlZmRjMjNjY2ViMGE3N2NkNTkzYzEyMjc2ZjZmMDBiMmEx
ODNlZWI4Zjg4ZTRmZTQzNTk4NDYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKM0HFT3ayB3nct3xq0VuY1IAeSFmoF1BOf/N4GVazwMVOCFzVGaXuuaN+o1
DeOED+tog3tVOhRQU/Z/ISCoKnoljFsyFy5oZKpEbYoFzx4a9EfpRec6lRb/YhEV
XPfBJt1tGsnGcccCe34Bbm+X30I+FeY/kuvznU8c9pMhV3+kHW/LoFIgyMSh61YC
6wEkIwqkWh5i5mRLJm8Y6naIWZoRKuLfZMTu/EeeoUJfS+wMuIp6yn78F3PePIt5
awnD1CpVw0RM08W3Pxq4ga53XUkJkT0X3buKOgxrIoiWcQWXHe+bKNAxg/JZH+2E
AguUXnibMHzmq2Ij/R32qaRP4a0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSjgtk3
zmMeSWFl8RPS2qIvyxWwBzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
M2U5Y2E1ZjYtODhjZC00ZmE3LThhYjYtYTJkNjc4MDEzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8co
MA0GCSqGSIb3DQEBCwUAA4IBAQCCmUUI1K/IlB5KBusfcStyTONOlCLA0OhjThxZ
uy7WpuuiW+YT3ryVupk95WyD/PwdJzcFCO/RlDckXcUsQzzwpL3V4j4C/ouvMAEB
nQAoNvv7+k5kXxQfE9BJaD+mUfXLUuddMmMsJtbcIFxCM1nN7nxfdQeKJeQotJ4G
ymJhfakTHyHe7aQSzBojv7Hsyy0Jv7R/Xq4pX9y5VNXxWGNx+7bRlMm67N5sdENI
lyjBtSY/mBfncb/HF22tapFxXvu7NUsbdX0WbXOGcOXIUTfV3u2vGbPZbshAwnoq
/9zX8Y++mABCOydHyURKwTlHtrCiuRU9SIXu31JvpiTw0bC9
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:03:40 2025 by rpki-client