Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
File: ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa (raw, json)
Hash identifier: epVtSF0aS3zE2wf/lnO/W9A4Lhs0rI7oYCVisC60mlo=
Subject key identifier: 33:C0:64:79:79:67:FF:8C:A2:2D:90:08:1A:1B:97:1E:DC:0A:D8:ED
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 48A902ECFE7B6BAC4AE31F573F78257EDB1F0C7F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
Signing time: Sat 09 Aug 2025 00:20:58 +0000
ROA not before: Sat 09 Aug 2025 00:20:58 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:5800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:a9:02:ec:fe:7b:6b:ac:4a:e3:1f:57:3f:78:25:7e:db:1f:0c:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:58 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=809a51e4b2731492cc678a83a60281c91950796ac7f87b273e7f5544bef8479c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0a:bf:19:3a:da:56:6a:e6:cf:c9:22:bf:62:
20:31:f4:58:05:6c:f3:6c:70:b9:7f:ed:e0:14:83:
83:12:57:87:f3:f1:be:f6:27:72:c1:72:34:d5:9a:
3d:2d:3a:b5:d8:07:fa:d3:5f:18:18:98:8d:fa:20:
f9:98:9b:f0:b8:0d:1b:71:44:e3:86:45:9a:b4:e1:
33:68:78:0b:52:35:6c:12:fd:38:e0:35:3f:19:6c:
38:a6:a8:6e:25:25:c3:77:a4:96:d1:01:ad:dc:83:
b9:cb:df:e7:18:0d:ca:a0:16:5a:8b:0e:e6:7f:be:
71:a9:d3:3c:b9:6e:66:94:82:8d:c3:cc:15:98:f1:
33:e6:e2:c1:2b:8e:97:38:8e:bc:46:28:dd:82:04:
6d:b9:f3:03:2a:6c:97:b7:45:7b:5e:9d:90:98:eb:
8c:81:6d:2d:c4:08:f8:96:98:75:ea:ec:7c:22:39:
11:1a:fa:cd:3d:ad:16:8a:33:b3:a9:cb:79:d8:6b:
4f:34:c8:b6:45:1b:3f:db:29:84:82:4d:b4:5f:35:
a0:4a:9d:a3:51:ae:c8:64:be:46:ce:a2:30:1c:ee:
85:7f:2a:26:b8:b7:c4:bc:85:ba:a8:9b:d3:12:a0:
e7:b4:9e:2e:9f:d7:a3:d4:ee:d4:6b:b8:93:62:f3:
e7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C0:64:79:79:67:FF:8C:A2:2D:90:08:1A:1B:97:1E:DC:0A:D8:ED
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:5800::/40
Signature Algorithm: sha256WithRSAEncryption
1e:22:89:ba:11:b4:1f:fe:b3:fa:cb:21:5e:bc:84:bf:3c:df:
40:a9:df:aa:35:7b:bf:45:29:06:9e:13:c6:b2:f3:f9:d5:d5:
97:60:d5:fb:2a:26:6f:70:7a:1e:dc:bf:f6:92:f4:b6:0c:66:
36:d1:94:a9:f2:0d:3e:5c:b2:28:42:1a:8b:4c:12:b6:3d:bb:
fd:ee:d9:52:81:04:03:b3:6c:1e:56:2a:de:09:a3:2e:80:de:
76:42:26:d6:fe:6f:b5:a4:8b:76:64:e7:ac:ae:e1:39:8f:48:
fe:05:f3:12:83:c1:52:e8:d4:9f:1b:91:3b:4c:df:3d:81:56:
df:62:29:a3:e1:a9:d2:72:6f:56:75:ba:cd:f7:25:0b:1e:0e:
83:fb:3f:c5:90:df:eb:1a:c5:ee:1d:15:5e:63:94:5c:2b:ca:
61:51:d7:33:12:7b:34:25:3e:25:1b:dc:33:9f:16:4b:1a:24:
21:32:47:b3:15:bc:1f:fa:1e:11:3e:b0:9e:c1:6a:d8:60:92:
10:ff:a7:fa:16:d5:ba:2b:95:70:51:cf:c3:cd:fa:04:ac:1c:
74:89:78:07:ee:27:ce:80:ba:22:ec:f8:23:ed:0f:81:28:70:
18:3a:99:dd:46:fc:2d:02:5a:7d:79:e9:85:e2:61:8a:38:92:
24:fe:72:ad
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSKkC7P57a6xK4x9XP3glftsfDH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwNThaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwOWE1MWU0YjI3MzE0OTJjYzY3OGE4M2E2MDI4MWM5MTk1MDc5NmFjN2Y4
N2IyNzNlN2Y1NTQ0YmVmODQ3OWMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQKvxk62lZq5s/JIr9iIDH0WAVs82xwuX/t4BSDgxJXh/PxvvYncsFyNNWa
PS06tdgH+tNfGBiYjfog+Zib8LgNG3FE44ZFmrThM2h4C1I1bBL9OOA1PxlsOKao
biUlw3ekltEBrdyDucvf5xgNyqAWWosO5n++canTPLluZpSCjcPMFZjxM+biwSuO
lziOvEYo3YIEbbnzAypsl7dFe16dkJjrjIFtLcQI+JaYdersfCI5ERr6zT2tFooz
s6nLedhrTzTItkUbP9sphIJNtF81oEqdo1GuyGS+Rs6iMBzuhX8qJri3xLyFuqib
0xKg57SeLp/Xo9Tu1Gu4k2Lz53kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQzwGR5
eWf/jKItkAgaG5ce3ArY7TAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2NlZmVhYTMtNTBmZC00ZmI1LWEwZDYtNjgyZWE4OTRjNWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dY
MA0GCSqGSIb3DQEBCwUAA4IBAQAeIom6EbQf/rP6yyFevIS/PN9Aqd+qNXu/RSkG
nhPGsvP51dWXYNX7KiZvcHoe3L/2kvS2DGY20ZSp8g0+XLIoQhqLTBK2Pbv97tlS
gQQDs2weVireCaMugN52QibW/m+1pIt2ZOesruE5j0j+BfMSg8FS6NSfG5E7TN89
gVbfYimj4anScm9WdbrN9yULHg6D+z/FkN/rGsXuHRVeY5RcK8phUdczEns0JT4l
G9wznxZLGiQhMkezFbwf+h4RPrCewWrYYJIQ/6f6FtW6K5VwUc/DzfoErBx0iXgH
7ifOgLoi7Pgj7Q+BKHAYOpndRvwtAlp9eemF4mGKOJIk/nKt
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:48 2025 by rpki-client