Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa
File: 4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa (raw, json)
Hash identifier: qlFARtKibszkamNdU3BWHJrZo41D0YbbE8cN1Wtn73Y=
Subject key identifier: 83:B2:C3:E0:40:10:D4:4F:58:80:88:04:1B:4D:76:2A:97:3F:23:1B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6A63C602743C84E5092ED3B15FE58F212DAC930C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa
Signing time: Sat 09 Aug 2025 00:21:21 +0000
ROA not before: Sat 09 Aug 2025 00:21:21 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc2:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:63:c6:02:74:3c:84:e5:09:2e:d3:b1:5f:e5:8f:21:2d:ac:93:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:21 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=3adde08474fce679652858e34c05f8dc1723f9a7432a5cff634f044412ef4aaa, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f9:14:70:ef:a6:03:25:3b:90:85:99:3e:2b:
57:77:f1:71:95:c7:91:0d:63:ac:fb:84:35:97:04:
cd:2c:b3:4d:15:f6:41:01:ef:be:55:5b:41:a3:4d:
28:15:66:c9:31:0d:40:52:9f:dd:0a:fb:9f:de:91:
01:8f:f7:57:7c:bf:d3:c0:75:06:4f:8e:c0:38:8d:
63:b8:e1:e6:9e:85:17:42:06:ac:98:b8:fb:75:45:
8e:ec:42:20:4d:6d:da:32:1a:ad:77:04:f3:fe:1d:
33:97:bd:9c:48:01:59:6a:a1:48:bb:55:a1:df:a7:
78:56:4a:22:54:04:d0:3d:43:9b:f6:6b:b8:9d:07:
6b:13:32:91:dc:f6:6a:44:00:9e:58:27:32:fd:a9:
a5:fe:37:b0:db:b5:6d:dd:10:56:d4:e8:40:a7:51:
14:cb:ce:aa:c2:c7:be:d8:91:0a:1b:c7:b5:05:e7:
79:e1:e0:01:d8:35:31:36:8e:9c:81:fe:d0:c8:25:
bf:06:bd:7a:24:34:a9:62:b4:66:e5:53:4a:23:df:
87:9a:21:9d:2d:d3:bf:cb:8e:b4:5f:97:ce:55:ff:
e9:85:2a:3b:32:41:78:e9:85:fe:ca:bf:e3:c0:ed:
13:ec:e3:37:4f:1d:c8:82:1e:dc:5e:5f:72:b4:20:
e5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:B2:C3:E0:40:10:D4:4F:58:80:88:04:1B:4D:76:2A:97:3F:23:1B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc2:8000::/36
Signature Algorithm: sha256WithRSAEncryption
49:e9:fe:b1:0a:c5:0c:ab:ea:85:96:6c:98:0f:67:29:54:d2:
cf:5e:ce:9e:15:f6:ad:92:2a:84:97:69:04:01:71:df:9a:3d:
ab:a3:58:95:f7:67:86:fd:30:eb:8b:4e:f7:89:5f:e3:10:6c:
9f:d8:e4:71:3e:47:c1:41:0b:5f:fc:a4:1d:79:75:a8:a0:8e:
8f:42:67:72:8e:c8:2b:a2:72:2e:ac:d8:9a:8d:11:ba:de:b6:
97:c5:89:0b:8e:e4:98:29:9c:8e:b1:b4:26:d2:e0:a5:1b:c3:
37:de:e1:d5:b6:bf:d4:fe:d3:73:ef:cd:27:71:c1:33:0f:ea:
af:35:ba:f2:ae:82:5e:d1:4a:db:8c:ee:4a:c6:77:f7:29:bf:
ce:c4:e9:60:cd:64:0b:74:61:20:33:04:3d:5a:38:bf:9b:0d:
1b:5d:6b:65:43:d6:dd:f5:66:1b:6f:c3:72:c9:f2:7d:e7:c4:
2d:ab:01:63:af:ce:3e:c1:85:8a:1f:be:44:54:a7:f9:83:8b:
91:ca:42:ed:ff:4a:e8:6a:5c:5d:fd:10:72:1e:79:7f:71:e7:
2f:7e:ea:a8:74:35:6c:1b:fd:ba:13:56:8f:ad:a7:5d:23:73:
f2:85:5c:77:d2:97:63:f7:8b:37:b4:29:a1:a5:36:16:57:c8:
de:35:25:05
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUamPGAnQ8hOUJLtOxX+WPIS2skwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMjFaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhZGRlMDg0NzRmY2U2Nzk2NTI4NThlMzRjMDVmOGRjMTcyM2Y5YTc0MzJh
NWNmZjYzNGYwNDQ0MTJlZjRhYWExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANj5FHDvpgMlO5CFmT4rV3fxcZXHkQ1jrPuENZcEzSyzTRX2QQHvvlVbQaNN
KBVmyTENQFKf3Qr7n96RAY/3V3y/08B1Bk+OwDiNY7jh5p6FF0IGrJi4+3VFjuxC
IE1t2jIarXcE8/4dM5e9nEgBWWqhSLtVod+neFZKIlQE0D1Dm/ZruJ0HaxMykdz2
akQAnlgnMv2ppf43sNu1bd0QVtToQKdRFMvOqsLHvtiRChvHtQXneeHgAdg1MTaO
nIH+0Mglvwa9eiQ0qWK0ZuVTSiPfh5ohnS3Tv8uOtF+XzlX/6YUqOzJBeOmF/sq/
48DtE+zjN08dyIIe3F5fcrQg5b8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSDssPg
QBDUT1iAiAQbTXYqlz8jGzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDMxOGMzZjAtYzZhNy00MzBjLWJmYWQtNjQ1ZDlhZDgxNGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8KA
MA0GCSqGSIb3DQEBCwUAA4IBAQBJ6f6xCsUMq+qFlmyYD2cpVNLPXs6eFfatkiqE
l2kEAXHfmj2ro1iV92eG/TDri073iV/jEGyf2ORxPkfBQQtf/KQdeXWooI6PQmdy
jsgronIurNiajRG63raXxYkLjuSYKZyOsbQm0uClG8M33uHVtr/U/tNz780nccEz
D+qvNbryroJe0UrbjO5Kxnf3Kb/OxOlgzWQLdGEgMwQ9Wji/mw0bXWtlQ9bd9WYb
b8NyyfJ958QtqwFjr84+wYWKH75EVKf5g4uRykLt/0roalxd/RByHnl/cecvfuqo
dDVsG/26E1aPraddI3PyhVx30pdj94s3tCmhpTYWV8jeNSUF
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:01 2025 by rpki-client