Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
File: cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa (raw, json)
Hash identifier: 2CiM/Q9l5ewdbk+SzlbWM7OUJq7Y7yc6Wctzl7wJA70=
Subject key identifier: 3D:79:A9:05:58:EF:95:C5:E1:C9:C6:D9:6B:3C:A2:1B:B7:84:50:AE
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 44D956CBF5A9E049775626DAFC6FE72841455278
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
Signing time: Sat 09 Aug 2025 00:21:18 +0000
ROA not before: Sat 09 Aug 2025 00:21:18 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:d9:56:cb:f5:a9:e0:49:77:56:26:da:fc:6f:e7:28:41:45:52:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:18 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=bb536dd2d656660d2baae392943bf7354acd53ce596a9dff156ab3eb3b481f19, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f0:a9:3b:4a:ee:e7:96:02:79:b7:71:5a:c5:
91:05:d8:51:d9:83:f9:0d:12:45:a8:41:79:89:a6:
ac:41:be:6b:cd:6b:0f:2a:bc:3d:d0:c1:5e:4a:69:
17:8a:6a:de:05:d5:d6:f1:d5:b5:b0:77:5a:a5:ab:
fa:02:6c:62:1c:45:0a:ca:fe:ae:ad:c8:eb:17:c1:
97:08:8a:f3:76:fa:0d:41:00:ae:fc:e2:04:20:a6:
fa:8e:63:67:2e:35:13:bd:4f:88:63:9f:80:94:0c:
e7:a4:aa:05:37:21:4e:b1:ea:84:d0:55:64:df:d4:
de:fb:44:53:42:f9:02:64:20:24:79:77:6f:75:b7:
11:36:91:50:1c:e0:aa:df:0f:09:f5:15:ff:03:10:
cf:9a:69:f9:9b:6b:77:43:ab:4a:9b:08:8b:7f:61:
f6:7e:b2:20:5e:50:ed:38:39:19:5b:6b:25:68:4f:
ca:b6:89:14:4d:84:45:01:8d:cc:4a:ae:82:1d:3f:
ab:e3:5d:e5:8c:c8:34:b8:ca:be:f1:38:48:df:d4:
b0:52:9d:72:9c:22:3d:95:d6:41:e5:ff:77:27:dd:
1b:c3:16:7d:ad:1e:74:bc:ba:0a:81:da:27:a2:0f:
57:c4:e3:c6:c5:64:58:e3:88:19:24:97:54:1f:d4:
3c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:79:A9:05:58:EF:95:C5:E1:C9:C6:D9:6B:3C:A2:1B:B7:84:50:AE
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
86:28:6d:15:0b:67:d3:92:13:db:2c:91:2d:9c:c5:26:52:de:
81:91:d4:00:e3:93:a9:99:a8:48:1b:2b:1e:e9:51:1d:75:8c:
79:24:fd:7c:2b:73:47:bd:69:e0:8f:0d:bb:42:f6:aa:28:b6:
5b:1c:0b:01:cd:04:60:35:f3:07:8e:42:c8:07:15:c4:f3:02:
1e:2a:e5:8f:77:5d:7b:e0:d6:e3:95:05:6d:a8:d5:7f:6a:35:
3b:9d:f2:90:5e:4f:48:5f:3f:49:68:2e:96:2e:6a:52:55:d4:
33:50:86:ac:fd:ea:5b:36:62:4f:0b:54:4e:74:5b:87:65:b5:
c3:51:f2:aa:bb:be:06:db:e1:a4:45:ab:44:b4:ec:75:c0:3b:
bd:ce:c5:62:c4:a9:2d:bd:ca:11:3f:45:49:8e:0c:bf:e0:1c:
a3:7a:5c:6c:99:a7:61:a3:63:4a:e6:b4:88:d7:ac:c3:3a:f7:
68:3f:0c:6d:db:fd:16:7f:7e:41:3c:90:31:48:25:f0:cb:ed:
aa:62:af:94:8b:4b:72:8f:fa:71:d3:d3:13:12:17:36:a9:23:
7f:92:37:89:37:b1:9a:8e:06:1e:47:6f:fb:64:3f:76:6a:e7:
78:5e:8c:db:24:d9:e6:b4:93:b5:31:72:d2:31:04:c9:3a:e1:
2c:fe:da:36
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURNlWy/Wp4El3Viba/G/nKEFFUngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMThaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiNTM2ZGQyZDY1NjY2MGQyYmFhZTM5Mjk0M2JmNzM1NGFjZDUzY2U1OTZh
OWRmZjE1NmFiM2ViM2I0ODFmMTkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvwqTtK7ueWAnm3cVrFkQXYUdmD+Q0SRahBeYmmrEG+a81rDyq8PdDBXkpp
F4pq3gXV1vHVtbB3WqWr+gJsYhxFCsr+rq3I6xfBlwiK83b6DUEArvziBCCm+o5j
Zy41E71PiGOfgJQM56SqBTchTrHqhNBVZN/U3vtEU0L5AmQgJHl3b3W3ETaRUBzg
qt8PCfUV/wMQz5pp+Ztrd0OrSpsIi39h9n6yIF5Q7Tg5GVtrJWhPyraJFE2ERQGN
zEqugh0/q+Nd5YzINLjKvvE4SN/UsFKdcpwiPZXWQeX/dyfdG8MWfa0edLy6CoHa
J6IPV8TjxsVkWOOIGSSXVB/UPCcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9eakF
WO+VxeHJxtlrPKIbt4RQrjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2Q4ZjA3YzktYWJjMS00MWRkLWJhZDQtYzdlNWJmMGJkNGM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQCGKG0VC2fTkhPbLJEtnMUmUt6BkdQA45OpmahI
Gyse6VEddYx5JP18K3NHvWngjw27QvaqKLZbHAsBzQRgNfMHjkLIBxXE8wIeKuWP
d1174NbjlQVtqNV/ajU7nfKQXk9IXz9JaC6WLmpSVdQzUIas/epbNmJPC1ROdFuH
ZbXDUfKqu74G2+GkRatEtOx1wDu9zsVixKktvcoRP0VJjgy/4Byjelxsmadho2NK
5rSI16zDOvdoPwxt2/0Wf35BPJAxSCXwy+2qYq+Ui0tyj/px09MTEhc2qSN/kjeJ
N7GajgYeR2/7ZD92aud4XozbJNnmtJO1MXLSMQTJOuEs/to2
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:45:21 2025 by rpki-client