Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9623dcba-6a97-4717-ac77-dd16d3c33f78.roa
File: 9623dcba-6a97-4717-ac77-dd16d3c33f78.roa (raw, json)
Hash identifier: NbCtc6Y3Q9mBtPUg9Ayg0+se9O9zjyg7FyZ97/JAXzc=
Subject key identifier: 45:D2:E3:FB:13:13:95:42:E2:08:AB:59:71:1B:03:6B:69:A1:CA:C5
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 42D9CD7262DA0978E427DA1B5D09E4E527621503
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9623dcba-6a97-4717-ac77-dd16d3c33f78.roa
Signing time: Sat 09 Aug 2025 00:30:04 +0000
ROA not before: Sat 09 Aug 2025 00:30:04 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:d9:cd:72:62:da:09:78:e4:27:da:1b:5d:09:e4:e5:27:62:15:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:30:04 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=bb713ba8eff16e977cd076a09d96a2c26dee1e4dee6388260f21f65674a6b4a4, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8d:1d:cb:bc:17:3a:f1:18:68:69:ae:fe:87:
9e:26:dd:9f:12:e1:a4:6c:8d:5a:c7:21:17:5a:9f:
5e:2b:4f:f6:6d:be:21:2e:ad:58:ac:a3:17:7b:a6:
32:b8:37:86:1b:ed:3a:8c:01:ad:97:14:92:c8:d3:
31:59:59:57:74:4b:16:80:fb:38:27:14:bd:74:09:
bb:e2:04:a0:e9:bc:c0:14:99:f1:7b:fb:f1:09:d5:
0d:cd:21:1a:01:89:17:ad:33:bc:7e:95:34:1d:9c:
51:0f:20:1e:20:76:15:d7:ab:d8:73:e8:89:b4:e3:
f6:f1:79:13:62:bc:35:d3:0a:c0:7c:7f:af:7f:98:
42:1e:8b:05:8c:b8:d7:c2:68:71:73:91:b7:ad:7a:
40:dc:9c:63:73:79:40:98:bd:5d:f3:95:05:c7:0f:
6b:04:86:f4:9f:37:51:d3:ad:5a:b8:f1:e9:f8:ab:
5f:ce:33:7d:bc:48:9b:21:51:5c:67:cc:34:2a:ef:
00:6d:f7:50:d4:dd:1a:8e:10:12:91:6c:fe:a1:45:
6b:08:77:ff:a3:fe:c1:e0:fb:c8:0c:25:01:a2:c8:
b8:14:70:f4:3e:12:97:66:ba:60:64:f6:9f:61:5a:
73:b2:cc:70:b6:d2:04:d4:83:a8:80:5c:99:5a:a8:
e1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:D2:E3:FB:13:13:95:42:E2:08:AB:59:71:1B:03:6B:69:A1:CA:C5
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9623dcba-6a97-4717-ac77-dd16d3c33f78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5::/36
Signature Algorithm: sha256WithRSAEncryption
1a:26:32:05:15:fe:58:c6:7e:0c:1b:ae:31:80:20:0b:3a:e0:
54:d4:8f:ca:4a:cf:6e:bf:46:69:b2:bb:53:f5:60:3b:44:33:
17:80:b9:e5:86:39:3b:60:6d:68:1a:89:45:be:f7:bd:3f:6b:
ed:2e:67:47:3d:f1:be:9b:34:8a:96:fb:e6:14:d7:f9:f8:25:
99:d8:55:20:9f:2b:89:6b:d4:f2:68:1e:ab:e4:6c:15:a0:34:
2a:49:a5:5e:ad:6f:9c:29:b7:84:b0:f4:e7:78:c5:9e:2e:61:
37:c8:9d:42:a9:7c:4a:c3:5e:44:b5:c9:61:37:f0:71:d6:1a:
68:38:58:bf:9e:78:df:aa:4f:84:63:48:3d:6f:27:21:e3:ce:
46:bb:85:8b:1e:65:07:c4:af:4d:08:03:23:39:c8:22:09:3b:
1e:35:8f:bb:59:89:66:1e:17:e5:99:36:e7:82:6d:f1:54:78:
60:e4:95:82:bb:5f:6d:d6:67:9a:5b:13:2a:0c:58:1c:0d:e5:
0a:16:d8:4a:46:ac:1c:e6:45:de:d8:f8:91:05:c8:ae:ff:8f:
f0:c1:49:00:78:85:8c:9b:fc:cd:3d:2f:12:8b:61:92:95:0a:
b0:36:69:5c:d7:64:4b:81:24:10:b8:7a:9c:e3:02:c8:84:34:
9b:4d:b5:96
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQtnNcmLaCXjkJ9obXQnk5SdiFQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDMwMDRaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiNzEzYmE4ZWZmMTZlOTc3Y2QwNzZhMDlkOTZhMmMyNmRlZTFlNGRlZTYz
ODgyNjBmMjFmNjU2NzRhNmI0YTQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMeNHcu8FzrxGGhprv6HnibdnxLhpGyNWschF1qfXitP9m2+IS6tWKyjF3um
Mrg3hhvtOowBrZcUksjTMVlZV3RLFoD7OCcUvXQJu+IEoOm8wBSZ8Xv78QnVDc0h
GgGJF60zvH6VNB2cUQ8gHiB2Fder2HPoibTj9vF5E2K8NdMKwHx/r3+YQh6LBYy4
18JocXORt616QNycY3N5QJi9XfOVBccPawSG9J83UdOtWrjx6firX84zfbxImyFR
XGfMNCrvAG33UNTdGo4QEpFs/qFFawh3/6P+weD7yAwlAaLIuBRw9D4Sl2a6YGT2
n2Fac7LMcLbSBNSDqIBcmVqo4a8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRF0uP7
ExOVQuIIq1lxGwNraaHKxTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
OTYyM2RjYmEtNmE5Ny00NzE3LWFjNzctZGQxNmQzYzMzZjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8UA
MA0GCSqGSIb3DQEBCwUAA4IBAQAaJjIFFf5Yxn4MG64xgCALOuBU1I/KSs9uv0Zp
srtT9WA7RDMXgLnlhjk7YG1oGolFvve9P2vtLmdHPfG+mzSKlvvmFNf5+CWZ2FUg
nyuJa9TyaB6r5GwVoDQqSaVerW+cKbeEsPTneMWeLmE3yJ1CqXxKw15EtclhN/Bx
1hpoOFi/nnjfqk+EY0g9bych485Gu4WLHmUHxK9NCAMjOcgiCTseNY+7WYlmHhfl
mTbngm3xVHhg5JWCu19t1meaWxMqDFgcDeUKFthKRqwc5kXe2PiRBciu/4/wwUkA
eIWMm/zNPS8Si2GSlQqwNmlc12RLgSQQuHqc4wLIhDSbTbWW
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:04:13 2025 by rpki-client