Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50f59e85-50ab-4b5a-9119-096ba93f86f2.roa
File: 50f59e85-50ab-4b5a-9119-096ba93f86f2.roa (raw, json)
Hash identifier: zFxn8ihijXEd2SNWeZTZ0A+vnGFhZSfM3w1+N1YJoE0=
Subject key identifier: 61:40:9E:65:87:FD:92:85:E3:AD:5F:D4:AE:57:B0:19:E0:AA:10:AE
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 652DD3A293779EE2193CCA1CAB9465F7DB893DA4
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50f59e85-50ab-4b5a-9119-096ba93f86f2.roa
Signing time: Sat 09 Aug 2025 00:30:10 +0000
ROA not before: Sat 09 Aug 2025 00:30:10 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:2d:d3:a2:93:77:9e:e2:19:3c:ca:1c:ab:94:65:f7:db:89:3d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:30:10 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=0606a9b5128fb347503bfdd26da4573275e3019c4dcc138edcb9ee3a8bd55e28, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:c7:95:64:41:a2:20:fb:03:a3:6b:2a:44:1f:
83:ca:0f:a7:ff:9d:78:6a:e6:ab:63:2d:73:e7:80:
eb:25:5f:08:bb:16:d5:13:8e:85:5c:80:ef:86:c4:
52:31:39:f8:5f:17:54:e2:ba:a7:43:7d:bb:c4:f6:
48:59:c1:bb:51:ed:89:02:84:85:1f:29:a2:97:3b:
a1:50:f7:d9:fb:e1:59:ac:ba:b5:fb:03:b6:8b:98:
50:5a:a9:e8:58:62:61:cd:1c:f4:22:48:0c:3a:bc:
8b:a8:13:65:49:7c:f1:21:c9:b7:9d:6f:5f:9e:c8:
6a:53:ef:0c:c6:fc:f2:72:da:82:31:ca:6d:00:ee:
0b:8f:85:10:23:dc:7b:04:e8:f1:1d:1d:f9:82:65:
15:a7:86:5e:34:b3:34:db:37:37:48:ff:83:7d:38:
c8:fa:b4:11:0c:46:6b:40:16:94:b5:5e:aa:29:c4:
0f:24:55:f6:ea:40:bd:6e:69:3e:91:68:12:9e:b5:
9b:97:ea:45:af:1e:e3:2d:49:36:48:c3:4b:74:7f:
f6:e8:4e:ef:82:46:bb:e5:f1:50:01:94:02:dd:4b:
d7:cf:15:0d:ee:b8:85:7b:8d:f2:4f:4a:94:94:91:
4e:66:e2:3f:b4:08:68:02:9e:11:02:65:04:5e:c3:
13:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:40:9E:65:87:FD:92:85:E3:AD:5F:D4:AE:57:B0:19:E0:AA:10:AE
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50f59e85-50ab-4b5a-9119-096ba93f86f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:1000::/36
Signature Algorithm: sha256WithRSAEncryption
9e:a5:7a:54:0c:5b:0e:07:c8:4d:f8:fd:e1:13:ff:30:60:3a:
76:fe:6e:ba:aa:fa:34:7f:45:75:30:35:1e:ea:73:bf:d8:f2:
31:8a:33:d9:46:63:05:47:55:47:48:25:78:c8:f1:54:a1:00:
bb:d0:b7:25:e1:63:a3:35:13:e7:c2:56:a4:33:8b:f0:40:b1:
c1:6b:15:07:57:ed:b2:1e:b4:53:a0:6e:c0:e5:99:0e:a8:a4:
08:02:0c:71:b4:71:30:60:05:bc:bf:fd:b0:97:67:d5:76:3f:
2c:9d:f4:7b:24:c1:44:13:c8:f9:8d:11:31:2c:71:21:69:d3:
7d:41:a2:33:1d:0b:df:eb:03:26:79:9f:08:61:64:e6:3e:e7:
21:72:0a:97:20:4c:2b:57:d4:1a:d2:34:54:9d:6f:12:d2:cb:
88:ed:05:bb:f8:f3:bc:9e:58:a3:48:05:69:2d:6f:21:b8:5d:
e0:d5:9f:32:57:8a:9b:81:83:f0:38:d6:a7:10:d0:00:3d:ff:
87:c4:47:a3:5b:a6:d8:08:3b:04:ce:10:04:ea:db:e5:1b:75:
3e:91:30:2d:03:0e:4d:b9:c5:54:27:e4:0c:22:f5:65:56:60:
53:58:15:18:74:14:87:f7:03:ee:27:4c:30:00:89:0e:7a:20:
3d:ac:93:9d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZS3TopN3nuIZPMocq5Rl99uJPaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDMwMTBaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2MDZhOWI1MTI4ZmIzNDc1MDNiZmRkMjZkYTQ1NzMyNzVlMzAxOWM0ZGNj
MTM4ZWRjYjllZTNhOGJkNTVlMjgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPDHlWRBoiD7A6NrKkQfg8oPp/+deGrmq2Mtc+eA6yVfCLsW1ROOhVyA74bE
UjE5+F8XVOK6p0N9u8T2SFnBu1HtiQKEhR8popc7oVD32fvhWay6tfsDtouYUFqp
6FhiYc0c9CJIDDq8i6gTZUl88SHJt51vX57IalPvDMb88nLagjHKbQDuC4+FECPc
ewTo8R0d+YJlFaeGXjSzNNs3N0j/g304yPq0EQxGa0AWlLVeqinEDyRV9upAvW5p
PpFoEp61m5fqRa8e4y1JNkjDS3R/9uhO74JGu+XxUAGUAt1L188VDe64hXuN8k9K
lJSRTmbiP7QIaAKeEQJlBF7DE10CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRhQJ5l
h/2SheOtX9SuV7AZ4KoQrjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTBmNTllODUtNTBhYi00YjVhLTkxMTktMDk2YmE5M2Y4NmYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8MQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCepXpUDFsOB8hN+P3hE/8wYDp2/m66qvo0f0V1
MDUe6nO/2PIxijPZRmMFR1VHSCV4yPFUoQC70Lcl4WOjNRPnwlakM4vwQLHBaxUH
V+2yHrRToG7A5ZkOqKQIAgxxtHEwYAW8v/2wl2fVdj8snfR7JMFEE8j5jRExLHEh
adN9QaIzHQvf6wMmeZ8IYWTmPuchcgqXIEwrV9Qa0jRUnW8S0suI7QW7+PO8nlij
SAVpLW8huF3g1Z8yV4qbgYPwONanENAAPf+HxEejW6bYCDsEzhAE6tvlG3U+kTAt
Aw5NucVUJ+QMIvVlVmBTWBUYdBSH9wPuJ0wwAIkOeiA9rJOd
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:51 2025 by rpki-client