Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
File: a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa (raw, json)
Hash identifier: MSdCxg1jaT14UG7snCzi7OdYRFUDfVTbT59n1QbcgBo=
Subject key identifier: 1D:54:9B:98:E9:1F:31:3D:77:DF:8D:6D:62:0E:F2:8B:7B:F7:0E:65
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0A7114CCBE6EE731A7E3BB9D50BE05DC10099D44
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
Signing time: Sat 09 Aug 2025 00:21:12 +0000
ROA not before: Sat 09 Aug 2025 00:21:12 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:71:14:cc:be:6e:e7:31:a7:e3:bb:9d:50:be:05:dc:10:09:9d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:12 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=abdbf2162731686f55505fb63e65a59084305b7323a3df303a3f1a2455530597, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:be:da:45:8e:96:bc:19:e6:a2:64:ce:2d:b7:
b3:08:4d:af:a3:dc:5d:de:d7:53:a0:da:12:65:26:
a1:eb:1b:3d:f5:ef:aa:c1:2c:cc:b9:df:2c:ec:d7:
12:e9:26:f9:d0:cf:ab:da:3b:a9:fd:dc:77:8f:32:
2a:5a:3c:78:80:f1:0f:1a:c4:8c:60:7d:8a:0e:ff:
50:19:6d:3a:49:6c:28:8b:15:2e:63:38:86:69:8b:
1b:cd:fa:9e:80:fb:20:17:d5:2c:d1:35:d1:95:f8:
48:62:e1:ff:fb:04:0b:0f:99:96:16:3b:60:46:20:
0c:b8:8a:6a:68:e8:d6:92:a2:53:d3:d1:e7:60:1d:
73:d6:19:6d:b6:34:9f:fb:19:1a:3a:4a:7b:18:1c:
27:95:59:8f:16:4d:8a:74:59:83:e9:79:3e:51:05:
eb:a3:31:31:f0:6c:f8:57:f3:6f:12:de:3c:e0:5a:
ae:cf:fd:91:ef:bf:ca:9a:35:02:99:07:fe:ef:3e:
92:b5:6a:87:5f:54:65:90:61:39:86:ab:42:19:b2:
14:f3:fe:14:30:8c:f5:4e:a2:11:44:bb:1f:29:c9:
db:b6:ef:21:17:e5:83:05:70:d0:b3:59:d1:e0:63:
35:68:bd:40:90:34:a8:33:1c:0c:17:b2:ba:67:9e:
6b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:54:9B:98:E9:1F:31:3D:77:DF:8D:6D:62:0E:F2:8B:7B:F7:0E:65
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1::/32
Signature Algorithm: sha256WithRSAEncryption
79:2e:49:66:66:ad:1b:58:fc:e0:74:c1:6b:81:91:fc:36:4d:
62:76:41:80:0e:4c:54:52:0f:fb:e1:d5:50:64:9c:dc:82:61:
ae:dd:33:85:25:ff:f7:b1:b0:28:d9:4c:ce:65:81:ba:2c:93:
29:82:71:20:83:bc:73:ab:f0:4e:8b:97:60:1c:9e:86:99:0d:
69:22:06:02:84:e7:ac:e4:01:ca:28:04:ff:fa:07:d6:90:84:
03:cb:03:dd:6c:52:b7:d9:37:cb:3b:e0:83:d0:5a:bd:4b:f2:
38:93:a2:9a:40:c2:21:e6:57:8c:81:33:4e:f1:b3:9d:a1:f2:
cb:3c:d4:2a:27:d0:50:c4:69:a6:51:dc:fc:83:16:cd:cb:ed:
e5:9b:aa:3b:79:65:c8:e1:14:43:6d:e4:19:5b:65:5a:55:ad:
b0:59:dc:8b:89:71:dc:e1:e3:d4:cc:c5:6b:46:09:4b:77:61:
a3:61:d2:c2:37:fb:97:bc:c8:85:64:d8:46:76:57:9c:b4:1d:
3f:f4:0e:7b:9e:24:dc:c6:a8:68:f8:99:f1:12:e8:b3:3c:36:
2a:a1:0f:ae:a9:45:82:f1:bd:81:51:8f:33:05:03:56:54:8e:
25:21:8d:2e:62:c1:13:ee:c2:42:df:5e:23:69:5e:9d:a5:ec:
fa:bc:fe:36
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUCnEUzL5u5zGn47udUL4F3BAJnUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMTJaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiZGJmMjE2MjczMTY4NmY1NTUwNWZiNjNlNjVhNTkwODQzMDViNzMyM2Ez
ZGYzMDNhM2YxYTI0NTU1MzA1OTcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANm+2kWOlrwZ5qJkzi23swhNr6PcXd7XU6DaEmUmoesbPfXvqsEszLnfLOzX
Eukm+dDPq9o7qf3cd48yKlo8eIDxDxrEjGB9ig7/UBltOklsKIsVLmM4hmmLG836
noD7IBfVLNE10ZX4SGLh//sECw+ZlhY7YEYgDLiKamjo1pKiU9PR52Adc9YZbbY0
n/sZGjpKexgcJ5VZjxZNinRZg+l5PlEF66MxMfBs+FfzbxLePOBars/9ke+/ypo1
ApkH/u8+krVqh19UZZBhOYarQhmyFPP+FDCM9U6iEUS7HynJ27bvIRflgwVw0LNZ
0eBjNWi9QJA0qDMcDBeyumeeazMCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQdVJuY
6R8xPXffjW1iDvKLe/cOZTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTk3MmZlOWItYzM5Zi00OGQxLThiMTktYzE0Y2JhZjE2MjM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Ew
DQYJKoZIhvcNAQELBQADggEBAHkuSWZmrRtY/OB0wWuBkfw2TWJ2QYAOTFRSD/vh
1VBknNyCYa7dM4Ul//exsCjZTM5lgboskymCcSCDvHOr8E6Ll2AcnoaZDWkiBgKE
56zkAcooBP/6B9aQhAPLA91sUrfZN8s74IPQWr1L8jiToppAwiHmV4yBM07xs52h
8ss81Con0FDEaaZR3PyDFs3L7eWbqjt5ZcjhFENt5BlbZVpVrbBZ3IuJcdzh49TM
xWtGCUt3YaNh0sI3+5e8yIVk2EZ2V5y0HT/0DnueJNzGqGj4mfES6LM8NiqhD66p
RYLxvYFRjzMFA1ZUjiUhjS5iwRPuwkLfXiNpXp2l7Pq8/jY=
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:35:00 2025 by rpki-client