Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
File: 4723f2a2-88af-42fa-b700-a780f4cd2903.roa (raw, json)
Hash identifier: vCNgLYJgtBegE1nnEBd8y1YjCSfk+A+9bLKYedCVZ64=
Subject key identifier: A9:09:CC:51:8E:14:07:80:2E:93:B3:90:66:21:64:38:45:37:EA:03
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 438C1026D77CCE82029C4CEE6F4F745133D92314
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
Signing time: Sat 09 Aug 2025 00:20:26 +0000
ROA not before: Sat 09 Aug 2025 00:20:26 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:a000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:8c:10:26:d7:7c:ce:82:02:9c:4c:ee:6f:4f:74:51:33:d9:23:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:26 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=28258baf2d8516144e00f8f1862a7001952f56aa6f0f4ab3f6ae7be6fa22be1f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a6:19:23:33:69:3d:29:05:c4:15:22:f6:49:
22:67:25:aa:4e:ab:ae:03:6c:06:aa:2e:7b:19:cc:
62:44:30:53:c6:55:2b:79:4f:c9:8c:69:3b:dd:ce:
af:57:c0:d2:f6:9c:8a:c6:7c:20:68:13:b5:7d:4e:
f3:04:bc:0d:66:d2:83:97:47:3e:37:d2:f4:8c:92:
55:9a:3f:ca:1f:e2:7a:83:31:8e:52:95:38:74:36:
e0:51:9c:77:76:e6:f0:ca:0d:6f:90:1a:f0:59:1a:
11:d1:18:1d:bb:d9:54:2a:80:b5:20:eb:85:db:5e:
7a:ed:e5:03:03:47:b0:0b:b9:72:3a:7a:7f:1e:c9:
e7:f1:f1:0b:37:d8:c6:5d:cc:e5:c9:2b:7d:ea:e5:
75:62:e8:64:e1:6d:5f:78:6c:08:6c:3d:98:6e:ff:
f7:bd:3d:35:bc:4e:ea:5e:40:1d:98:3b:da:88:d7:
cb:4c:4b:e5:15:35:f3:67:82:8f:87:af:ce:72:6c:
66:03:eb:30:f9:62:0e:52:33:e7:a6:a8:ec:90:e1:
94:74:00:c2:69:5f:aa:99:0c:b0:8d:fb:d9:a5:f5:
19:1f:57:a3:4a:cd:a7:8f:0b:3f:5c:23:18:58:f6:
c1:fe:2a:1b:6a:04:12:b0:15:58:bf:bb:aa:be:8b:
17:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:09:CC:51:8E:14:07:80:2E:93:B3:90:66:21:64:38:45:37:EA:03
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:a000::/36
Signature Algorithm: sha256WithRSAEncryption
66:6c:b7:94:10:ce:c4:fc:19:a6:d8:6b:17:3d:aa:87:89:97:
52:55:dd:1d:93:06:f1:3c:3b:b6:a7:34:fa:ed:39:bc:e6:3a:
8c:48:01:69:70:fa:62:f0:fe:3b:59:21:6f:ff:42:ce:f4:b9:
e3:0d:87:62:a2:f1:8e:f7:93:71:bf:d4:45:a1:47:58:51:bf:
1a:02:3a:fe:47:a0:c7:d4:47:b4:e5:f0:41:e1:24:0c:3a:9b:
43:3c:c7:b0:4a:c5:f9:d9:32:80:88:5d:bc:6d:28:58:c0:01:
ef:10:b3:d9:ce:ad:c6:62:bb:4f:56:7d:c6:3d:b1:09:38:a9:
7e:f0:1a:bb:17:cc:65:e3:c7:c2:55:a3:2e:29:62:53:1d:e7:
60:81:57:de:a2:06:e3:e5:21:d6:ef:bd:9d:98:b4:da:11:4c:
29:cf:f8:8e:66:c5:ec:39:e1:7b:ff:7d:77:b4:94:9e:2a:15:
99:9f:21:a3:c4:49:20:e6:8a:69:67:82:e7:25:8b:ea:ad:00:
b3:41:db:e1:75:2c:a5:ea:1e:e5:85:68:e4:16:43:5e:52:17:
a7:b8:c5:44:89:06:61:e7:7f:d2:96:6f:12:23:c0:4d:ec:a8:
ee:01:72:d1:9b:4e:4b:d3:a1:42:1b:7b:9c:a2:5d:3b:59:3b:
9f:bf:c3:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ4wQJtd8zoICnEzub090UTPZIxQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwMjZaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4MjU4YmFmMmQ4NTE2MTQ0ZTAwZjhmMTg2MmE3MDAxOTUyZjU2YWE2ZjBm
NGFiM2Y2YWU3YmU2ZmEyMmJlMWYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMamGSMzaT0pBcQVIvZJImclqk6rrgNsBqouexnMYkQwU8ZVK3lPyYxpO93O
r1fA0vacisZ8IGgTtX1O8wS8DWbSg5dHPjfS9IySVZo/yh/ieoMxjlKVOHQ24FGc
d3bm8MoNb5Aa8FkaEdEYHbvZVCqAtSDrhdteeu3lAwNHsAu5cjp6fx7J5/HxCzfY
xl3M5ckrferldWLoZOFtX3hsCGw9mG7/9709NbxO6l5AHZg72ojXy0xL5RU182eC
j4evznJsZgPrMPliDlIz56ao7JDhlHQAwmlfqpkMsI372aX1GR9Xo0rNp48LP1wj
GFj2wf4qG2oEErAVWL+7qr6LFzsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSpCcxR
jhQHgC6Ts5BmIWQ4RTfqAzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDcyM2YyYTItODhhZi00MmZhLWI3MDAtYTc4MGY0Y2QyOTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Og
MA0GCSqGSIb3DQEBCwUAA4IBAQBmbLeUEM7E/Bmm2GsXPaqHiZdSVd0dkwbxPDu2
pzT67Tm85jqMSAFpcPpi8P47WSFv/0LO9LnjDYdiovGO95Nxv9RFoUdYUb8aAjr+
R6DH1Ee05fBB4SQMOptDPMewSsX52TKAiF28bShYwAHvELPZzq3GYrtPVn3GPbEJ
OKl+8Bq7F8xl48fCVaMuKWJTHedggVfeogbj5SHW772dmLTaEUwpz/iOZsXsOeF7
/313tJSeKhWZnyGjxEkg5oppZ4LnJYvqrQCzQdvhdSyl6h7lhWjkFkNeUhenuMVE
iQZh53/Slm8SI8BN7KjuAXLRm05L06FCG3ucol07WTufv8Oa
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:08:03 2025 by rpki-client