Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ea65bcc4-9fce-4b6f-a493-4a17ef1306cf.roa
File: ea65bcc4-9fce-4b6f-a493-4a17ef1306cf.roa (raw, json)
Hash identifier: GizzJzEEQkbhf89WfcCIAmWzwWqQmF7ucqsa840/PgU=
Subject key identifier: EC:E8:E9:EF:FB:FD:B6:51:B5:FD:9C:F9:AB:C1:EA:CF:49:EE:AC:95
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 79DF6F6B7274079EECB831532CDCB975D5A7198E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ea65bcc4-9fce-4b6f-a493-4a17ef1306cf.roa
Signing time: Sat 09 Aug 2025 00:21:16 +0000
ROA not before: Sat 09 Aug 2025 00:21:16 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:df:6f:6b:72:74:07:9e:ec:b8:31:53:2c:dc:b9:75:d5:a7:19:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:16 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=77b32f508b48c0684752ee4be2fe40271fd8e8d547965d3850f6414a90e2fe34, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:92:f1:4a:4b:99:af:db:6c:8f:46:80:07:bf:
a0:6d:b3:34:4a:72:9f:44:14:d9:cb:79:54:06:fa:
b3:42:91:4a:9b:82:17:ed:06:f5:1e:36:54:87:74:
9b:59:c9:19:d9:9f:0a:54:47:2e:fa:d5:6c:8e:a6:
bb:80:7b:75:ce:47:c0:36:82:ee:27:fa:13:0f:87:
0a:f4:9d:97:15:72:a2:59:5e:93:d4:31:1c:f0:12:
79:1d:42:e5:9c:13:e5:31:f6:10:35:56:f7:22:b3:
29:0f:15:ec:ab:29:3a:f6:22:ae:28:67:ef:67:8a:
2b:26:1a:83:7e:75:37:a1:1d:2d:84:44:c5:50:34:
3b:1f:14:85:5e:22:6b:63:90:32:0d:53:4d:ad:60:
c7:0f:b3:2c:a1:a0:ea:43:78:85:d7:6b:1f:b5:dd:
d3:51:f8:43:7d:59:0d:fc:7d:be:69:96:b3:24:20:
5a:6e:04:69:5c:d3:dc:d6:2a:27:b4:10:d7:c1:79:
83:a1:5d:1c:25:21:6c:ba:11:c2:76:90:62:5b:f2:
90:52:3c:5f:6e:1a:8f:cb:63:61:70:70:71:15:8b:
2d:b5:f0:40:27:64:a8:45:a7:b5:43:5d:7b:bc:14:
83:41:e3:ac:2d:22:c2:70:86:0b:2f:ff:f6:6f:6d:
f8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E8:E9:EF:FB:FD:B6:51:B5:FD:9C:F9:AB:C1:EA:CF:49:EE:AC:95
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ea65bcc4-9fce-4b6f-a493-4a17ef1306cf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:1000::/36
Signature Algorithm: sha256WithRSAEncryption
46:09:e6:47:55:01:92:d0:5b:61:b5:d8:62:6c:2d:b9:41:e1:
1b:c5:43:e8:c6:d6:08:44:27:db:d9:89:0f:13:cd:94:cd:6a:
fd:b0:f6:ed:05:46:7d:16:2f:a2:15:14:33:cc:d8:d6:50:92:
58:ad:c7:99:cd:56:cf:19:b4:e9:4e:ca:cf:ec:3a:cb:51:50:
fe:fa:a7:3f:cf:4c:0d:53:7e:22:81:4f:93:2c:2b:b1:5e:4f:
0f:ef:ff:3d:58:c0:7a:8e:16:aa:e9:59:8c:c7:29:00:bc:dd:
26:18:bd:99:98:11:bd:dd:cf:46:06:04:36:71:3c:0c:1b:0d:
9a:f1:04:59:19:04:21:35:ce:80:6f:52:76:6f:c5:cd:95:8e:
18:21:7f:fb:6d:e7:e1:85:51:b2:2d:85:74:89:df:56:70:f4:
dd:cf:28:fb:0f:b2:53:33:f4:c8:63:38:28:95:5a:ef:0e:8a:
b8:a7:36:7b:3b:b0:1b:be:43:74:28:66:49:3a:c4:88:bd:34:
88:65:c0:b7:54:5e:78:d2:d8:80:08:50:e7:8c:d6:f7:50:d4:
d1:34:dd:40:c4:87:f8:8c:3d:da:3c:6b:a7:92:64:90:69:cb:
f6:35:4e:76:8d:7c:3b:62:9b:1c:e7:01:9f:f7:b1:3e:cc:01:
e9:ad:e6:f7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUed9va3J0B57suDFTLNy5ddWnGY4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMTZaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3YjMyZjUwOGI0OGMwNjg0NzUyZWU0YmUyZmU0MDI3MWZkOGU4ZDU0Nzk2
NWQzODUwZjY0MTRhOTBlMmZlMzQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPOS8UpLma/bbI9GgAe/oG2zNEpyn0QU2ct5VAb6s0KRSpuCF+0G9R42VId0
m1nJGdmfClRHLvrVbI6mu4B7dc5HwDaC7if6Ew+HCvSdlxVyollek9QxHPASeR1C
5ZwT5TH2EDVW9yKzKQ8V7KspOvYirihn72eKKyYag351N6EdLYRExVA0Ox8UhV4i
a2OQMg1TTa1gxw+zLKGg6kN4hddrH7Xd01H4Q31ZDfx9vmmWsyQgWm4EaVzT3NYq
J7QQ18F5g6FdHCUhbLoRwnaQYlvykFI8X24aj8tjYXBwcRWLLbXwQCdkqEWntUNd
e7wUg0HjrC0iwnCGCy//9m9t+G8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTs6Onv
+/22UbX9nPmrwerPSe6slTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZWE2NWJjYzQtOWZjZS00YjZmLWE0OTMtNGExN2VmMTMwNmNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBGCeZHVQGS0FthtdhibC25QeEbxUPoxtYIRCfb
2YkPE82UzWr9sPbtBUZ9Fi+iFRQzzNjWUJJYrceZzVbPGbTpTsrP7DrLUVD++qc/
z0wNU34igU+TLCuxXk8P7/89WMB6jhaq6VmMxykAvN0mGL2ZmBG93c9GBgQ2cTwM
Gw2a8QRZGQQhNc6Ab1J2b8XNlY4YIX/7befhhVGyLYV0id9WcPTdzyj7D7JTM/TI
YzgolVrvDoq4pzZ7O7AbvkN0KGZJOsSIvTSIZcC3VF540tiACFDnjNb3UNTRNN1A
xIf4jD3aPGunkmSQacv2NU52jXw7Ypsc5wGf97E+zAHpreb3
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:46:31 2025 by rpki-client