Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
File: 5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa (raw, json)
Hash identifier: 7FsWILhk9VUB+wRITtej97SdJBE5RBmpPmNxgzloXHA=
Subject key identifier: 76:55:9C:94:AF:89:BB:0F:C9:E2:4B:CA:50:10:DC:A4:DB:81:0E:30
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 19F2DCAF7304641DB7448CB4A97E1F4F42569CE0
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
Signing time: Sat 09 Aug 2025 00:20:17 +0000
ROA not before: Sat 09 Aug 2025 00:20:17 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:8800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:f2:dc:af:73:04:64:1d:b7:44:8c:b4:a9:7e:1f:4f:42:56:9c:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:17 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=3f1ac9abe5176612e5671f3ec8aee01ecd25714e18acfaec18bf5bbacc9992e3, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bd:fa:59:fb:30:bc:ba:cc:ff:d4:7c:3e:ca:
63:94:8d:6f:f6:2e:c7:22:35:ae:f8:08:98:62:d3:
4e:cd:d9:44:45:76:8e:4a:cf:8b:31:cc:c1:c7:3d:
ca:7a:df:06:30:f9:81:a1:58:c1:8a:88:7d:43:38:
a0:6f:15:27:1b:2d:84:41:61:85:95:5e:e9:6f:bd:
2c:cc:68:34:9b:2a:2d:f6:f8:b4:cc:34:f5:bc:c9:
9b:93:ea:85:c2:78:7d:be:dd:df:7e:2b:2b:37:f7:
67:0c:81:b3:cc:c3:80:13:37:e2:7f:3c:17:27:73:
c2:87:01:d7:9d:a0:bc:4d:72:05:d5:fb:88:36:85:
6e:dd:69:1a:44:a9:95:aa:35:07:f3:c5:1f:be:26:
4f:3d:9d:53:4c:95:d9:16:17:28:0d:9f:34:d7:58:
d5:f5:78:85:1d:ff:bb:a2:23:a7:23:f0:4d:c2:a3:
98:ee:7b:b6:7c:bc:5b:3c:c2:40:90:1e:8d:b3:78:
42:50:0d:3a:31:5e:d5:e3:6d:4b:0f:fb:7e:ac:fd:
d6:27:f3:03:d2:6a:a2:84:f2:18:07:c6:0a:0d:19:
f3:d8:68:c1:ab:48:39:4f:9f:93:80:95:42:42:c0:
f1:3c:b1:a9:bb:82:df:29:dd:1d:47:14:30:a9:a7:
a0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:55:9C:94:AF:89:BB:0F:C9:E2:4B:CA:50:10:DC:A4:DB:81:0E:30
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:8800::/40
Signature Algorithm: sha256WithRSAEncryption
83:41:6d:52:84:a3:10:83:f1:eb:a4:01:7a:95:fa:3d:1e:15:
83:f5:fe:f4:cc:7a:e3:d9:e0:f8:56:78:e5:9e:49:19:df:f9:
25:f7:f5:96:bc:6b:79:d4:c6:e0:fd:43:c5:1c:2c:dd:f2:8f:
28:03:1d:3f:0b:a0:67:76:a3:6f:98:99:3f:99:de:53:55:ad:
b9:ab:86:ef:78:d1:7c:a3:0b:8b:a6:e5:4d:63:46:87:07:c1:
4f:6a:40:ce:c7:ef:d4:a0:69:0a:97:6f:43:94:bc:95:7b:8f:
96:ca:a8:f5:9d:8a:78:2c:71:f8:48:e5:48:83:3f:82:67:cc:
c6:79:a6:62:e6:95:dc:8b:94:eb:f7:41:aa:48:3e:06:58:d1:
fd:a3:6b:df:e8:bc:36:dd:16:9d:85:d6:3a:e8:98:02:a6:aa:
fd:be:51:03:c1:06:bc:27:06:3e:bb:c3:80:b9:03:09:73:71:
44:ab:63:8a:29:32:83:99:45:d1:ee:99:80:c0:39:47:48:ee:
16:69:f2:11:23:e2:ac:90:6d:8a:06:ce:03:11:66:b5:6a:18:
a6:33:b1:3e:34:25:a9:6e:fa:f5:73:75:ce:4f:1b:0b:63:f2:
f6:80:d4:5f:d2:3c:44:df:f7:bf:b2:19:db:0b:85:21:db:e2:
43:da:37:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGfLcr3MEZB23RIy0qX4fT0JWnOAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwMTdaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmMWFjOWFiZTUxNzY2MTJlNTY3MWYzZWM4YWVlMDFlY2QyNTcxNGUxOGFj
ZmFlYzE4YmY1YmJhY2M5OTkyZTMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALa9+ln7MLy6zP/UfD7KY5SNb/YuxyI1rvgImGLTTs3ZREV2jkrPizHMwcc9
ynrfBjD5gaFYwYqIfUM4oG8VJxsthEFhhZVe6W+9LMxoNJsqLfb4tMw09bzJm5Pq
hcJ4fb7d334rKzf3ZwyBs8zDgBM34n88FydzwocB152gvE1yBdX7iDaFbt1pGkSp
lao1B/PFH74mTz2dU0yV2RYXKA2fNNdY1fV4hR3/u6IjpyPwTcKjmO57tny8WzzC
QJAejbN4QlANOjFe1eNtSw/7fqz91ifzA9JqooTyGAfGCg0Z89howatIOU+fk4CV
QkLA8TyxqbuC3yndHUcUMKmnoFsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR2VZyU
r4m7D8niS8pQENyk24EOMDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWEzZTExMmQtYzhiNS00YTQyLTliN2EtYTVjNTY3YjZkYjMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8OI
MA0GCSqGSIb3DQEBCwUAA4IBAQCDQW1ShKMQg/HrpAF6lfo9HhWD9f70zHrj2eD4
VnjlnkkZ3/kl9/WWvGt51Mbg/UPFHCzd8o8oAx0/C6BndqNvmJk/md5TVa25q4bv
eNF8owuLpuVNY0aHB8FPakDOx+/UoGkKl29DlLyVe4+Wyqj1nYp4LHH4SOVIgz+C
Z8zGeaZi5pXci5Tr90GqSD4GWNH9o2vf6Lw23RadhdY66JgCpqr9vlEDwQa8JwY+
u8OAuQMJc3FEq2OKKTKDmUXR7pmAwDlHSO4WafIRI+KskG2KBs4DEWa1ahimM7E+
NCWpbvr1c3XOTxsLY/L2gNRf0jxE3/e/shnbC4Uh2+JD2jeB
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:41 2025 by rpki-client