Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
File: 1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa (raw, json)
Hash identifier: h/EtzdBe7XzhnMxWThdadEA7/HcZMNsqTQj4wOF3sOw=
Subject key identifier: 26:9C:F8:03:B5:A4:81:58:C6:24:6B:71:51:FF:D5:87:21:46:B6:E0
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 018C20CCEA94CCFB79D0A78A9B1E527A10AFDE5B
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
Signing time: Tue 15 Jul 2025 00:30:12 +0000
ROA not before: Tue 15 Jul 2025 00:30:12 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:20:cc:ea:94:cc:fb:79:d0:a7:8a:9b:1e:52:7a:10:af:de:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:12 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=1e4cbf1e3b0199b94416cca063d87197487621e4e09b1628b1e12f4439f8cc4f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:52:c9:6f:54:6b:87:ae:73:04:4a:da:59:36:
bf:22:23:e3:76:d8:4e:73:ef:65:f4:f6:1c:9f:3d:
23:ae:d5:e5:6c:bd:60:33:77:c9:7c:a6:90:31:25:
72:5c:46:16:0e:9e:62:c4:c7:75:b6:0e:d2:fd:33:
b4:81:d7:dc:c3:a5:3a:84:d8:32:16:21:c0:bb:3d:
b2:8a:3b:6e:e8:5b:52:71:f6:6c:d2:2a:6e:1d:88:
81:3f:88:27:03:bd:2b:10:d2:98:38:61:b4:79:ee:
a4:71:d9:9f:be:08:6b:35:2f:44:9f:e7:2c:9c:bf:
0f:e8:78:09:10:cb:bc:57:19:5a:be:d5:34:9d:84:
06:01:1e:3a:df:54:80:e6:fa:55:89:da:1c:ed:09:
de:c6:fe:1f:ad:2e:1b:d5:31:f4:b9:f6:6f:7e:6d:
14:1c:87:40:4a:cd:da:23:77:8b:5f:66:7e:18:f7:
0e:82:c1:a2:62:ca:74:14:b9:98:78:b3:13:c5:7a:
58:3a:2d:54:80:fb:bd:e2:7e:d1:2c:8c:01:11:b0:
b1:72:c5:bd:41:74:a9:0e:51:14:3a:bf:a0:a5:ee:
2d:1c:43:a7:66:fc:12:ac:1d:d4:2c:4e:47:c8:5e:
b3:c2:d1:66:26:6f:12:7b:c4:94:a7:ee:a1:75:69:
48:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:9C:F8:03:B5:A4:81:58:C6:24:6B:71:51:FF:D5:87:21:46:B6:E0
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8c00::/38
Signature Algorithm: sha256WithRSAEncryption
ab:bc:36:22:13:91:7b:83:d7:84:b5:af:74:b5:f5:0a:0f:1d:
a1:bf:33:e0:9c:53:c4:03:6a:c7:d0:6c:af:e3:a9:55:59:96:
47:2d:f3:ec:98:34:e7:eb:e7:97:79:e5:06:8d:82:dd:eb:95:
5f:44:9d:b4:97:e8:7f:1e:ea:f2:3d:19:37:51:46:ae:3e:d9:
d4:fd:09:bb:8e:52:3f:8d:67:49:21:f8:01:f3:16:ad:0d:8b:
33:6e:0c:7d:95:16:84:a1:b2:74:0d:bb:07:f7:17:65:42:a3:
21:ef:4f:d1:82:e4:71:6c:a8:fa:b2:98:e4:81:69:16:a0:14:
0f:5e:f6:9b:71:6f:b9:55:ec:31:cf:6b:7f:fd:6e:0f:00:13:
a6:a7:9a:23:3c:fd:0b:70:8d:97:85:a9:c4:23:9d:86:df:81:
85:74:c8:2a:36:e2:ca:c0:b6:00:ba:99:11:78:b1:19:23:d0:
8e:7f:79:7f:e4:da:ac:1b:a3:e1:14:c3:d3:38:7e:3e:ec:cf:
0b:ca:fd:65:58:64:e4:26:75:c2:f5:99:ee:3a:7d:2d:15:df:
5c:92:1a:c5:1c:e0:60:d1:14:34:78:16:71:6b:b5:14:a6:db:
39:36:70:a2:09:d9:fc:a6:32:1d:62:f8:7c:0f:07:da:6c:00:
f0:66:50:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAYwgzOqUzPt50KeKmx5SehCv3lswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMTJaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlNGNiZjFlM2IwMTk5Yjk0NDE2Y2NhMDYzZDg3MTk3NDg3NjIxZTRlMDli
MTYyOGIxZTEyZjQ0MzlmOGNjNGYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVSyW9Ua4eucwRK2lk2vyIj43bYTnPvZfT2HJ89I67V5Wy9YDN3yXymkDEl
clxGFg6eYsTHdbYO0v0ztIHX3MOlOoTYMhYhwLs9soo7buhbUnH2bNIqbh2IgT+I
JwO9KxDSmDhhtHnupHHZn74IazUvRJ/nLJy/D+h4CRDLvFcZWr7VNJ2EBgEeOt9U
gOb6VYnaHO0J3sb+H60uG9Ux9Ln2b35tFByHQErN2iN3i19mfhj3DoLBomLKdBS5
mHizE8V6WDotVID7veJ+0SyMARGwsXLFvUF0qQ5RFDq/oKXuLRxDp2b8Eqwd1CxO
R8hes8LRZiZvEnvElKfuoXVpSCsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQmnPgD
taSBWMYka3FR/9WHIUa24DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWY3YjJlMzQtYTA0MS00YjEyLWE1YjAtNWFmMGQ2ZjQzYjlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GM
MA0GCSqGSIb3DQEBCwUAA4IBAQCrvDYiE5F7g9eEta90tfUKDx2hvzPgnFPEA2rH
0Gyv46lVWZZHLfPsmDTn6+eXeeUGjYLd65VfRJ20l+h/HuryPRk3UUauPtnU/Qm7
jlI/jWdJIfgB8xatDYszbgx9lRaEobJ0DbsH9xdlQqMh70/RguRxbKj6spjkgWkW
oBQPXvabcW+5Vewxz2t//W4PABOmp5ojPP0LcI2XhanEI52G34GFdMgqNuLKwLYA
upkReLEZI9COf3l/5NqsG6PhFMPTOH4+7M8Lyv1lWGTkJnXC9ZnuOn0tFd9ckhrF
HOBg0RQ0eBZxa7UUpts5NnCiCdn8pjIdYvh8DwfabADwZlBX
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:29 2025 by rpki-client