Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
File: 542fe731-cba6-4c89-a3a4-ba48a69e246b.roa (raw, json)
Hash identifier: 9o/Z0J8cf97deZjABS0nw1TzXywQj3abklboBy7tSWs=
Subject key identifier: 24:17:90:3D:32:0E:66:FF:CF:A8:09:A5:A9:60:F0:54:E2:0D:CC:C7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4C1F875ADD6742B9BB44B5A6766B6F4E18D3CBB2
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
Signing time: Sat 09 Aug 2025 00:21:00 +0000
ROA not before: Sat 09 Aug 2025 00:21:00 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:8800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:1f:87:5a:dd:67:42:b9:bb:44:b5:a6:76:6b:6f:4e:18:d3:cb:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:00 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=11ab6da04eb68aa8f3c4a9af7e463a56849e19bddbb12a6c8a117348975162cb, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0b:c1:b7:27:c0:9c:b3:29:d2:9d:2e:e0:d9:
18:51:de:1d:03:a3:25:5f:1a:66:0a:32:c5:c5:b2:
40:21:62:a6:8d:d8:be:d8:b5:11:9d:f1:d6:0a:24:
a2:19:eb:ad:bb:ba:9a:cf:49:85:b7:57:5c:6f:fe:
e5:22:0a:3f:98:81:a7:5e:6c:89:1b:ce:94:9c:a4:
bd:5f:f5:ed:c2:32:0a:77:f9:49:59:22:e6:30:0a:
81:e6:a0:e7:fa:a8:e4:b0:39:1c:f8:69:d0:df:65:
eb:82:1c:7f:f8:94:c8:3c:98:3a:d2:26:a0:5d:2b:
c9:8f:8f:d3:c8:fe:25:8c:4f:10:bb:09:7a:dc:dc:
b0:91:87:7b:25:61:ac:d9:db:81:0f:f8:23:8b:cf:
11:88:5f:e9:0d:99:ab:b4:58:87:ed:ac:1a:1d:0d:
ed:3b:c0:09:bc:42:51:5f:37:84:27:97:bf:b0:cf:
63:64:7c:b0:0b:9d:9a:4e:89:20:29:1f:98:8e:8b:
ae:c2:4a:58:3a:12:bd:90:1d:e1:44:5c:1d:f3:1e:
45:7e:ed:68:9c:87:0f:38:2a:f5:77:ce:4f:c2:7f:
0c:22:eb:44:98:2a:f3:bc:24:bb:f9:54:9c:fe:f1:
90:cc:b2:ba:30:22:1c:dc:aa:6d:2a:eb:8c:74:6a:
14:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:17:90:3D:32:0E:66:FF:CF:A8:09:A5:A9:60:F0:54:E2:0D:CC:C7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:8800::/40
Signature Algorithm: sha256WithRSAEncryption
73:ac:ac:e5:ee:96:d1:a4:a9:15:c8:40:c0:ba:39:1b:80:12:
62:15:ab:da:36:30:de:28:b8:9a:8c:ac:2e:b1:83:b4:aa:45:
b4:21:1a:ec:20:a4:9c:ab:ae:97:11:d6:9e:f5:5a:32:55:41:
29:3b:b6:90:ab:08:10:46:91:94:99:4e:24:1c:e4:38:b9:f8:
ae:7e:45:2f:fc:a7:0c:0f:11:08:50:32:2c:d4:11:3a:cf:c6:
c6:f7:6b:0d:41:d8:01:ac:a2:ce:38:ee:01:01:b6:0c:4a:6c:
07:2c:1e:d9:b9:7d:db:ee:16:1c:ca:2d:ae:b8:bd:af:66:39:
31:0c:42:29:9b:7e:13:85:0c:75:98:d0:9e:1b:35:39:4d:a3:
f0:2a:f6:75:d0:2d:7e:28:bd:96:36:d5:5b:5e:0c:c6:f1:5c:
47:49:6a:4c:cd:8c:71:b4:d9:02:bf:b5:c8:f8:62:64:b2:ef:
21:8e:b1:30:00:f3:30:42:31:6d:6c:29:d3:d0:9c:e0:9b:76:
6d:53:77:0e:27:3d:b5:74:c2:1f:a4:b5:e8:56:e5:62:f4:1c:
b9:19:81:8e:bc:a2:4f:70:4f:84:c4:aa:7e:58:0b:c7:15:a4:
ea:d0:03:ec:66:6f:ee:64:1a:58:ba:18:4e:63:89:6c:04:68:
1b:04:1d:0a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTB+HWt1nQrm7RLWmdmtvThjTy7IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMDBaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDExYWI2ZGEwNGViNjhhYThmM2M0YTlhZjdlNDYzYTU2ODQ5ZTE5YmRkYmIx
MmE2YzhhMTE3MzQ4OTc1MTYyY2IxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsLwbcnwJyzKdKdLuDZGFHeHQOjJV8aZgoyxcWyQCFipo3Yvti1EZ3x1gok
ohnrrbu6ms9JhbdXXG/+5SIKP5iBp15siRvOlJykvV/17cIyCnf5SVki5jAKgeag
5/qo5LA5HPhp0N9l64Icf/iUyDyYOtImoF0ryY+P08j+JYxPELsJetzcsJGHeyVh
rNnbgQ/4I4vPEYhf6Q2Zq7RYh+2sGh0N7TvACbxCUV83hCeXv7DPY2R8sAudmk6J
ICkfmI6LrsJKWDoSvZAd4URcHfMeRX7taJyHDzgq9XfOT8J/DCLrRJgq87wku/lU
nP7xkMyyujAiHNyqbSrrjHRqFOkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQkF5A9
Mg5m/8+oCaWpYPBU4g3MxzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTQyZmU3MzEtY2JhNi00Yzg5LWEzYTQtYmE0OGE2OWUyNDZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8WI
MA0GCSqGSIb3DQEBCwUAA4IBAQBzrKzl7pbRpKkVyEDAujkbgBJiFavaNjDeKLia
jKwusYO0qkW0IRrsIKScq66XEdae9VoyVUEpO7aQqwgQRpGUmU4kHOQ4ufiufkUv
/KcMDxEIUDIs1BE6z8bG92sNQdgBrKLOOO4BAbYMSmwHLB7ZuX3b7hYcyi2uuL2v
ZjkxDEIpm34ThQx1mNCeGzU5TaPwKvZ10C1+KL2WNtVbXgzG8VxHSWpMzYxxtNkC
v7XI+GJksu8hjrEwAPMwQjFtbCnT0Jzgm3ZtU3cOJz21dMIfpLXoVuVi9By5GYGO
vKJPcE+ExKp+WAvHFaTq0APsZm/uZBpYuhhOY4lsBGgbBB0K
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:45:06 2025 by rpki-client