Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/eff6a3a5-b241-438e-ac29-04afb84fc11c.roa
File: eff6a3a5-b241-438e-ac29-04afb84fc11c.roa (raw, json)
Hash identifier: Sz6WS4M9RoSKKOM6o3zlzbLAG4uAyPjQTN15D6olgHM=
Subject key identifier: B6:4E:AD:80:4A:FB:F7:35:9F:F7:7D:48:0F:90:DB:71:8C:68:85:47
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7546DBB0EEAAADCC2070E2CF9BB4CD8A2A838527
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/eff6a3a5-b241-438e-ac29-04afb84fc11c.roa
Signing time: Fri 08 Aug 2025 00:40:03 +0000
ROA not before: Fri 08 Aug 2025 00:40:03 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc5:9800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:46:db:b0:ee:aa:ad:cc:20:70:e2:cf:9b:b4:cd:8a:2a:83:85:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 8 00:40:03 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=7a122bc37c1116ce3254c9b4746b110995463de8a4438d8fde57a4c9fa9a7e07, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2c:dc:1d:86:c0:a9:0c:ea:58:30:9d:b9:91:
9a:ee:ca:6a:20:3c:5f:fc:7b:79:b2:44:22:c9:3b:
1c:41:e8:12:e1:ed:4a:0f:b9:23:e7:e5:24:fa:99:
10:26:d9:1b:79:08:7d:3f:05:59:09:b3:25:74:2d:
47:11:37:a6:9c:d2:23:d0:d3:11:25:3c:15:47:f6:
8d:7c:4e:ea:41:1e:ba:b2:28:2e:99:f9:43:1d:6a:
9b:29:eb:62:1d:2f:11:55:84:69:72:95:77:2e:85:
bc:d5:61:8b:98:57:a2:60:ac:af:8f:f6:02:a0:9d:
1e:89:ef:1d:19:f2:fc:31:f6:b2:ed:49:f2:fa:cd:
e7:2b:04:e9:b6:f5:8c:c7:8d:7a:f8:32:df:15:fa:
3a:57:79:6b:d5:36:e1:9a:cf:d5:ee:36:bb:bc:e3:
c3:59:17:3f:51:3b:b9:7a:42:71:f9:76:e2:4a:c7:
b6:fd:b4:b0:85:09:a4:64:f3:62:ce:ff:f4:3e:97:
eb:0f:4e:21:79:bc:44:4e:5e:98:22:46:2a:86:b0:
c5:b6:3b:28:d6:42:11:a6:5c:9c:5e:5e:f0:b5:82:
fe:d8:e3:30:d1:a6:93:6d:82:34:77:38:b3:c6:46:
15:7b:9d:e2:8b:2a:9f:f0:55:1b:62:30:b4:63:8f:
a0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4E:AD:80:4A:FB:F7:35:9F:F7:7D:48:0F:90:DB:71:8C:68:85:47
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/eff6a3a5-b241-438e-ac29-04afb84fc11c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:9800::/40
Signature Algorithm: sha256WithRSAEncryption
9d:95:78:8a:1c:d9:03:88:19:ac:ea:93:a4:03:8c:cd:8c:bc:
2b:bf:b3:40:c4:20:25:2a:5c:b1:63:ed:78:b4:26:ce:71:f3:
a8:a3:0c:2d:16:f9:12:96:80:49:3a:ec:cd:77:0b:e6:19:4a:
9c:aa:4f:6b:53:1e:03:bf:e9:9f:89:8f:94:7b:5d:9a:03:a9:
3d:78:bb:97:2e:01:8c:63:8b:d7:a1:ff:22:0c:5c:d8:31:f0:
b2:6c:d0:0d:51:25:8b:a5:86:4e:0e:05:8f:e5:f9:f4:16:0f:
cc:c5:1c:53:ed:fa:7e:f0:1f:7f:54:d7:75:d4:4b:1e:4d:ac:
95:0a:af:0a:25:42:0a:f9:bb:43:92:a4:39:15:5e:37:bf:ae:
ab:54:c3:de:57:99:15:ee:30:36:fa:f6:ca:55:cd:b0:b6:93:
06:8e:f3:53:3a:33:a5:1a:cc:18:8e:f3:1f:de:b8:d9:b2:5a:
f8:c8:c0:0b:4c:5e:80:85:1f:2c:81:e9:80:29:dd:56:8a:49:
a4:cd:86:85:3d:04:1d:60:d1:dc:0f:48:ce:1e:44:b6:10:02:
85:5d:38:5a:d4:81:db:38:e4:7b:9a:52:6e:1c:88:94:fe:35:
e0:96:b1:4f:45:ff:38:3b:b1:c8:3f:66:25:77:e3:9e:00:c3:
d3:4e:16:b1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdUbbsO6qrcwgcOLPm7TNiiqDhScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDgwMDQwMDNaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhMTIyYmMzN2MxMTE2Y2UzMjU0YzliNDc0NmIxMTA5OTU0NjNkZThhNDQz
OGQ4ZmRlNTdhNGM5ZmE5YTdlMDcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAs3B2GwKkM6lgwnbmRmu7KaiA8X/x7ebJEIsk7HEHoEuHtSg+5I+flJPqZ
ECbZG3kIfT8FWQmzJXQtRxE3ppzSI9DTESU8FUf2jXxO6kEeurIoLpn5Qx1qmynr
Yh0vEVWEaXKVdy6FvNVhi5hXomCsr4/2AqCdHonvHRny/DH2su1J8vrN5ysE6bb1
jMeNevgy3xX6Old5a9U24ZrP1e42u7zjw1kXP1E7uXpCcfl24krHtv20sIUJpGTz
Ys7/9D6X6w9OIXm8RE5emCJGKoawxbY7KNZCEaZcnF5e8LWC/tjjMNGmk22CNHc4
s8ZGFXud4osqn/BVG2IwtGOPoEUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS2Tq2A
Svv3NZ/3fUgPkNtxjGiFRzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZWZmNmEzYTUtYjI0MS00MzhlLWFjMjktMDRhZmI4NGZjMTFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8WY
MA0GCSqGSIb3DQEBCwUAA4IBAQCdlXiKHNkDiBms6pOkA4zNjLwrv7NAxCAlKlyx
Y+14tCbOcfOoowwtFvkSloBJOuzNdwvmGUqcqk9rUx4Dv+mfiY+Ue12aA6k9eLuX
LgGMY4vXof8iDFzYMfCybNANUSWLpYZODgWP5fn0Fg/MxRxT7fp+8B9/VNd11Ese
TayVCq8KJUIK+btDkqQ5FV43v66rVMPeV5kV7jA2+vbKVc2wtpMGjvNTOjOlGswY
jvMf3rjZslr4yMALTF6AhR8sgemAKd1WikmkzYaFPQQdYNHcD0jOHkS2EAKFXTha
1IHbOOR7mlJuHIiU/jXglrFPRf84O7HIP2Yld+OeAMPTThax
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:26:28 2025 by rpki-client