Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
File: 1d757286-8eda-42c2-aecf-19a8c013dc64.roa (raw, json)
Hash identifier: 5AAcZv9PYF3qJIvPC5enhDsL99vpLQiao5q+6ba5Z9k=
Subject key identifier: 56:81:6F:74:15:6F:6D:9F:7F:CE:7E:DA:5A:0A:B3:3E:51:20:4A:E1
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1591B725B350263CEECAFD8B0DA440B05C3A7169
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
Signing time: Tue 15 Jul 2025 00:30:10 +0000
ROA not before: Tue 15 Jul 2025 00:30:10 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:91:b7:25:b3:50:26:3c:ee:ca:fd:8b:0d:a4:40:b0:5c:3a:71:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:10 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=ee144f8b7f6df48156524a74c2b1cbd8891fc5a8c5737387a149259c4270d1b1, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fc:d7:88:31:7e:70:1a:82:dd:f5:aa:cd:29:
85:51:b0:57:31:59:07:6b:9f:12:56:ff:dd:6b:0c:
10:87:97:7b:f9:16:23:ac:a5:81:c7:d6:5f:e7:71:
ce:b4:08:eb:d6:0f:05:2e:98:92:f3:97:db:e7:96:
f5:55:73:e7:9b:64:35:d8:77:98:f3:67:f3:4d:cd:
89:75:1e:25:a8:66:13:16:b1:d0:04:a2:15:5e:e6:
63:c5:e4:e1:33:3a:50:a9:8e:c7:f2:01:8b:f1:85:
f3:e7:51:26:a0:10:05:c8:bb:06:42:c4:d0:25:ee:
f0:6f:2e:ae:58:77:49:65:01:40:a2:a4:01:eb:d5:
da:a5:f6:2d:80:a4:95:c3:47:45:62:f8:e1:b9:43:
84:96:09:70:9f:8b:af:7b:b4:e1:a9:a4:ac:3d:27:
fb:93:7e:01:1c:a5:97:11:aa:0e:2d:05:35:ea:4f:
2e:a4:6f:19:a2:50:e5:b2:94:3b:82:b6:14:66:d8:
13:23:85:05:76:1d:46:88:7a:19:ac:53:d4:7a:aa:
4b:3d:33:25:3f:72:96:5d:64:10:31:74:cd:0e:22:
1a:6b:bc:31:fc:80:1e:0c:dc:b9:b0:1d:3d:6e:bb:
01:11:85:57:be:fb:c1:4b:37:45:3c:66:74:35:27:
b3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:81:6F:74:15:6F:6D:9F:7F:CE:7E:DA:5A:0A:B3:3E:51:20:4A:E1
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8400::/38
Signature Algorithm: sha256WithRSAEncryption
6f:9b:c0:08:00:ff:e4:54:da:1d:8d:69:44:25:45:c1:6f:a1:
c5:3c:d8:8a:be:6c:be:04:71:74:e5:ae:d9:b5:bf:4b:0f:59:
f0:18:88:a2:16:a4:3b:65:c2:67:03:48:16:50:e2:ff:fa:a3:
6c:e2:ed:9f:94:cc:21:13:78:a2:ab:71:ca:a2:b8:30:54:70:
2c:b0:21:74:e9:7e:27:2e:d2:e0:19:ed:f8:5b:94:21:cb:86:
51:f3:cc:fa:9b:21:63:00:8e:9d:04:fc:98:cb:1d:00:39:cf:
00:87:43:62:55:3c:a6:f7:b2:65:6d:61:72:d1:fb:80:2f:87:
31:e7:06:71:20:2e:2b:c1:c9:dc:8c:d8:7d:e9:ec:88:8c:c3:
09:9c:1e:3d:15:32:15:f3:8b:12:4c:b4:e1:f5:da:5c:06:76:
48:04:49:7c:78:0f:55:e4:30:44:c7:75:e4:59:f9:06:97:c3:
04:d5:58:a3:74:d9:77:27:be:32:c2:75:b8:cd:21:41:5a:50:
b2:33:44:23:87:9d:1a:0e:46:cd:1a:16:52:57:ac:4b:b6:64:
8c:4c:b4:4d:dd:3e:ab:0a:55:7d:2d:09:ef:8a:ea:26:c8:44:
49:b4:db:59:a4:45:fd:8a:8c:8a:09:2f:40:f9:65:52:b1:fa:
b1:2a:46:8d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFZG3JbNQJjzuyv2LDaRAsFw6cWkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMTBaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlMTQ0ZjhiN2Y2ZGY0ODE1NjUyNGE3NGMyYjFjYmQ4ODkxZmM1YThjNTcz
NzM4N2ExNDkyNTljNDI3MGQxYjExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3814gxfnAagt31qs0phVGwVzFZB2ufElb/3WsMEIeXe/kWI6ylgcfWX+dx
zrQI69YPBS6YkvOX2+eW9VVz55tkNdh3mPNn803NiXUeJahmExax0ASiFV7mY8Xk
4TM6UKmOx/IBi/GF8+dRJqAQBci7BkLE0CXu8G8urlh3SWUBQKKkAevV2qX2LYCk
lcNHRWL44blDhJYJcJ+Lr3u04amkrD0n+5N+ARyllxGqDi0FNepPLqRvGaJQ5bKU
O4K2FGbYEyOFBXYdRoh6GaxT1HqqSz0zJT9yll1kEDF0zQ4iGmu8MfyAHgzcubAd
PW67ARGFV777wUs3RTxmdDUns/8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRWgW90
FW9tn3/OftpaCrM+USBK4TAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWQ3NTcyODYtOGVkYS00MmMyLWFlY2YtMTlhOGMwMTNkYzY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GE
MA0GCSqGSIb3DQEBCwUAA4IBAQBvm8AIAP/kVNodjWlEJUXBb6HFPNiKvmy+BHF0
5a7Ztb9LD1nwGIiiFqQ7ZcJnA0gWUOL/+qNs4u2flMwhE3iiq3HKorgwVHAssCF0
6X4nLtLgGe34W5Qhy4ZR88z6myFjAI6dBPyYyx0AOc8Ah0NiVTym97JlbWFy0fuA
L4cx5wZxIC4rwcncjNh96eyIjMMJnB49FTIV84sSTLTh9dpcBnZIBEl8eA9V5DBE
x3XkWfkGl8ME1VijdNl3J74ywnW4zSFBWlCyM0Qjh50aDkbNGhZSV6xLtmSMTLRN
3T6rClV9LQnviuomyERJtNtZpEX9ioyKCS9A+WVSsfqxKkaN
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:45:08 2025 by rpki-client