Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
File: bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa (raw, json)
Hash identifier: WLBV0S/4YFiXibsaoNIjd24o1DvTO9Xam9CsDkoDDZI=
Subject key identifier: 58:B9:53:DE:F9:39:B4:D7:94:16:20:8F:48:1A:05:9F:B8:B1:71:0A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6DDCA3D086AED14CB9C26C2094A4F20C520041A1
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
Signing time: Sat 09 Aug 2025 00:20:52 +0000
ROA not before: Sat 09 Aug 2025 00:20:52 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:dc:a3:d0:86:ae:d1:4c:b9:c2:6c:20:94:a4:f2:0c:52:00:41:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:52 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=552a55349e0682975fc405f74c28dd0ebb8140f50afffb339485975d897f5a08, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b7:f6:63:fd:b3:ea:18:ba:55:84:9a:05:42:
90:cc:aa:2f:b2:ac:5b:80:6c:89:af:70:30:b8:0f:
c6:e5:ad:59:97:65:f7:48:64:7b:2e:68:a1:04:f0:
80:3a:67:fa:63:62:67:a0:e5:0f:4c:fc:83:b1:26:
5f:b7:6f:65:0f:86:0c:ba:7a:b4:ef:cc:b9:e1:a4:
ed:22:fe:fb:bf:6c:99:35:b3:df:dd:bb:21:f2:64:
04:e8:47:36:e1:c2:f7:40:fa:70:8a:41:b1:75:d9:
0f:c9:db:40:f4:ab:92:95:ac:2d:6a:e3:63:97:6b:
a5:e5:33:87:b3:0e:d9:fe:70:bf:66:64:e2:dd:e2:
b5:2e:56:b1:bb:bc:af:8e:0f:ea:f0:ef:73:64:75:
48:a2:84:70:57:b8:59:e3:7a:6c:fe:8d:d9:3e:77:
1f:01:c4:fd:30:9f:35:24:1f:e1:63:ea:37:70:73:
d1:29:91:b3:d1:8f:0e:5e:a2:99:9e:37:17:03:5b:
3e:db:1b:83:f0:e1:73:9a:a7:a4:ee:d8:9b:29:fd:
03:47:01:70:db:4d:36:e5:72:ba:91:4a:3e:4e:3a:
8e:54:89:bc:b9:59:72:98:9e:35:e2:1a:46:93:b7:
37:11:29:6b:6c:26:fa:6a:55:a3:85:8e:e2:3a:c3:
51:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:B9:53:DE:F9:39:B4:D7:94:16:20:8F:48:1A:05:9F:B8:B1:71:0A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f880::/48
Signature Algorithm: sha256WithRSAEncryption
94:d8:df:47:bf:92:49:06:85:33:d6:e9:e0:fc:44:09:25:27:
bf:10:d0:63:90:6d:ad:1b:7b:2d:40:44:50:26:d6:a1:19:9f:
df:7f:d2:d3:61:e6:7e:db:ae:35:aa:ff:bd:b5:6e:21:89:15:
1d:06:60:30:1c:eb:32:f8:36:0c:57:e1:c0:d9:c3:c6:97:3b:
5c:7f:0b:68:7a:92:aa:a3:41:a8:aa:0f:d3:54:e2:9c:a3:f3:
6f:7c:e1:6e:46:57:ff:e4:c9:7c:d4:18:40:c0:f2:98:e9:8b:
90:63:24:91:a8:1c:7c:31:c5:e7:78:5e:2b:9f:ee:8d:7f:81:
1a:74:5c:d9:e6:fb:3b:b2:f8:32:d3:3f:0e:9f:d0:d7:7a:bb:
4a:f5:61:e5:86:5d:c8:6b:d2:59:37:60:d2:21:57:64:f1:17:
e4:58:5b:82:55:ad:a7:ac:4c:7a:80:e9:72:7e:af:b2:0a:05:
99:06:bb:0c:60:fa:c7:e3:e5:f9:5f:53:d1:d7:60:4b:81:5e:
d9:8d:97:3e:3a:cb:a7:95:62:c6:57:8d:04:cd:b6:9a:3f:7b:
be:6b:0a:fb:80:7b:2e:39:13:d1:bf:b1:44:6f:7c:0e:88:a4:
9b:46:0e:b0:a3:01:5f:5e:d2:44:26:c4:60:af:b7:48:65:8f:
79:e0:a4:54
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbdyj0Iau0Uy5wmwglKTyDFIAQaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwNTJaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1MmE1NTM0OWUwNjgyOTc1ZmM0MDVmNzRjMjhkZDBlYmI4MTQwZjUwYWZm
ZmIzMzk0ODU5NzVkODk3ZjVhMDgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALy39mP9s+oYulWEmgVCkMyqL7KsW4Bsia9wMLgPxuWtWZdl90hkey5ooQTw
gDpn+mNiZ6DlD0z8g7EmX7dvZQ+GDLp6tO/MueGk7SL++79smTWz3927IfJkBOhH
NuHC90D6cIpBsXXZD8nbQPSrkpWsLWrjY5drpeUzh7MO2f5wv2Zk4t3itS5Wsbu8
r44P6vDvc2R1SKKEcFe4WeN6bP6N2T53HwHE/TCfNSQf4WPqN3Bz0SmRs9GPDl6i
mZ43FwNbPtsbg/Dhc5qnpO7Ymyn9A0cBcNtNNuVyupFKPk46jlSJvLlZcpieNeIa
RpO3NxEpa2wm+mpVo4WO4jrDUbECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRYuVPe
+Tm015QWII9IGgWfuLFxCjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmI5MjY4NTMtZjNhZC00ZjFhLWIwMjQtMTJiMzRjNTVkNWJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
gDANBgkqhkiG9w0BAQsFAAOCAQEAlNjfR7+SSQaFM9bp4PxECSUnvxDQY5BtrRt7
LUBEUCbWoRmf33/S02HmftuuNar/vbVuIYkVHQZgMBzrMvg2DFfhwNnDxpc7XH8L
aHqSqqNBqKoP01TinKPzb3zhbkZX/+TJfNQYQMDymOmLkGMkkagcfDHF53heK5/u
jX+BGnRc2eb7O7L4MtM/Dp/Q13q7SvVh5YZdyGvSWTdg0iFXZPEX5FhbglWtp6xM
eoDpcn6vsgoFmQa7DGD6x+Pl+V9T0ddgS4Fe2Y2XPjrLp5VixleNBM22mj97vmsK
+4B7LjkT0b+xRG98Doikm0YOsKMBX17SRCbEYK+3SGWPeeCkVA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:07:50 2025 by rpki-client