Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
File: e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa (raw, json)
Hash identifier: E2BDuabcf0H+CphJ/+vtTRs9eOBb9flpzONwn6iVoi4=
Subject key identifier: C3:E7:84:3F:B2:4E:BD:B0:EE:43:96:3B:4D:BD:74:85:BF:14:A9:A9
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4C4F984FFB23ACDD0536C5A95E80BFD917DBD521
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
Signing time: Sat 09 Aug 2025 00:21:23 +0000
ROA not before: Sat 09 Aug 2025 00:21:23 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:4f:98:4f:fb:23:ac:dd:05:36:c5:a9:5e:80:bf:d9:17:db:d5:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:23 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=1157f36592ed5828de6be700482eb6aa4eed1d7d6f00d4c4d7d5974d4049ad1a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1e:d4:96:94:22:a6:74:a4:f2:5b:4f:8f:7a:
db:83:94:01:1c:db:6c:69:f6:1f:a4:a4:fd:8d:15:
a3:1d:ab:9f:e0:4b:2b:bf:1a:33:8b:d1:3e:bc:ff:
47:2c:ee:71:29:f5:bd:8e:fc:29:1a:74:26:73:de:
ee:c1:05:13:9e:b0:35:bc:64:7c:f0:be:ef:6f:40:
c1:24:d4:4f:ef:1a:8c:99:52:52:7d:ad:c7:ea:4b:
f0:5c:55:f9:98:d8:b8:29:ed:8c:a3:18:9a:ec:06:
6a:7b:9b:9d:d3:48:1f:fd:83:80:0d:8d:9b:9d:87:
f4:ff:25:e4:05:d5:a0:8a:bc:1a:17:38:55:19:a2:
b2:12:0c:5d:33:ca:b4:fb:ca:d6:fd:49:38:5f:60:
6d:da:c7:cd:5e:dc:7e:a1:2b:3c:07:0e:c4:c2:77:
cd:69:5b:09:99:98:5c:ed:ec:0c:27:d9:5e:fe:79:
16:65:4b:5f:b1:b4:e8:d3:91:0e:39:c1:07:b7:59:
4c:0e:df:6c:f5:6d:02:e9:12:c4:16:05:cd:f7:02:
03:44:a4:fe:f4:b8:ab:d7:cf:89:c7:62:d7:96:03:
46:a3:4b:e0:f1:53:bb:cd:40:f1:80:5e:2e:d6:59:
b2:7f:4e:a9:30:a1:94:6b:71:a1:14:01:75:8d:59:
df:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:E7:84:3F:B2:4E:BD:B0:EE:43:96:3B:4D:BD:74:85:BF:14:A9:A9
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:8000::/36
Signature Algorithm: sha256WithRSAEncryption
2d:51:26:ef:22:77:b2:87:2d:d4:8e:10:82:a2:e0:33:a8:ce:
ea:02:a2:e2:5b:29:8f:8f:d4:ec:87:42:0b:1d:05:50:f0:39:
7c:1f:ae:c4:91:06:95:14:7a:af:43:7e:0c:8d:ab:46:c6:7e:
75:58:37:7e:d3:eb:eb:a7:8f:ef:91:22:a8:83:11:70:9c:93:
06:51:c9:86:16:68:bc:af:08:fe:bc:8f:a5:8a:40:a3:7b:36:
bd:cd:d3:97:b9:34:56:27:b0:ef:3c:4b:db:40:26:f7:da:c3:
e6:24:58:b9:41:c1:f3:c7:88:d7:29:cf:ec:89:ef:1b:75:f7:
27:64:75:fd:2a:c4:73:68:8c:74:e4:32:e4:48:25:88:9d:39:
53:68:3b:ad:61:2d:0d:b6:26:8b:64:81:4a:80:26:1d:9d:55:
66:26:3f:3f:6d:d4:61:a5:3a:fa:eb:ac:7b:ce:65:52:89:09:
8e:89:17:63:99:fe:18:0a:40:d2:c7:20:8b:64:f0:14:83:eb:
d8:c6:85:46:84:f0:99:2b:58:74:7b:e5:8d:0d:74:bb:ad:25:
f0:e1:73:87:5e:32:4b:04:ca:70:1c:5e:ea:50:81:c3:8c:7d:
4c:20:6e:ef:ef:9e:00:27:00:6d:cc:b5:32:dd:b4:c3:1c:a4:
3a:83:1a:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTE+YT/sjrN0FNsWpXoC/2Rfb1SEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMjNaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDExNTdmMzY1OTJlZDU4MjhkZTZiZTcwMDQ4MmViNmFhNGVlZDFkN2Q2ZjAw
ZDRjNGQ3ZDU5NzRkNDA0OWFkMWExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8e1JaUIqZ0pPJbT49624OUARzbbGn2H6Sk/Y0Vox2rn+BLK78aM4vRPrz/
RyzucSn1vY78KRp0JnPe7sEFE56wNbxkfPC+729AwSTUT+8ajJlSUn2tx+pL8FxV
+ZjYuCntjKMYmuwGanubndNIH/2DgA2Nm52H9P8l5AXVoIq8Ghc4VRmishIMXTPK
tPvK1v1JOF9gbdrHzV7cfqErPAcOxMJ3zWlbCZmYXO3sDCfZXv55FmVLX7G06NOR
DjnBB7dZTA7fbPVtAukSxBYFzfcCA0Sk/vS4q9fPicdi15YDRqNL4PFTu81A8YBe
LtZZsn9OqTChlGtxoRQBdY1Z3wUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTD54Q/
sk69sO5DljtNvXSFvxSpqTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZThmMWMxZjctODM4OS00ZmFmLTg3YzktZjRhMTgwZTdiY2RjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8WA
MA0GCSqGSIb3DQEBCwUAA4IBAQAtUSbvIneyhy3UjhCCouAzqM7qAqLiWymPj9Ts
h0ILHQVQ8Dl8H67EkQaVFHqvQ34MjatGxn51WDd+0+vrp4/vkSKogxFwnJMGUcmG
Fmi8rwj+vI+likCjeza9zdOXuTRWJ7DvPEvbQCb32sPmJFi5QcHzx4jXKc/sie8b
dfcnZHX9KsRzaIx05DLkSCWInTlTaDutYS0NtiaLZIFKgCYdnVVmJj8/bdRhpTr6
66x7zmVSiQmOiRdjmf4YCkDSxyCLZPAUg+vYxoVGhPCZK1h0e+WNDXS7rSXw4XOH
XjJLBMpwHF7qUIHDjH1MIG7v754AJwBtzLUy3bTDHKQ6gxp2
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:00:37 2025 by rpki-client