Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
File: d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa (raw, json)
Hash identifier: rcJrBUyTNkxqi+K+hWyrj/NglnnKe8HwvTbd7D1k9gQ=
Subject key identifier: EC:2F:A8:9E:84:57:E7:F4:8C:D9:4F:71:FA:C2:F3:CC:6B:07:61:5B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 17817E9765651DA0A62F026CBC0050F84070C5F0
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
Signing time: Sat 09 Aug 2025 00:20:01 +0000
ROA not before: Sat 09 Aug 2025 00:20:01 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:81:7e:97:65:65:1d:a0:a6:2f:02:6c:bc:00:50:f8:40:70:c5:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:01 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=2932b6c9def717b97b7e8f4e8c7d4187f9e0bbefb52295e208ee4af5d4c7d0e7, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9b:55:f5:53:66:58:42:0f:45:cc:24:71:87:
11:75:11:9c:de:73:11:06:e8:68:45:ef:4c:30:da:
01:4c:e6:b6:d5:97:aa:9b:3c:69:52:fb:91:fa:70:
80:7f:f1:05:99:f9:cc:4c:89:93:f1:a0:6f:2c:93:
f7:e1:22:3b:10:00:f5:f8:f9:69:d0:59:ce:0f:23:
85:11:b3:4b:26:83:b6:08:f0:41:97:79:8a:5a:3e:
f4:1c:e7:7e:cb:ff:2b:f4:ba:96:f4:e0:37:ae:36:
d8:0d:74:42:8a:71:2a:e2:c4:cf:d3:d0:81:ca:0b:
74:84:22:0e:35:2c:14:e5:ec:5a:a4:c8:75:f5:5a:
4a:92:19:46:fd:f2:65:ae:01:c8:0a:dd:e8:57:bd:
55:2a:8e:aa:67:87:18:56:17:0f:37:94:22:2a:a9:
80:b1:6d:c4:9e:bc:3c:5c:83:1d:f8:44:db:fa:98:
ac:79:e7:b6:16:3b:24:bb:dc:e4:26:89:bc:b5:08:
eb:a7:c6:fd:82:eb:53:e2:a2:19:a0:f2:d0:e5:0e:
6a:8e:ec:22:ca:4d:b6:58:d8:f7:19:bf:03:77:ff:
77:c5:a5:27:ee:34:cc:70:3e:d0:0f:fa:a1:91:ff:
eb:b6:d7:7f:19:56:72:b7:cd:f1:03:14:0f:43:44:
31:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:2F:A8:9E:84:57:E7:F4:8C:D9:4F:71:FA:C2:F3:CC:6B:07:61:5B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:800::/40
Signature Algorithm: sha256WithRSAEncryption
4f:a8:9d:1d:ff:11:f5:f1:7e:0d:17:3b:8d:bc:e9:7b:4b:01:
1d:b1:6a:ed:98:0a:24:5d:80:52:da:78:d3:fe:fe:10:bb:2f:
1f:75:b6:e0:81:36:e5:d8:87:40:a3:78:87:cf:9d:52:e6:cb:
a1:c4:a3:ae:2f:9c:75:74:f1:ec:46:49:11:a6:1a:fb:0b:52:
95:83:33:53:10:c0:58:4e:a6:02:b8:85:fe:19:e4:8f:85:70:
da:08:3d:8e:15:f5:13:01:29:b2:d8:4b:80:36:13:e7:5e:95:
e0:c5:b8:12:71:86:b5:43:f9:76:5e:9f:da:aa:d7:c6:85:9d:
c6:ac:8c:da:17:97:43:60:96:9d:dd:6a:cb:43:02:ba:b2:a3:
d5:07:50:0e:d4:63:f8:46:80:73:92:77:ed:ae:05:71:0c:b3:
d1:40:47:3a:0b:70:08:f1:98:2d:8f:2b:97:0d:e2:72:35:1b:
81:e8:59:39:e7:30:cd:fa:fc:8a:5d:48:4b:df:5b:81:67:b3:
d3:89:8e:7f:67:01:bf:01:2f:64:14:94:bb:f7:1a:0a:95:e6:
f7:94:59:82:40:d4:d0:9e:cc:3a:78:4b:c9:11:96:33:44:31:
b1:db:38:f4:fe:6d:24:f5:2d:ef:35:b2:cd:1f:84:d8:13:a9:
f2:75:2e:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF4F+l2VlHaCmLwJsvABQ+EBwxfAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwMDFaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5MzJiNmM5ZGVmNzE3Yjk3YjdlOGY0ZThjN2Q0MTg3ZjllMGJiZWZiNTIy
OTVlMjA4ZWU0YWY1ZDRjN2QwZTcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSbVfVTZlhCD0XMJHGHEXURnN5zEQboaEXvTDDaAUzmttWXqps8aVL7kfpw
gH/xBZn5zEyJk/GgbyyT9+EiOxAA9fj5adBZzg8jhRGzSyaDtgjwQZd5ilo+9Bzn
fsv/K/S6lvTgN6422A10QopxKuLEz9PQgcoLdIQiDjUsFOXsWqTIdfVaSpIZRv3y
Za4ByArd6Fe9VSqOqmeHGFYXDzeUIiqpgLFtxJ68PFyDHfhE2/qYrHnnthY7JLvc
5CaJvLUI66fG/YLrU+KiGaDy0OUOao7sIspNtljY9xm/A3f/d8WlJ+40zHA+0A/6
oZH/67bXfxlWcrfN8QMUD0NEMcsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTsL6ie
hFfn9IzZT3H6wvPMawdhWzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZDBjMTYyNDctY2FkMi00NzQ4LTgzNDAtNmZlMmU2ZDhjZTZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI
MA0GCSqGSIb3DQEBCwUAA4IBAQBPqJ0d/xH18X4NFzuNvOl7SwEdsWrtmAokXYBS
2njT/v4Quy8fdbbggTbl2IdAo3iHz51S5suhxKOuL5x1dPHsRkkRphr7C1KVgzNT
EMBYTqYCuIX+GeSPhXDaCD2OFfUTASmy2EuANhPnXpXgxbgScYa1Q/l2Xp/aqtfG
hZ3GrIzaF5dDYJad3WrLQwK6sqPVB1AO1GP4RoBzknftrgVxDLPRQEc6C3AI8Zgt
jyuXDeJyNRuB6Fk55zDN+vyKXUhL31uBZ7PTiY5/ZwG/AS9kFJS79xoKleb3lFmC
QNTQnsw6eEvJEZYzRDGx2zj0/m0k9S3vNbLNH4TYE6nydS5M
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:25:46 2025 by rpki-client