Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
File: 7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa (raw, json)
Hash identifier: fJfL1Txy536zHNLj6xh7Pbkwd2JQBbobrUj6rQjbKRM=
Subject key identifier: ED:FA:1D:39:16:03:01:0B:AB:9A:59:CA:BE:52:CC:68:A7:96:E8:B4
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 161DD41CCF101ECFE0224B4FB781B8FAE71CB850
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
Signing time: Sat 09 Aug 2025 00:20:00 +0000
ROA not before: Sat 09 Aug 2025 00:20:00 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc3:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:1d:d4:1c:cf:10:1e:cf:e0:22:4b:4f:b7:81:b8:fa:e7:1c:b8:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:00 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=9e11f3efbd8660307a0df631cc9ab9367ccc07e961b01da4229f362b6d6ef098, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fd:8e:62:7c:51:89:23:55:8a:19:3c:87:8b:
8b:f5:b9:b0:0f:c9:a4:df:cf:fc:5b:68:6c:02:f8:
6e:82:c9:f1:22:8c:c3:e6:2f:53:3b:9d:8a:2f:e8:
e5:41:14:7c:01:4a:08:86:8c:c3:cb:44:7d:7e:b3:
7d:cf:2a:cc:8c:d2:fe:c1:74:c1:6a:ad:84:ac:cd:
ba:00:9c:a6:12:ff:4a:cc:2a:2f:9d:ec:06:08:0a:
97:33:1c:b7:09:95:bc:1f:2d:e9:67:b8:aa:dd:53:
b7:d8:bf:03:c7:23:13:ba:ee:79:f4:d0:85:7f:e6:
1d:76:09:5f:a2:1d:e8:ef:62:74:e2:8d:9a:e8:32:
81:6f:63:34:f2:4e:d3:d8:ac:73:3b:c8:52:98:1f:
c4:14:b7:3d:64:be:20:8f:b6:08:05:ad:48:26:9d:
6f:2c:f4:a4:b0:48:87:11:be:02:d5:dc:29:53:22:
11:c4:72:02:0d:d5:f0:24:d5:de:6d:9a:53:93:7d:
46:4a:f8:6f:43:3f:09:62:2d:06:fc:56:24:f0:0a:
5b:bd:25:61:85:c3:25:11:6a:1b:55:4c:39:4c:5d:
79:97:bb:4b:28:7f:ac:13:aa:68:32:26:b3:18:c9:
7c:f4:d0:3f:f1:86:11:6a:5f:cd:c3:f2:c8:47:47:
cf:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:FA:1D:39:16:03:01:0B:AB:9A:59:CA:BE:52:CC:68:A7:96:E8:B4
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:800::/40
Signature Algorithm: sha256WithRSAEncryption
32:57:01:3b:61:8f:ff:ea:01:79:9d:ec:38:53:50:92:2b:33:
2b:90:31:de:8f:4c:37:12:53:4a:2c:9f:47:a5:7c:e4:39:16:
73:1d:d0:71:81:51:4f:f8:a5:24:2e:8c:f7:f0:d8:8c:14:9d:
f0:a5:93:26:77:ff:80:45:f1:0a:a0:ae:05:4b:0b:cf:0a:1f:
68:de:7c:96:0c:3f:0f:fe:75:b4:71:e7:43:09:f6:79:c1:ae:
33:f9:3b:de:66:88:32:e4:00:1e:7f:14:27:ee:c2:ac:a3:0f:
ee:f2:d9:d5:f5:10:4c:7b:66:82:c8:05:c0:d9:a5:04:4c:e0:
2d:79:a8:14:13:a9:bc:7c:6b:b6:e5:21:fe:b3:f3:9f:3b:c9:
fb:84:c0:32:cc:93:2d:d4:f3:28:2d:8c:60:fc:6d:39:f4:60:
04:7d:f3:09:e7:06:99:61:a9:45:02:95:38:e8:50:ed:f0:70:
d1:d2:83:50:9d:f0:69:5b:b4:f6:56:34:0e:46:83:a3:f9:f5:
d4:c0:a9:b4:66:78:b5:73:61:1a:22:d9:62:ab:11:31:88:44:
7a:8e:75:95:73:dd:61:70:ad:21:55:7d:48:d4:ba:70:b0:b6:
e7:a2:6b:e3:02:7e:bb:f2:36:92:83:f7:99:89:8f:92:51:37:
5d:09:9a:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFh3UHM8QHs/gIktPt4G4+uccuFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwMDBaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDllMTFmM2VmYmQ4NjYwMzA3YTBkZjYzMWNjOWFiOTM2N2NjYzA3ZTk2MWIw
MWRhNDIyOWYzNjJiNmQ2ZWYwOTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALP9jmJ8UYkjVYoZPIeLi/W5sA/JpN/P/FtobAL4boLJ8SKMw+YvUzudii/o
5UEUfAFKCIaMw8tEfX6zfc8qzIzS/sF0wWqthKzNugCcphL/SswqL53sBggKlzMc
twmVvB8t6We4qt1Tt9i/A8cjE7ruefTQhX/mHXYJX6Id6O9idOKNmugygW9jNPJO
09isczvIUpgfxBS3PWS+II+2CAWtSCadbyz0pLBIhxG+AtXcKVMiEcRyAg3V8CTV
3m2aU5N9Rkr4b0M/CWItBvxWJPAKW70lYYXDJRFqG1VMOUxdeZe7Syh/rBOqaDIm
sxjJfPTQP/GGEWpfzcPyyEdHz00CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTt+h05
FgMBC6uaWcq+Usxop5botDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NzE0NmQyNGEtNDhkYy00NWIxLWFjMWItMmE2YzJkN2I3YjE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI
MA0GCSqGSIb3DQEBCwUAA4IBAQAyVwE7YY//6gF5new4U1CSKzMrkDHej0w3ElNK
LJ9HpXzkORZzHdBxgVFP+KUkLoz38NiMFJ3wpZMmd/+ARfEKoK4FSwvPCh9o3nyW
DD8P/nW0cedDCfZ5wa4z+TveZogy5AAefxQn7sKsow/u8tnV9RBMe2aCyAXA2aUE
TOAteagUE6m8fGu25SH+s/OfO8n7hMAyzJMt1PMoLYxg/G059GAEffMJ5waZYalF
ApU46FDt8HDR0oNQnfBpW7T2VjQORoOj+fXUwKm0Zni1c2EaItliqxExiER6jnWV
c91hcK0hVX1I1LpwsLbnomvjAn678jaSg/eZiY+SUTddCZqZ
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:46:44 2025 by rpki-client