Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
File: d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa (raw, json)
Hash identifier: +tPPqeo/4rGJUstF2VAa4HAZr8DRSrK8wkm32xlCa38=
Subject key identifier: F1:A3:82:B9:F6:6C:42:F6:37:72:E7:1A:87:C2:03:05:F3:DC:06:B4
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7E96DA5DD90CF946C15F4B6D17054A8471116539
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
Signing time: Sat 09 Aug 2025 00:21:17 +0000
ROA not before: Sat 09 Aug 2025 00:21:17 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:96:da:5d:d9:0c:f9:46:c1:5f:4b:6d:17:05:4a:84:71:11:65:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:17 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=c66203f5af8e24ae5d187513453e05f2536f258862bb7f3cdbc6b8a1c40afe17, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:36:e3:3f:b6:0e:c9:75:ec:83:99:8e:62:cd:
d0:12:af:21:a9:5c:9f:eb:91:a0:64:08:b5:74:f9:
d7:c7:b0:63:2b:d1:f2:52:f7:29:bc:ab:17:f0:39:
38:6e:79:61:ad:53:92:fe:7a:dc:cf:8a:a0:2e:48:
de:ca:ce:b8:03:5e:14:87:31:8c:9f:1b:df:0b:91:
0d:60:15:fe:d8:83:28:04:84:8d:62:2b:c4:61:d9:
23:5d:22:13:22:e9:d1:67:ab:08:47:d0:5e:e2:2f:
7e:21:0c:11:15:32:a1:cb:46:02:a2:62:31:c2:82:
6a:70:86:37:1c:76:15:50:a5:0e:fe:06:8c:48:2f:
53:15:35:4c:eb:48:69:ef:d5:30:a8:7d:cc:69:52:
af:37:a1:35:48:ba:f7:9c:96:57:27:d0:b7:87:b1:
82:f4:ec:3f:2b:a5:d3:3a:02:1b:44:e4:54:6e:82:
5a:29:e5:48:d0:f2:87:df:f1:58:d4:32:44:96:4a:
60:8a:59:05:02:47:fc:3e:c5:76:f6:d5:82:4f:fc:
cb:f2:6e:f4:0e:36:28:20:02:2d:fa:a3:70:2c:0e:
9e:36:25:90:d6:7c:57:a0:9e:49:47:25:65:c5:c1:
a4:85:76:e7:30:78:6d:68:0f:a9:95:60:24:01:39:
b8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A3:82:B9:F6:6C:42:F6:37:72:E7:1A:87:C2:03:05:F3:DC:06:B4
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
54:e7:f9:ae:97:eb:2c:72:59:84:5e:a0:be:fd:6c:0e:f5:a5:
aa:b9:a8:f4:63:c5:81:03:44:f1:c0:19:ee:e4:f9:07:79:c2:
86:6d:fa:5c:a2:f2:7a:e7:aa:63:e9:7e:47:b3:d1:33:6d:7a:
16:37:7f:eb:9e:40:04:7f:b9:00:05:bb:01:bf:2e:61:fd:ac:
53:18:69:62:14:ff:65:f5:41:57:d0:68:1a:47:80:1d:2f:a2:
f5:04:0c:d6:74:c9:13:22:f2:54:02:f0:26:5f:59:a5:b9:68:
b9:85:7d:f1:4b:1a:e7:16:2c:d1:10:af:3a:34:00:97:41:66:
ea:a1:ca:63:06:57:b3:4d:6d:5b:6f:e2:8c:cf:0b:e2:16:09:
40:72:f9:d3:45:69:7a:98:2a:12:3e:9d:bb:9d:2b:81:ab:d4:
ec:b8:58:7a:44:8f:67:22:59:93:67:72:03:96:c2:a7:70:e4:
bd:dc:62:32:91:f5:d6:e8:2d:2f:56:fb:2c:39:82:ca:9f:8f:
37:13:35:42:2d:b1:5f:4e:67:64:49:84:c9:a5:3a:4e:3f:00:
74:86:f0:e8:2a:a4:78:b5:24:6b:40:65:9e:f2:ed:b9:fe:6a:
ba:e3:5e:6b:85:c5:c7:98:14:6f:f3:0d:d5:df:2d:72:f6:23:
a1:0e:8f:0d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfpbaXdkM+UbBX0ttFwVKhHERZTkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMTdaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2NjIwM2Y1YWY4ZTI0YWU1ZDE4NzUxMzQ1M2UwNWYyNTM2ZjI1ODg2MmJi
N2YzY2RiYzZiOGExYzQwYWZlMTcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALo24z+2Dsl17IOZjmLN0BKvIalcn+uRoGQItXT518ewYyvR8lL3KbyrF/A5
OG55Ya1Tkv563M+KoC5I3srOuANeFIcxjJ8b3wuRDWAV/tiDKASEjWIrxGHZI10i
EyLp0WerCEfQXuIvfiEMERUyoctGAqJiMcKCanCGNxx2FVClDv4GjEgvUxU1TOtI
ae/VMKh9zGlSrzehNUi695yWVyfQt4exgvTsPyul0zoCG0TkVG6CWinlSNDyh9/x
WNQyRJZKYIpZBQJH/D7FdvbVgk/8y/Ju9A42KCACLfqjcCwOnjYlkNZ8V6CeSUcl
ZcXBpIV25zB4bWgPqZVgJAE5uPMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTxo4K5
9mxC9jdy5xqHwgMF89wGtDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZDBjZDk5MDUtNzJjNS00ZmY5LTk4ZGYtNmIwZDFjMTJhNGMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQBU5/mul+ssclmEXqC+/WwO9aWquaj0Y8WBA0Tx
wBnu5PkHecKGbfpcovJ656pj6X5Hs9EzbXoWN3/rnkAEf7kABbsBvy5h/axTGGli
FP9l9UFX0GgaR4AdL6L1BAzWdMkTIvJUAvAmX1mluWi5hX3xSxrnFizREK86NACX
QWbqocpjBlezTW1bb+KMzwviFglAcvnTRWl6mCoSPp27nSuBq9TsuFh6RI9nIlmT
Z3IDlsKncOS93GIykfXW6C0vVvssOYLKn483EzVCLbFfTmdkSYTJpTpOPwB0hvDo
KqR4tSRrQGWe8u25/mq6415rhcXHmBRv8w3V3y1y9iOhDo8N
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:07 2025 by rpki-client