Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de9aec2a-9314-43f8-bb3e-64216efeb7b4.roa
File: de9aec2a-9314-43f8-bb3e-64216efeb7b4.roa (raw, json)
Hash identifier: nD0n837fUq9LuC3XyGn+axoSpfUuCoqX+E2POX/vB0o=
Subject key identifier: D9:79:EC:82:08:5A:EE:DA:96:4D:1B:C5:26:3A:BE:12:57:FC:18:AE
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 38F7A0820F3FF1E0406B7794E11B197791A56DB8
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de9aec2a-9314-43f8-bb3e-64216efeb7b4.roa
Signing time: Fri 08 Aug 2025 00:40:08 +0000
ROA not before: Fri 08 Aug 2025 00:40:08 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc7:4800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:f7:a0:82:0f:3f:f1:e0:40:6b:77:94:e1:1b:19:77:91:a5:6d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 8 00:40:08 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=3a9012f0a9003ada54d2d60d113ac08cdc0f57c87e3a59cdcbb7ff7e94cc7df8, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:98:b5:ab:79:d9:c1:cb:af:ed:2f:db:38:e2:
30:fe:9c:f8:0b:5b:4e:8b:20:fe:51:16:f4:78:fb:
53:19:3f:c7:db:99:f7:87:79:f9:f1:d2:c4:50:33:
83:26:e2:b9:6a:2c:eb:63:1d:7c:31:fb:f7:4f:78:
58:cb:da:68:8a:30:77:59:79:bb:78:3e:cf:9d:10:
40:03:fc:42:72:95:ec:96:4d:57:85:ad:bf:32:25:
34:ea:eb:89:4f:7d:41:0e:d6:59:ec:94:f9:5f:6c:
81:e6:3a:98:6f:44:17:a9:15:7e:e0:6c:b0:5c:2a:
c5:7c:04:d3:72:0f:73:4a:b3:c5:4b:45:2d:56:44:
64:b9:14:89:7d:0b:ee:70:53:23:b8:34:bf:cc:0c:
07:51:5c:aa:63:f5:2b:76:67:f0:89:f4:5c:35:84:
93:c3:7c:35:79:a1:8c:6a:15:9d:dc:e7:58:51:17:
3e:09:9f:ee:0d:ec:8c:0c:bc:d2:8b:bb:58:ae:d2:
75:5f:24:53:3f:f6:04:56:36:9a:d2:6b:25:66:b5:
fb:b1:aa:c8:b5:2f:4d:01:b2:c8:35:f7:0b:f4:12:
32:81:2f:e5:90:2d:9a:ee:c0:e6:53:bb:97:0a:00:
d6:fb:45:77:0e:b7:b9:ab:cc:71:6c:0d:86:ea:9a:
f4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:79:EC:82:08:5A:EE:DA:96:4D:1B:C5:26:3A:BE:12:57:FC:18:AE
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de9aec2a-9314-43f8-bb3e-64216efeb7b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4800::/40
Signature Algorithm: sha256WithRSAEncryption
3e:2f:ae:1c:62:ed:18:11:97:e2:c6:91:42:b1:cc:5c:95:6d:
b0:9e:c8:ee:61:cb:21:ce:03:37:9e:f0:31:98:66:e4:74:23:
dd:b8:7b:c3:62:37:b0:6d:bd:1f:b3:30:55:e4:0a:2f:e0:e6:
a3:ab:c9:63:1c:09:57:f7:49:a8:ad:85:8c:fe:cb:5e:2b:0b:
b2:8e:0b:51:dd:d7:a3:1e:7e:b9:70:ef:9b:8b:d4:c4:f2:57:
b6:5c:98:d7:8d:ee:c3:39:04:7f:f9:03:5a:0e:a0:dc:b1:9e:
02:25:b1:ab:35:07:93:cd:27:8b:e7:83:69:ea:45:5b:d0:5f:
2d:9b:d4:47:41:16:3b:bf:cc:97:47:97:43:ac:7d:a6:15:93:
b3:ad:07:72:00:a3:ed:41:fa:21:24:66:47:90:93:f9:aa:09:
cc:91:98:d5:3b:23:01:8a:b3:7b:7e:ce:93:95:3c:63:04:c5:
e0:7f:1e:9c:47:c7:33:37:97:cc:39:26:2f:11:c6:f9:b4:56:
0d:29:47:ee:e4:e1:aa:87:f3:bd:cf:bc:1d:63:e5:ab:ff:76:
89:a2:a9:03:c0:45:b4:52:c8:af:b4:30:c4:62:f1:3a:31:a3:
d5:18:97:68:23:1a:d3:4e:ff:61:0f:7e:1a:b3:33:a7:eb:0b:
ab:ca:9d:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOPeggg8/8eBAa3eU4RsZd5GlbbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDgwMDQwMDhaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhOTAxMmYwYTkwMDNhZGE1NGQyZDYwZDExM2FjMDhjZGMwZjU3Yzg3ZTNh
NTljZGNiYjdmZjdlOTRjYzdkZjgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOeYtat52cHLr+0v2zjiMP6c+AtbTosg/lEW9Hj7Uxk/x9uZ94d5+fHSxFAz
gybiuWos62MdfDH79094WMvaaIowd1l5u3g+z50QQAP8QnKV7JZNV4WtvzIlNOrr
iU99QQ7WWeyU+V9sgeY6mG9EF6kVfuBssFwqxXwE03IPc0qzxUtFLVZEZLkUiX0L
7nBTI7g0v8wMB1FcqmP1K3Zn8In0XDWEk8N8NXmhjGoVndznWFEXPgmf7g3sjAy8
0ou7WK7SdV8kUz/2BFY2mtJrJWa1+7GqyLUvTQGyyDX3C/QSMoEv5ZAtmu7A5lO7
lwoA1vtFdw63uavMcWwNhuqa9PUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZeeyC
CFru2pZNG8UmOr4SV/wYrjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZGU5YWVjMmEtOTMxNC00M2Y4LWJiM2UtNjQyMTZlZmViN2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dI
MA0GCSqGSIb3DQEBCwUAA4IBAQA+L64cYu0YEZfixpFCscxclW2wnsjuYcshzgM3
nvAxmGbkdCPduHvDYjewbb0fszBV5Aov4Oajq8ljHAlX90morYWM/steKwuyjgtR
3dejHn65cO+bi9TE8le2XJjXje7DOQR/+QNaDqDcsZ4CJbGrNQeTzSeL54Np6kVb
0F8tm9RHQRY7v8yXR5dDrH2mFZOzrQdyAKPtQfohJGZHkJP5qgnMkZjVOyMBirN7
fs6TlTxjBMXgfx6cR8czN5fMOSYvEcb5tFYNKUfu5OGqh/O9z7wdY+Wr/3aJoqkD
wEW0UsivtDDEYvE6MaPVGJdoIxrTTv9hD34aszOn6wuryp1U
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:08:49 2025 by rpki-client