Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
File: 4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa (raw, json)
Hash identifier: LQyx2IH2iV9So2LhtD4A1NpOe0AUE6KCxLD3kNjlVtY=
Subject key identifier: 65:39:8F:03:DA:70:38:04:B7:49:42:EB:F0:6C:15:D0:F4:E6:90:17
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7558A24BF05672409279361604133DD8CA52A636
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
Signing time: Sat 09 Aug 2025 00:20:50 +0000
ROA not before: Sat 09 Aug 2025 00:20:50 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:58:a2:4b:f0:56:72:40:92:79:36:16:04:13:3d:d8:ca:52:a6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:50 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=f23a66adf25a36ebcd11b41c2b0c86a9903d222ef9c6cb62963d639d7e302c69, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d3:f3:de:7d:9d:b6:36:83:30:a0:89:29:86:
e4:6d:c6:d9:2c:db:b6:47:24:f9:d6:3b:cb:9b:df:
c2:46:46:32:5f:4d:4f:55:f6:57:b8:96:ab:2b:a1:
cf:bb:b5:9a:48:ba:f1:dd:0f:8e:9c:69:aa:e9:37:
e0:bf:75:8d:64:e4:02:b9:e8:e0:71:14:a6:cd:1c:
4d:2f:7a:74:67:04:81:6e:4e:cb:2b:33:f1:74:dd:
aa:26:52:f2:a9:04:81:07:3e:3d:16:92:ad:9d:be:
ac:48:1b:de:6d:62:04:ec:52:8e:a8:20:9f:5d:5e:
61:9b:2d:0c:f9:b9:ce:f1:67:6f:f4:63:67:f6:23:
35:c8:b3:51:d0:27:58:c3:0a:56:66:b3:fb:ce:ba:
80:0f:78:f3:0d:14:45:54:51:ca:e7:96:17:2b:0c:
84:39:00:c3:2e:1d:39:29:ac:3d:42:13:86:29:12:
97:51:73:37:17:ca:8d:0e:f3:7e:bc:cb:66:35:9a:
cd:30:5b:07:49:41:a9:63:0b:77:98:96:81:99:81:
1b:2b:d2:1f:08:b2:00:be:6f:ac:92:a8:50:71:6a:
bb:db:3c:b1:0e:59:25:e6:48:8c:a4:b5:6b:55:d7:
bd:d9:b6:fb:fa:6c:9b:6d:13:37:35:9a:9c:b2:0b:
b2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:39:8F:03:DA:70:38:04:B7:49:42:EB:F0:6C:15:D0:F4:E6:90:17
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:840::/48
Signature Algorithm: sha256WithRSAEncryption
40:94:86:89:99:c0:d2:ce:08:eb:80:56:27:4c:9a:b8:98:a0:
2d:3b:62:80:84:67:af:4f:ca:6f:54:e9:13:60:8d:81:1d:5a:
a5:ca:83:9a:68:8d:e2:f6:98:00:68:95:1e:f4:78:44:41:36:
8d:2a:ef:ef:33:f7:37:88:83:ec:5e:02:d5:80:8a:08:fd:ed:
5d:cd:28:5e:ce:2f:4b:5a:a1:f1:f4:77:30:3e:f8:6c:31:56:
f8:2a:60:ab:5d:c1:0a:43:78:f5:a3:4d:a3:be:c0:4e:df:c8:
fc:0c:e4:bc:72:4b:de:82:4f:33:b2:9b:4f:b6:5d:45:08:49:
09:5b:4e:7f:66:22:8e:9f:37:49:23:4f:aa:ca:07:2a:47:45:
7b:a0:28:34:af:7c:c9:09:68:17:12:91:6e:80:83:03:db:c9:
ed:61:2a:04:a0:f7:95:23:a4:ed:24:dc:57:92:33:c0:5e:69:
1e:7e:02:cf:79:e1:0d:4e:69:c2:91:61:e6:9f:ad:08:a2:7b:
62:3f:12:db:b7:f9:0e:a7:67:11:d4:d5:0f:53:53:86:ac:37:
65:45:fb:e7:9f:65:d7:a3:59:71:ea:ce:eb:f4:99:03:0e:d8:
32:05:66:dc:10:59:fc:11:1a:5c:b0:76:9e:f2:a2:d1:0f:7b:
53:df:fd:7e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdViiS/BWckCSeTYWBBM92MpSpjYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwNTBaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyM2E2NmFkZjI1YTM2ZWJjZDExYjQxYzJiMGM4NmE5OTAzZDIyMmVmOWM2
Y2I2Mjk2M2Q2MzlkN2UzMDJjNjkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXT8959nbY2gzCgiSmG5G3G2Szbtkck+dY7y5vfwkZGMl9NT1X2V7iWqyuh
z7u1mki68d0Pjpxpquk34L91jWTkArno4HEUps0cTS96dGcEgW5Oyysz8XTdqiZS
8qkEgQc+PRaSrZ2+rEgb3m1iBOxSjqggn11eYZstDPm5zvFnb/RjZ/YjNcizUdAn
WMMKVmaz+866gA948w0URVRRyueWFysMhDkAwy4dOSmsPUIThikSl1FzNxfKjQ7z
frzLZjWazTBbB0lBqWMLd5iWgZmBGyvSHwiyAL5vrJKoUHFqu9s8sQ5ZJeZIjKS1
a1XXvdm2+/psm20TNzWanLILsnsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRlOY8D
2nA4BLdJQuvwbBXQ9OaQFzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NGMzYTc4YmYtZDljZi00MThmLThhM2EtOGMzZTcyNDcwYzFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
QDANBgkqhkiG9w0BAQsFAAOCAQEAQJSGiZnA0s4I64BWJ0yauJigLTtigIRnr0/K
b1TpE2CNgR1apcqDmmiN4vaYAGiVHvR4REE2jSrv7zP3N4iD7F4C1YCKCP3tXc0o
Xs4vS1qh8fR3MD74bDFW+Cpgq13BCkN49aNNo77ATt/I/AzkvHJL3oJPM7KbT7Zd
RQhJCVtOf2Yijp83SSNPqsoHKkdFe6AoNK98yQloFxKRboCDA9vJ7WEqBKD3lSOk
7STcV5IzwF5pHn4Cz3nhDU5pwpFh5p+tCKJ7Yj8S27f5DqdnEdTVD1NThqw3ZUX7
559l16NZcerO6/SZAw7YMgVm3BBZ/BEaXLB2nvKi0Q97U9/9fg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:07:03 2025 by rpki-client