Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/40f9b1f2-5ad7-442e-b02a-156712d4fa19.roa
File: 40f9b1f2-5ad7-442e-b02a-156712d4fa19.roa (raw, json)
Hash identifier: VDPs2UhfFQcOuCa9Ltfcfxln5VhwteMMb9ZPondNP0I=
Subject key identifier: D0:AA:1F:FF:53:10:B3:DF:F5:46:BF:9A:9F:05:3F:F8:18:6F:BB:FE
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4ACBEB34CDCD4CE8761993FA6BC309BB9600F187
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/40f9b1f2-5ad7-442e-b02a-156712d4fa19.roa
Signing time: Sat 09 Aug 2025 00:20:59 +0000
ROA not before: Sat 09 Aug 2025 00:20:59 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:cb:eb:34:cd:cd:4c:e8:76:19:93:fa:6b:c3:09:bb:96:00:f1:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:59 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=041216a68ed34bd3e655396dee5855a8b25f706506474a5d8c8203b23d5fb0fc, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a3:5e:49:29:45:d1:bc:e9:0b:fb:0f:f7:25:
93:d6:b3:45:b9:93:0f:ab:d7:79:d8:5b:cc:39:a6:
7f:e1:cf:83:21:63:d7:a0:f5:b4:b1:1f:20:2e:33:
d7:7a:c5:66:f8:7d:90:49:b4:34:32:e5:38:bb:d2:
7c:eb:31:c7:06:31:ce:a5:e7:f9:be:cc:57:38:a8:
e6:48:f0:ff:02:ec:55:9b:1f:a1:10:da:05:28:96:
6d:9d:16:bf:50:50:9b:50:7e:e8:48:e6:92:70:77:
79:20:57:62:4c:e3:d1:af:d5:c4:ea:1f:76:d0:ca:
62:e2:1e:40:3e:68:88:15:c8:bb:90:71:41:09:f7:
ce:08:8a:8f:2f:28:0d:63:31:25:74:1b:cd:e1:78:
bf:f5:e6:c6:16:c4:5d:c0:96:71:b8:55:61:65:5a:
83:fb:c0:b7:06:60:16:77:58:48:02:34:7a:d9:9c:
74:23:0e:5a:89:1a:7c:2b:d0:8e:ac:8d:32:04:84:
39:22:c2:e1:64:57:55:49:b7:0e:2b:2f:4b:1f:38:
a1:9f:2c:53:de:0e:db:00:ac:94:74:0a:02:73:35:
ad:fc:ff:dc:67:15:4f:83:76:df:d6:ba:12:af:ff:
f7:31:90:98:6b:ab:09:49:31:87:cd:68:7b:2c:9e:
a7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:AA:1F:FF:53:10:B3:DF:F5:46:BF:9A:9F:05:3F:F8:18:6F:BB:FE
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/40f9b1f2-5ad7-442e-b02a-156712d4fa19.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:5000::/36
Signature Algorithm: sha256WithRSAEncryption
3f:ae:c4:f8:a2:c5:60:07:7c:b7:46:f8:5b:b4:a8:63:b4:47:
26:78:ba:7a:78:4d:03:87:da:7a:1f:2e:54:9f:88:d4:1e:a6:
2a:30:e6:d0:a0:db:ab:db:9c:55:22:83:a9:ae:f5:0f:88:0c:
46:4a:29:76:a3:ce:87:2c:32:7f:0a:a0:6f:5c:73:d0:ec:ca:
8c:ec:28:2c:f6:65:f3:12:1d:a6:a6:23:8b:97:85:71:ec:ad:
27:63:56:41:9c:21:70:2d:04:6e:3c:32:17:6c:8e:49:1a:6d:
4e:fc:89:6f:64:f3:73:d8:bb:37:c0:43:29:ed:ca:ab:a8:63:
f1:cf:e1:d5:8f:6b:ef:74:db:41:1e:fc:db:63:77:29:a7:ec:
b3:7d:97:3e:35:09:5f:ed:4e:53:03:68:86:a8:85:56:0c:84:
a9:e1:49:5c:e6:31:95:e6:75:99:21:90:a8:d9:3b:7c:8c:e9:
b2:c0:a5:c0:a2:18:a3:e8:03:a0:e4:94:d0:28:69:c1:dd:71:
43:96:25:bd:0b:92:5a:82:c9:d0:43:72:f7:75:91:a8:d3:7e:
21:19:d9:c8:82:91:c8:a5:04:04:8f:cd:4b:27:30:99:e1:3c:
2f:ed:b8:6a:ca:b3:36:8f:a5:75:81:74:49:e7:91:5b:58:18:
e2:3e:b9:eb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSsvrNM3NTOh2GZP6a8MJu5YA8YcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwNTlaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0MTIxNmE2OGVkMzRiZDNlNjU1Mzk2ZGVlNTg1NWE4YjI1ZjcwNjUwNjQ3
NGE1ZDhjODIwM2IyM2Q1ZmIwZmMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOajXkkpRdG86Qv7D/clk9azRbmTD6vXedhbzDmmf+HPgyFj16D1tLEfIC4z
13rFZvh9kEm0NDLlOLvSfOsxxwYxzqXn+b7MVzio5kjw/wLsVZsfoRDaBSiWbZ0W
v1BQm1B+6EjmknB3eSBXYkzj0a/VxOofdtDKYuIeQD5oiBXIu5BxQQn3zgiKjy8o
DWMxJXQbzeF4v/XmxhbEXcCWcbhVYWVag/vAtwZgFndYSAI0etmcdCMOWokafCvQ
jqyNMgSEOSLC4WRXVUm3DisvSx84oZ8sU94O2wCslHQKAnM1rfz/3GcVT4N239a6
Eq//9zGQmGurCUkxh81oeyyep9ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQqh//
UxCz3/VGv5qfBT/4GG+7/jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDBmOWIxZjItNWFkNy00NDJlLWIwMmEtMTU2NzEyZDRmYTE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA/rsT4osVgB3y3RvhbtKhjtEcmeLp6eE0Dh9p6
Hy5Un4jUHqYqMObQoNur25xVIoOprvUPiAxGSil2o86HLDJ/CqBvXHPQ7MqM7Cgs
9mXzEh2mpiOLl4Vx7K0nY1ZBnCFwLQRuPDIXbI5JGm1O/IlvZPNz2Ls3wEMp7cqr
qGPxz+HVj2vvdNtBHvzbY3cpp+yzfZc+NQlf7U5TA2iGqIVWDISp4Ulc5jGV5nWZ
IZCo2Tt8jOmywKXAohij6AOg5JTQKGnB3XFDliW9C5JagsnQQ3L3dZGo034hGdnI
gpHIpQQEj81LJzCZ4Twv7bhqyrM2j6V1gXRJ55FbWBjiPrnr
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:06:58 2025 by rpki-client