Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa
File: baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa (raw, json)
Hash identifier: 8wDBMlewPHkTCc3W5X15TKT/y81RZb/igTfEmuiuDtE=
Subject key identifier: D6:EE:14:E2:F2:71:71:3F:2F:1D:33:FC:A1:B6:FC:94:5A:50:ED:32
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6AB94F8DAA648CA82D41D1833A00806C8A143A50
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa
Signing time: Sat 09 Aug 2025 00:20:07 +0000
ROA not before: Sat 09 Aug 2025 00:20:07 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:b9:4f:8d:aa:64:8c:a8:2d:41:d1:83:3a:00:80:6c:8a:14:3a:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:07 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=2931b5ae9f133edd4c8dda08b57ca5dcaec6ba938bdf136a22308910cd47610d, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ef:d6:d5:42:37:aa:a9:e0:78:a7:d6:ce:56:
69:00:f7:e6:d8:8a:26:51:3f:ea:b4:15:c9:51:b7:
3d:96:e5:d4:d4:31:d0:bb:1f:62:38:88:5a:64:ee:
41:dc:26:48:f9:a1:13:08:d9:83:8b:43:7e:47:95:
cc:ad:96:2c:f7:1f:e3:d7:19:0e:49:e8:c0:1c:e5:
75:5a:c0:cd:1a:d4:8b:b8:58:70:26:c4:b6:86:27:
9a:20:30:be:94:ce:c6:57:1c:e3:42:11:45:55:2d:
0c:cb:27:68:6c:42:e4:5c:4f:7f:e6:6c:8f:58:60:
96:0c:c5:7f:ae:67:1b:ee:1e:0b:bc:1d:c2:4f:d4:
91:c8:f2:eb:ad:75:2e:2a:3b:1d:0a:40:7a:af:31:
a6:9d:14:38:7d:c1:16:80:e6:c7:3e:b3:89:bd:dc:
83:c8:2c:a2:d3:07:10:29:3a:3f:d3:c8:36:2e:2d:
8a:8c:31:0f:40:f1:8d:10:3f:36:04:64:eb:48:00:
65:34:83:5a:74:88:e5:b8:76:9a:ef:a3:47:85:cc:
bb:78:e2:d8:59:43:42:af:e1:d8:f9:b5:e0:d7:44:
62:d7:b1:6a:38:39:5f:22:7a:76:70:d6:96:0f:5f:
6e:b5:ad:c2:6d:a5:e2:ef:60:19:90:72:53:d3:b9:
50:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:EE:14:E2:F2:71:71:3F:2F:1D:33:FC:A1:B6:FC:94:5A:50:ED:32
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:6000::/36
Signature Algorithm: sha256WithRSAEncryption
9c:c1:92:16:02:a7:81:43:b0:46:4d:c1:6b:49:8f:8a:f9:e1:
e7:52:88:92:5f:25:7f:cf:58:d8:ac:18:19:21:d2:77:60:e1:
85:87:29:a8:2d:8e:26:03:ba:85:dc:14:04:03:48:cb:1d:57:
de:40:11:ba:07:48:c8:e6:37:56:89:7b:18:d3:da:56:10:4b:
91:1c:8f:e6:1a:b1:e3:fb:80:57:a8:cc:25:dc:59:21:18:31:
2b:70:a9:28:47:57:7a:2c:a3:ce:54:e0:08:af:d1:c6:c1:3a:
70:e7:39:13:14:ef:84:b1:cb:59:80:e7:29:1b:27:f9:6d:02:
5a:5e:fe:b8:66:d3:8c:d2:74:c2:e9:c8:12:ae:bc:07:04:da:
61:93:73:4f:69:00:54:97:74:9e:dd:86:24:49:77:99:df:b9:
c5:37:a8:9d:5a:73:84:d4:49:1a:f3:f6:29:44:9f:a0:be:8e:
47:87:78:01:d2:9e:3b:c5:8e:7a:c7:06:80:ab:74:fd:d4:30:
fe:55:bf:0a:2a:da:3c:95:9d:09:2c:6b:64:1c:f2:b4:1a:7a:
eb:19:56:ad:a5:3c:ee:9e:eb:44:51:d0:1b:a8:28:32:d8:89:
aa:a8:a6:9c:93:6e:63:ca:57:54:26:d2:6a:34:ac:0d:45:47:
db:46:26:09
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUarlPjapkjKgtQdGDOgCAbIoUOlAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwMDdaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5MzFiNWFlOWYxMzNlZGQ0YzhkZGEwOGI1N2NhNWRjYWVjNmJhOTM4YmRm
MTM2YTIyMzA4OTEwY2Q0NzYxMGQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLv1tVCN6qp4Hin1s5WaQD35tiKJlE/6rQVyVG3PZbl1NQx0LsfYjiIWmTu
QdwmSPmhEwjZg4tDfkeVzK2WLPcf49cZDknowBzldVrAzRrUi7hYcCbEtoYnmiAw
vpTOxlcc40IRRVUtDMsnaGxC5FxPf+Zsj1hglgzFf65nG+4eC7wdwk/Ukcjy6611
Lio7HQpAeq8xpp0UOH3BFoDmxz6zib3cg8gsotMHECk6P9PINi4tiowxD0DxjRA/
NgRk60gAZTSDWnSI5bh2mu+jR4XMu3ji2FlDQq/h2Pm14NdEYtexajg5XyJ6dnDW
lg9fbrWtwm2l4u9gGZByU9O5UE0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTW7hTi
8nFxPy8dM/yhtvyUWlDtMjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmFlZGVkZjItMjZkOC00MmY3LWI4YmMtZmJmMWRjNGZiMDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dg
MA0GCSqGSIb3DQEBCwUAA4IBAQCcwZIWAqeBQ7BGTcFrSY+K+eHnUoiSXyV/z1jY
rBgZIdJ3YOGFhymoLY4mA7qF3BQEA0jLHVfeQBG6B0jI5jdWiXsY09pWEEuRHI/m
GrHj+4BXqMwl3FkhGDErcKkoR1d6LKPOVOAIr9HGwTpw5zkTFO+EsctZgOcpGyf5
bQJaXv64ZtOM0nTC6cgSrrwHBNphk3NPaQBUl3Se3YYkSXeZ37nFN6idWnOE1Eka
8/YpRJ+gvo5Hh3gB0p47xY56xwaAq3T91DD+Vb8KKto8lZ0JLGtkHPK0GnrrGVat
pTzunutEUdAbqCgy2ImqqKack25jyldUJtJqNKwNRUfbRiYJ
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:34:42 2025 by rpki-client