Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
File: bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa (raw, json)
Hash identifier: GUoI4eaC6Ji46kwxepTvBNnEG4L1YrwJzAmKDmxXOQ8=
Subject key identifier: 1D:19:95:49:E5:26:7D:FA:DB:7F:93:9B:FB:9B:4B:D4:55:44:20:8B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 59D95582037C060AA6900B85F1BE9AF5F5875674
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
Signing time: Sat 09 Aug 2025 00:21:22 +0000
ROA not before: Sat 09 Aug 2025 00:21:22 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:a000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:d9:55:82:03:7c:06:0a:a6:90:0b:85:f1:be:9a:f5:f5:87:56:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:22 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=4a7d6713e08828d488e5b31ee517a88de5c01d5600fab4dd37dd0ca4bcbeb4f9, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3c:1f:86:c3:0d:f5:58:b6:0d:14:10:00:a8:
5f:78:b1:86:a0:10:9e:55:44:ad:97:84:7f:3e:6f:
bf:ad:ea:8d:96:8a:04:c1:60:18:76:56:4d:73:0e:
ac:af:03:b3:ea:b8:68:7b:c5:fd:60:17:63:de:57:
e8:10:6a:a5:84:c8:46:1f:b1:12:a0:a3:ec:64:d5:
d5:0c:ff:32:a9:f9:d0:d5:05:85:c6:72:58:55:b6:
b6:9d:8e:53:2e:69:6d:3e:9b:be:b1:a9:f3:81:dc:
d2:3d:2f:5c:c4:12:b9:6b:f3:c9:16:a7:d9:cd:fa:
de:18:6d:5c:6d:35:a2:cb:36:77:22:19:c8:c6:43:
12:48:d7:3e:ab:f1:f8:7e:c9:f9:d1:a4:76:89:c5:
bd:76:38:77:a6:9f:84:ea:0a:11:c5:c4:a2:4e:71:
db:4b:a8:1b:22:51:02:5d:f2:93:b5:74:08:92:e7:
5e:40:0a:0c:be:c3:a6:b3:20:92:36:16:9b:0b:dc:
a7:e3:bf:54:64:d4:c0:ed:5d:20:9f:36:8d:4a:4b:
62:e7:08:c5:88:9f:c3:86:f4:bf:dd:09:97:f6:30:
72:c3:30:18:9b:36:ed:36:c8:27:96:bf:05:bb:c0:
64:42:a6:c8:93:fe:a5:3a:b5:c4:9b:9f:3d:a5:2a:
84:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:19:95:49:E5:26:7D:FA:DB:7F:93:9B:FB:9B:4B:D4:55:44:20:8B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:a000::/36
Signature Algorithm: sha256WithRSAEncryption
30:c0:15:87:30:8a:93:a3:16:bc:79:61:30:8e:80:e5:30:2c:
b6:f0:75:2d:ad:9b:84:80:46:64:e1:b2:a2:61:76:98:a9:64:
34:a2:5b:1e:cb:f3:9b:63:7f:85:0d:47:59:62:49:6f:9b:a3:
2d:52:2b:6b:7d:d9:97:f2:1c:a1:85:e4:17:2a:2b:ef:0c:49:
61:9c:50:a8:07:9b:3e:0a:b3:d2:10:5e:3f:fe:72:56:75:13:
55:2e:02:e2:52:ce:6f:8f:f2:f8:93:e7:1f:02:7c:2b:e3:47:
50:5c:93:8e:25:67:6f:46:fb:17:98:45:12:05:9b:93:4d:ab:
83:f1:c6:da:34:1c:d1:94:c7:bd:1f:94:ef:d0:15:6a:b1:b1:
3b:4d:e6:b5:17:13:86:6d:05:09:7a:8e:d0:24:e5:9b:dc:94:
6f:8d:9d:a7:ee:a0:79:df:aa:24:3a:8e:eb:2f:6e:f2:d2:97:
0f:5d:b1:9b:8f:d5:ac:1f:d8:73:c3:cd:5d:e0:a6:a4:c4:8a:
f4:cd:f7:9d:a0:a2:38:39:5e:8b:e0:f1:df:78:4a:ee:fb:07:
0a:6f:bd:32:f9:4c:52:0d:49:9e:9f:14:b8:2b:5b:c1:03:62:
ae:d0:8f:da:7f:ab:a1:dc:f3:be:fe:79:79:a1:33:43:68:5a:
ee:3f:ca:6e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWdlVggN8BgqmkAuF8b6a9fWHVnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMjJaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhN2Q2NzEzZTA4ODI4ZDQ4OGU1YjMxZWU1MTdhODhkZTVjMDFkNTYwMGZh
YjRkZDM3ZGQwY2E0YmNiZWI0ZjkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANg8H4bDDfVYtg0UEACoX3ixhqAQnlVErZeEfz5vv63qjZaKBMFgGHZWTXMO
rK8Ds+q4aHvF/WAXY95X6BBqpYTIRh+xEqCj7GTV1Qz/Mqn50NUFhcZyWFW2tp2O
Uy5pbT6bvrGp84Hc0j0vXMQSuWvzyRan2c363hhtXG01oss2dyIZyMZDEkjXPqvx
+H7J+dGkdonFvXY4d6afhOoKEcXEok5x20uoGyJRAl3yk7V0CJLnXkAKDL7DprMg
kjYWmwvcp+O/VGTUwO1dIJ82jUpLYucIxYifw4b0v90Jl/YwcsMwGJs27TbIJ5a/
BbvAZEKmyJP+pTq1xJufPaUqhKUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQdGZVJ
5SZ9+tt/k5v7m0vUVUQgizAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmZkNDYyYmQtMmUxZi00ODVmLWFhOWMtZTdlMGMwYmNiNjkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eg
MA0GCSqGSIb3DQEBCwUAA4IBAQAwwBWHMIqToxa8eWEwjoDlMCy28HUtrZuEgEZk
4bKiYXaYqWQ0olsey/ObY3+FDUdZYklvm6MtUitrfdmX8hyhheQXKivvDElhnFCo
B5s+CrPSEF4//nJWdRNVLgLiUs5vj/L4k+cfAnwr40dQXJOOJWdvRvsXmEUSBZuT
TauD8cbaNBzRlMe9H5Tv0BVqsbE7Tea1FxOGbQUJeo7QJOWb3JRvjZ2n7qB536ok
Oo7rL27y0pcPXbGbj9WsH9hzw81d4KakxIr0zfedoKI4OV6L4PHfeEru+wcKb70y
+UxSDUmenxS4K1vBA2Ku0I/af6uh3PO+/nl5oTNDaFruP8pu
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:24:33 2025 by rpki-client