Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa
File: c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa (raw, json)
Hash identifier: DbdCTq0GXfL9MopSbUPVcC8zvoA/QdlVVLL1MXL5ZVo=
Subject key identifier: F4:A9:45:DC:B9:9F:56:11:47:87:29:DA:E0:61:28:99:E3:88:FE:F7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6391BE11BFC6F9F1CD65D4C86BFDC89B90B119C3
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa
Signing time: Sat 09 Aug 2025 00:20:19 +0000
ROA not before: Sat 09 Aug 2025 00:20:19 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:1800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:91:be:11:bf:c6:f9:f1:cd:65:d4:c8:6b:fd:c8:9b:90:b1:19:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:19 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=5e41707f04c267c46897d0c5e6ea588fde7f8ce9dc1c00430b1486b592f14fb6, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3f:2c:a4:7b:c3:43:99:cc:14:12:a2:31:a3:
fd:89:50:e0:cd:1a:fc:af:ba:f3:a0:06:67:b9:04:
b4:d8:15:4c:2b:fb:71:51:82:32:d9:1e:72:fb:fc:
84:b3:c3:0d:93:dc:29:6f:20:bc:f3:cb:1c:c7:d3:
66:4c:b3:32:39:ba:98:0e:38:c9:85:b2:09:06:4b:
48:af:97:8e:bd:6d:8c:6f:42:46:70:a8:ad:19:e3:
3a:f5:94:28:a7:1b:b1:1b:75:2d:e9:ce:39:24:a2:
67:8e:e6:95:1a:a8:6a:22:03:3a:f6:d5:b9:67:5a:
4d:9e:bc:d0:b0:68:04:13:ca:d6:6f:8f:15:be:94:
87:35:c0:ed:9f:61:6c:4a:e4:47:83:4a:c2:2f:ba:
57:5e:93:c3:b4:4a:a7:6c:81:8f:21:4f:b9:43:dc:
e0:eb:e3:cb:dd:9b:54:8c:7d:4e:b3:bc:9b:b7:23:
f6:40:dc:f9:bb:46:ce:04:79:fd:13:83:23:8c:69:
71:e5:8d:a5:26:f0:63:b4:bd:d7:72:00:75:2f:bd:
c8:90:f1:69:a6:9f:01:7a:fd:7b:af:33:c9:84:2a:
01:63:6d:fe:ff:31:6c:d0:e6:16:77:67:de:df:87:
85:10:45:bf:b0:cb:66:bd:5e:42:84:b9:44:bb:d2:
12:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A9:45:DC:B9:9F:56:11:47:87:29:DA:E0:61:28:99:E3:88:FE:F7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:1800::/40
Signature Algorithm: sha256WithRSAEncryption
5b:4b:7d:08:96:4c:14:34:98:21:51:a3:ae:bc:03:c1:d9:1b:
b7:f0:70:03:66:c7:e2:7f:e0:13:0e:82:d8:05:dd:c3:b9:0b:
d7:7a:50:5b:39:b9:ab:76:0b:5f:f1:e8:fa:fb:e2:96:b2:47:
56:12:af:4f:11:84:db:e5:b3:6f:56:f9:70:5b:be:b7:51:71:
07:e8:b4:0d:09:05:8f:5d:20:21:03:27:24:ff:a0:24:9f:a9:
26:1e:7f:af:43:b0:37:64:d9:93:15:8a:39:d2:54:73:af:9b:
2c:5e:ce:b7:8d:67:b7:bb:3b:73:88:27:0a:ae:a8:6b:8d:fc:
33:7f:d1:b6:1f:4e:01:92:a9:a8:ba:61:f3:a7:7f:39:63:54:
48:45:b8:59:04:78:f8:2e:6f:13:48:07:2f:78:89:95:d9:9c:
15:5b:73:ab:7f:61:e1:f0:b3:b8:9d:71:60:4d:b1:b1:0a:a8:
90:8e:b8:a0:46:8c:9f:b2:9c:8a:7d:20:bd:20:3b:f4:98:b8:
f0:60:4a:29:4c:de:7a:ff:3a:09:ad:e2:54:a1:cd:fa:c9:50:
73:2d:15:d7:0c:fd:9e:f9:48:0d:39:67:b7:ee:a8:9c:61:73:
5b:b4:80:6f:3a:52:0a:36:73:0f:e0:b2:e3:c8:09:0a:75:1a:
7d:69:2a:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY5G+Eb/G+fHNZdTIa/3Im5CxGcMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwMTlaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlNDE3MDdmMDRjMjY3YzQ2ODk3ZDBjNWU2ZWE1ODhmZGU3ZjhjZTlkYzFj
MDA0MzBiMTQ4NmI1OTJmMTRmYjYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4/LKR7w0OZzBQSojGj/YlQ4M0a/K+686AGZ7kEtNgVTCv7cVGCMtkecvv8
hLPDDZPcKW8gvPPLHMfTZkyzMjm6mA44yYWyCQZLSK+Xjr1tjG9CRnCorRnjOvWU
KKcbsRt1LenOOSSiZ47mlRqoaiIDOvbVuWdaTZ680LBoBBPK1m+PFb6UhzXA7Z9h
bErkR4NKwi+6V16Tw7RKp2yBjyFPuUPc4Ovjy92bVIx9TrO8m7cj9kDc+btGzgR5
/RODI4xpceWNpSbwY7S913IAdS+9yJDxaaafAXr9e68zyYQqAWNt/v8xbNDmFndn
3t+HhRBFv7DLZr1eQoS5RLvSEmcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0qUXc
uZ9WEUeHKdrgYSiZ44j+9zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YzJlM2ZmYWItYjhhYi00NzZmLTljNmUtNWU0ODQyZDcwNWY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8cY
MA0GCSqGSIb3DQEBCwUAA4IBAQBbS30IlkwUNJghUaOuvAPB2Ru38HADZsfif+AT
DoLYBd3DuQvXelBbObmrdgtf8ej6++KWskdWEq9PEYTb5bNvVvlwW763UXEH6LQN
CQWPXSAhAyck/6Akn6kmHn+vQ7A3ZNmTFYo50lRzr5ssXs63jWe3uztziCcKrqhr
jfwzf9G2H04BkqmoumHzp385Y1RIRbhZBHj4Lm8TSAcveImV2ZwVW3Orf2Hh8LO4
nXFgTbGxCqiQjrigRoyfspyKfSC9IDv0mLjwYEopTN56/zoJreJUoc36yVBzLRXX
DP2e+UgNOWe37qicYXNbtIBvOlIKNnMP4LLjyAkKdRp9aSpE
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:49 2025 by rpki-client