Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
File: c9fc58bf-3415-4839-940e-603e1b7d42f6.roa (raw, json)
Hash identifier: fZPmaDvZDEKiCcNn0cEm4QJeIgyw/FeZHIjmiVJU9v0=
Subject key identifier: 38:91:87:27:91:F0:AE:B7:01:57:A0:92:72:70:89:22:D1:D2:54:B7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 02C4D1D002E9726112CD6DDAA8D00793999F1098
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
Signing time: Sat 09 Aug 2025 00:30:09 +0000
ROA not before: Sat 09 Aug 2025 00:30:09 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:e000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:c4:d1:d0:02:e9:72:61:12:cd:6d:da:a8:d0:07:93:99:9f:10:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:30:09 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=5426489fe8ecaaab64c15741f60ec399d4fc6889bb7c6710475edc0471271335, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6e:e6:6c:a3:36:35:e8:e6:f3:a2:75:55:c0:
3c:49:a6:97:0b:55:79:0b:04:c5:24:12:30:47:28:
81:94:30:74:9f:a2:56:86:4f:a1:14:64:6a:b1:e3:
39:80:83:6c:a4:ce:6d:be:ff:9f:1a:80:ab:fc:62:
82:d6:d0:fe:f2:87:de:b9:3b:04:b5:60:91:19:ad:
6b:2f:c4:d9:3e:1d:b5:8a:17:c7:65:cd:06:5b:64:
c1:92:48:38:49:85:70:c6:e7:9f:56:f4:0b:73:47:
b7:5a:c9:61:55:91:78:23:f2:04:9f:7f:5d:4d:1c:
76:6b:07:1b:c9:53:74:b8:8f:58:f8:d6:c9:a6:57:
4f:eb:8a:82:44:95:92:b6:8e:ca:6e:fb:96:55:b1:
cc:78:55:01:ef:c6:fb:ac:d2:af:14:b0:40:15:e4:
07:c5:4d:73:21:e1:3d:29:0f:2b:d5:ab:e0:40:e1:
57:b2:b4:f3:10:f0:77:5a:3e:38:b9:9e:dc:94:9e:
35:60:60:55:94:18:fa:60:41:ed:fe:ca:02:9b:22:
c1:c5:0a:7e:41:e5:e6:71:d1:d2:24:f5:07:67:6c:
89:4f:9d:66:eb:04:04:94:23:8b:b3:73:21:04:f5:
21:5f:98:2d:f8:dd:9e:62:80:e3:d4:72:74:04:38:
60:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:91:87:27:91:F0:AE:B7:01:57:A0:92:72:70:89:22:D1:D2:54:B7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:e000::/36
Signature Algorithm: sha256WithRSAEncryption
73:04:18:05:11:54:56:cb:00:7e:5d:8b:a1:b6:31:3e:5c:fc:
09:2a:da:41:80:8f:ee:cb:8a:3d:0d:00:5e:c7:09:79:f2:81:
fa:1c:1f:fb:d2:16:a6:bd:f7:bf:d5:8d:c2:88:6f:7e:14:e3:
e3:5f:0b:ec:64:12:6f:1e:35:fd:6a:b2:9d:81:31:d4:78:48:
1f:bd:b9:f3:0c:e0:3b:9d:c8:86:7d:b7:11:f3:1e:4e:30:20:
97:ce:c1:76:67:72:03:9d:ed:1b:9b:d0:02:7c:cf:ad:8f:fe:
42:4c:d7:17:10:5b:d5:65:65:71:57:d6:54:31:93:e2:a9:ad:
da:c8:f9:34:8f:5b:c8:c4:5a:fd:b1:d4:d6:d4:32:32:8f:52:
09:96:e3:bd:9f:e5:3a:d0:a1:66:a3:68:61:a0:93:9c:15:ac:
35:90:23:67:7d:03:60:c4:7d:26:77:8f:75:89:1d:10:c8:4d:
57:4e:4f:d4:65:d7:2f:88:3b:e9:4d:fe:63:0c:38:9e:7b:db:
d0:da:c9:46:de:e5:d6:02:b1:00:31:85:21:65:db:e3:85:9a:
d5:b5:ec:c6:32:9b:04:9a:5a:fa:29:69:ec:50:00:0e:35:df:
11:ca:39:20:68:d1:5a:a3:da:47:7f:ee:29:d3:e5:20:d1:bd:
52:53:0b:14
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAsTR0ALpcmESzW3aqNAHk5mfEJgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDMwMDlaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0MjY0ODlmZThlY2FhYWI2NGMxNTc0MWY2MGVjMzk5ZDRmYzY4ODliYjdj
NjcxMDQ3NWVkYzA0NzEyNzEzMzUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5u5myjNjXo5vOidVXAPEmmlwtVeQsExSQSMEcogZQwdJ+iVoZPoRRkarHj
OYCDbKTObb7/nxqAq/xigtbQ/vKH3rk7BLVgkRmtay/E2T4dtYoXx2XNBltkwZJI
OEmFcMbnn1b0C3NHt1rJYVWReCPyBJ9/XU0cdmsHG8lTdLiPWPjWyaZXT+uKgkSV
kraOym77llWxzHhVAe/G+6zSrxSwQBXkB8VNcyHhPSkPK9Wr4EDhV7K08xDwd1o+
OLme3JSeNWBgVZQY+mBB7f7KApsiwcUKfkHl5nHR0iT1B2dsiU+dZusEBJQji7Nz
IQT1IV+YLfjdnmKA49RydAQ4YAsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ4kYcn
kfCutwFXoJJycIki0dJUtzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YzlmYzU4YmYtMzQxNS00ODM5LTk0MGUtNjAzZTFiN2Q0MmY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fg
MA0GCSqGSIb3DQEBCwUAA4IBAQBzBBgFEVRWywB+XYuhtjE+XPwJKtpBgI/uy4o9
DQBexwl58oH6HB/70hamvfe/1Y3CiG9+FOPjXwvsZBJvHjX9arKdgTHUeEgfvbnz
DOA7nciGfbcR8x5OMCCXzsF2Z3IDne0bm9ACfM+tj/5CTNcXEFvVZWVxV9ZUMZPi
qa3ayPk0j1vIxFr9sdTW1DIyj1IJluO9n+U60KFmo2hhoJOcFaw1kCNnfQNgxH0m
d491iR0QyE1XTk/UZdcviDvpTf5jDDiee9vQ2slG3uXWArEAMYUhZdvjhZrVtezG
MpsEmlr6KWnsUAAONd8RyjkgaNFao9pHf+4p0+Ug0b1SUwsU
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:10:51 2025 by rpki-client