Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
File: 50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa (raw, json)
Hash identifier: h5cMLEf9EcM6HIyP4ToCsMSTs1hxmZxl+OJ1zrL+Pb8=
Subject key identifier: 59:66:56:1C:C8:25:12:79:CE:81:B9:81:F6:FC:00:39:3B:DA:B1:86
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7F1D197688ADDBF6B7B391DABC778D06CD1C78B8
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
Signing time: Sat 09 Aug 2025 00:21:20 +0000
ROA not before: Sat 09 Aug 2025 00:21:20 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:c000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:1d:19:76:88:ad:db:f6:b7:b3:91:da:bc:77:8d:06:cd:1c:78:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:20 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=1832d79f3c2528810f018176b7e70aefb70342c811b3fbf9e939f6f48db6102c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:e3:88:57:ea:41:31:ab:8c:d8:69:83:b3:5d:
c6:6c:e9:4e:ad:30:e5:a9:01:36:ac:28:b4:af:71:
88:35:2e:9a:37:85:58:58:42:f2:aa:65:ea:d0:d9:
03:fa:44:35:23:90:a5:a0:42:ac:6e:d5:5a:a2:d3:
30:bc:f2:eb:cb:43:9e:2f:70:5d:ef:e2:f4:9e:46:
92:53:b0:7c:08:f9:74:cb:4a:bd:96:ee:c0:87:99:
3e:61:eb:6d:05:19:6c:1b:23:b9:17:00:5d:28:af:
44:4b:c9:e5:7c:49:3a:ce:7b:fb:1c:c4:c2:18:55:
60:26:bb:47:02:58:62:82:48:26:e2:5c:cc:a4:af:
6e:55:79:46:0b:9b:78:14:07:70:ed:64:1f:58:0d:
9c:e8:d2:a5:97:3a:56:d9:63:39:33:4f:68:8b:b5:
51:9e:7c:70:b7:20:e2:ef:2d:69:31:2a:3a:38:0c:
e3:6c:da:8e:7d:f2:8c:7c:19:7c:5e:d5:47:8a:86:
79:31:d5:be:08:33:17:2f:62:8e:0d:79:44:42:b8:
3c:60:11:4a:b9:c6:e4:d9:de:28:f6:02:d4:b8:a0:
a0:8f:f2:76:df:bc:7f:00:ce:b5:f1:d7:27:37:e2:
17:76:62:c0:d0:06:82:12:16:00:5f:5f:cd:33:27:
d0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:66:56:1C:C8:25:12:79:CE:81:B9:81:F6:FC:00:39:3B:DA:B1:86
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:c000::/36
Signature Algorithm: sha256WithRSAEncryption
ae:0f:11:9d:1f:f2:4d:ee:98:2a:cf:68:e6:f9:3e:23:05:bf:
ed:c7:0d:8a:0d:7e:7f:05:d1:04:b0:69:7f:57:a1:79:07:4e:
6c:ad:bb:8f:b6:47:40:29:df:70:20:78:85:f1:aa:ca:9e:00:
df:9a:72:ac:22:cb:70:be:b5:d0:fc:3f:96:59:c7:95:88:70:
9a:65:b3:c4:2b:13:24:17:b8:91:81:d1:e0:e0:70:bd:2b:cc:
ba:a9:30:d5:53:92:d8:03:f0:d2:e7:2e:eb:f5:9d:15:9e:23:
48:ed:bd:67:ee:ea:da:c6:9c:2e:94:8f:69:61:d5:2b:e3:b2:
e7:a0:5a:ff:1a:42:54:58:83:4f:03:a4:cb:98:71:00:18:a9:
83:51:0a:6d:29:83:c3:67:de:4d:47:ca:ca:0b:d1:99:12:69:
09:04:fd:9b:6c:ca:97:52:1c:c3:51:4d:4e:c7:e5:db:c2:b3:
37:1c:67:7d:ce:11:8b:23:5f:8a:b1:96:4b:52:36:67:74:9e:
94:0d:a4:71:c5:d7:9b:8c:af:5f:ea:35:4c:af:f1:96:e2:4f:
a1:a6:78:d3:f7:69:a9:4d:96:79:a4:4e:3d:22:9e:df:de:49:
71:34:ec:f4:e5:0c:09:d8:0e:03:42:ae:82:e3:0c:de:22:8a:
37:c2:03:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfx0Zdoit2/a3s5HavHeNBs0ceLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMjBaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4MzJkNzlmM2MyNTI4ODEwZjAxODE3NmI3ZTcwYWVmYjcwMzQyYzgxMWIz
ZmJmOWU5MzlmNmY0OGRiNjEwMmMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzjiFfqQTGrjNhpg7NdxmzpTq0w5akBNqwotK9xiDUumjeFWFhC8qpl6tDZ
A/pENSOQpaBCrG7VWqLTMLzy68tDni9wXe/i9J5GklOwfAj5dMtKvZbuwIeZPmHr
bQUZbBsjuRcAXSivREvJ5XxJOs57+xzEwhhVYCa7RwJYYoJIJuJczKSvblV5Rgub
eBQHcO1kH1gNnOjSpZc6VtljOTNPaIu1UZ58cLcg4u8taTEqOjgM42zajn3yjHwZ
fF7VR4qGeTHVvggzFy9ijg15REK4PGARSrnG5NneKPYC1LigoI/ydt+8fwDOtfHX
JzfiF3ZiwNAGghIWAF9fzTMn0I8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRZZlYc
yCUSec6BuYH2/AA5O9qxhjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTBiMGM4ZjUtOWIwMy00ZDAwLWI3YmMtMzBhMjUzYjgzYmUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fA
MA0GCSqGSIb3DQEBCwUAA4IBAQCuDxGdH/JN7pgqz2jm+T4jBb/txw2KDX5/BdEE
sGl/V6F5B05srbuPtkdAKd9wIHiF8arKngDfmnKsIstwvrXQ/D+WWceViHCaZbPE
KxMkF7iRgdHg4HC9K8y6qTDVU5LYA/DS5y7r9Z0VniNI7b1n7uraxpwulI9pYdUr
47LnoFr/GkJUWINPA6TLmHEAGKmDUQptKYPDZ95NR8rKC9GZEmkJBP2bbMqXUhzD
UU1Ox+XbwrM3HGd9zhGLI1+KsZZLUjZndJ6UDaRxxdebjK9f6jVMr/GW4k+hpnjT
92mpTZZ5pE49Ip7f3klxNOz05QwJ2A4DQq6C4wzeIoo3wgPu
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:58:44 2025 by rpki-client