Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
File: 78ea1ce2-8d09-441d-ad92-848a5871e58b.roa (raw, json)
Hash identifier: uTkUq8JvlV4ZNM3086pNfvsC9J6sZO2foV6lm039XcM=
Subject key identifier: 54:D3:BD:17:F7:08:8E:50:E4:02:E3:59:BE:3E:5E:3E:A0:5B:F8:46
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2E3A2E95276F36C2320E030E90E09A5B082CFB9A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
Signing time: Sat 09 Aug 2025 00:20:06 +0000
ROA not before: Sat 09 Aug 2025 00:20:06 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:3a:2e:95:27:6f:36:c2:32:0e:03:0e:90:e0:9a:5b:08:2c:fb:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:06 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=642f130d47271bb6da0b091d113aa2eb3acdea4a263d0ded9c9feac9d525b757, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:46:ba:cc:de:e2:fe:54:38:e2:18:ef:46:49:
2f:a1:cb:d3:dc:2c:6b:46:56:e8:35:e7:75:06:ee:
b5:23:ff:14:dd:be:27:f8:52:bf:5e:0e:59:c8:5e:
8a:08:01:5c:a4:fa:ff:cf:61:63:22:db:e7:06:b3:
18:91:aa:24:88:22:cc:24:aa:7b:b1:37:f1:6f:7f:
bf:73:bc:58:24:32:28:40:11:90:b0:46:9f:2c:4c:
fa:29:05:9a:a6:29:06:07:f2:38:bb:a5:42:99:3d:
47:87:2a:04:1c:0d:98:2b:56:82:c7:1a:a9:72:e7:
4c:45:a3:a2:1b:f5:5c:93:ae:64:e1:74:34:04:4f:
37:26:03:76:c7:6c:74:dc:d9:ee:7e:10:02:1a:e9:
d0:8d:d2:d5:d3:f6:93:e8:9f:1e:a6:10:31:8f:0a:
2c:51:71:a4:1b:19:89:be:0e:ab:59:0e:28:30:0a:
c7:f5:2a:f5:a5:df:21:15:7c:57:5c:4c:ec:10:fe:
52:4e:10:86:2f:ec:67:c5:32:58:c5:da:fa:d8:f8:
90:e1:69:04:13:19:2f:db:66:8b:8f:79:0e:93:b5:
ac:d5:fa:20:da:10:61:38:dc:41:ca:1a:33:28:54:
5b:40:a5:a7:df:57:dd:70:3b:8e:01:49:91:18:da:
0e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:D3:BD:17:F7:08:8E:50:E4:02:E3:59:BE:3E:5E:3E:A0:5B:F8:46
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3::/36
Signature Algorithm: sha256WithRSAEncryption
68:d9:41:64:e3:55:34:a3:2a:76:44:28:a6:e3:30:e7:67:51:
81:87:47:35:65:df:84:8a:b2:4f:fa:97:bd:d8:85:3e:3a:94:
02:b0:ff:6d:4d:67:12:36:b0:85:c9:1a:15:de:0b:b9:4b:e3:
55:e4:0c:1f:55:e5:75:4c:64:bb:0f:7f:db:05:de:b6:93:ec:
78:0b:87:0a:cc:cc:c9:af:9c:eb:96:e2:5e:29:cb:37:f6:7e:
ef:53:8c:c9:f1:b2:66:02:78:f1:be:2d:af:a5:17:a0:89:38:
ce:7e:69:cf:95:91:9f:ec:d8:35:d7:43:32:6c:c8:7b:bc:70:
16:21:01:aa:10:36:b1:b8:5d:f8:1e:c4:66:98:b0:58:20:7d:
5a:b7:89:a7:d4:83:d0:97:11:a1:c9:8e:00:a5:e3:f0:bf:97:
7d:91:ef:73:2d:84:37:56:7b:0f:b8:d5:8c:4f:bb:d1:22:9a:
53:15:88:07:46:16:d6:97:45:f9:4f:c9:b5:1e:ed:3c:78:a7:
7f:da:66:5d:61:05:64:45:8a:ee:b6:97:51:1d:d5:08:f6:97:
b0:0f:60:f1:c3:ff:33:53:be:b6:dd:c3:55:d6:13:3d:b9:fa:
6c:98:e7:2f:b8:f3:f9:dd:c3:d8:38:bd:7c:e6:99:52:34:ba:
35:f5:af:f7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULjoulSdvNsIyDgMOkOCaWwgs+5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwMDZaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0MmYxMzBkNDcyNzFiYjZkYTBiMDkxZDExM2FhMmViM2FjZGVhNGEyNjNk
MGRlZDljOWZlYWM5ZDUyNWI3NTcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO5Gusze4v5UOOIY70ZJL6HL09wsa0ZW6DXndQbutSP/FN2+J/hSv14OWche
iggBXKT6/89hYyLb5wazGJGqJIgizCSqe7E38W9/v3O8WCQyKEARkLBGnyxM+ikF
mqYpBgfyOLulQpk9R4cqBBwNmCtWgscaqXLnTEWjohv1XJOuZOF0NARPNyYDdsds
dNzZ7n4QAhrp0I3S1dP2k+ifHqYQMY8KLFFxpBsZib4Oq1kOKDAKx/Uq9aXfIRV8
V1xM7BD+Uk4Qhi/sZ8UyWMXa+tj4kOFpBBMZL9tmi495DpO1rNX6INoQYTjcQcoa
MyhUW0Clp99X3XA7jgFJkRjaDusCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRU070X
9wiOUOQC41m+Pl4+oFv4RjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NzhlYTFjZTItOGQwOS00NDFkLWFkOTItODQ4YTU4NzFlNThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8MA
MA0GCSqGSIb3DQEBCwUAA4IBAQBo2UFk41U0oyp2RCim4zDnZ1GBh0c1Zd+EirJP
+pe92IU+OpQCsP9tTWcSNrCFyRoV3gu5S+NV5AwfVeV1TGS7D3/bBd62k+x4C4cK
zMzJr5zrluJeKcs39n7vU4zJ8bJmAnjxvi2vpRegiTjOfmnPlZGf7Ng110MybMh7
vHAWIQGqEDaxuF34HsRmmLBYIH1at4mn1IPQlxGhyY4ApePwv5d9ke9zLYQ3VnsP
uNWMT7vRIppTFYgHRhbWl0X5T8m1Hu08eKd/2mZdYQVkRYrutpdRHdUI9pewD2Dx
w/8zU7623cNV1hM9ufpsmOcvuPP53cPYOL185plSNLo19a/3
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:00:47 2025 by rpki-client