Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2743eb54-0e16-4048-a058-1bc32c140fc6.roa
File: 2743eb54-0e16-4048-a058-1bc32c140fc6.roa (raw, json)
Hash identifier: HZszycVl2oaSllOJBvNswOYz3SQJWBVNEaPYMZnUoRU=
Subject key identifier: B7:95:A2:6F:2A:65:E2:70:E0:80:83:F4:35:43:26:BB:7C:DE:77:BC
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 44A5E02EBA9FBE3A8CDA297FD62D84F54EC60F9F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2743eb54-0e16-4048-a058-1bc32c140fc6.roa
Signing time: Tue 15 Jul 2025 00:20:36 +0000
ROA not before: Tue 15 Jul 2025 00:20:36 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:b840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:a5:e0:2e:ba:9f:be:3a:8c:da:29:7f:d6:2d:84:f5:4e:c6:0f:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:36 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=0fe7f1df2522277b619316369684bcc51e3583a8e65a6bc55b2b2281e925898c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:a0:48:57:8f:43:07:a9:80:95:5f:0a:38:07:
5a:f7:d5:fc:3f:42:d1:dc:a0:f5:22:fd:77:5e:1d:
dd:eb:72:13:e1:6a:6f:aa:a4:07:69:55:aa:5b:4c:
b2:a1:44:32:2c:f3:4a:69:96:cc:a1:74:85:7e:b3:
ac:ca:77:b6:63:bb:9c:c4:bf:63:f8:93:bd:27:40:
e1:aa:fc:ba:49:db:2b:34:ab:16:aa:cc:5c:0d:23:
dd:68:b1:3c:d9:06:4f:0d:69:f6:67:ff:66:97:0e:
3e:c8:65:69:9d:db:fe:7c:3b:20:83:1a:7b:75:d0:
1f:30:c5:ed:b1:08:8b:2b:77:02:19:c9:7b:2c:7a:
5c:63:ad:53:f2:39:e0:98:4d:3c:55:27:ac:5c:d1:
fb:a7:0f:f6:4a:46:3f:0f:77:46:eb:08:9b:9b:56:
fd:d0:0d:d3:f0:73:0b:35:4e:0c:af:be:73:c5:a8:
2c:71:c2:f3:61:a3:a8:ad:bb:1a:56:9c:f4:f7:76:
83:f1:78:a1:ff:b9:34:ee:be:34:75:c6:cc:aa:e3:
4e:24:59:ba:93:db:cf:02:4d:b3:81:7a:2d:d2:d8:
ed:0c:d3:e5:01:35:d2:47:dc:1b:5d:e0:83:01:5a:
93:fc:52:00:93:b2:56:91:45:80:5f:5b:99:4b:e8:
c0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:95:A2:6F:2A:65:E2:70:E0:80:83:F4:35:43:26:BB:7C:DE:77:BC
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2743eb54-0e16-4048-a058-1bc32c140fc6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:b840::/46
Signature Algorithm: sha256WithRSAEncryption
5a:cf:a7:c8:0c:b9:0b:4f:d5:e9:17:75:8f:da:de:3a:6e:a2:
17:38:18:98:bb:5e:0b:db:67:58:55:d5:81:4d:d4:6c:2f:d2:
dd:da:93:1b:8b:50:6d:b7:d8:25:e8:52:7f:0e:c8:72:19:a3:
8f:96:51:f3:f1:97:dd:e3:af:21:9c:33:e1:ec:d4:16:54:38:
13:83:dc:c4:af:69:f1:e0:88:66:94:a6:ab:ba:7f:26:14:17:
68:de:3e:9a:e3:7d:4c:3f:c3:8c:bb:f4:9e:15:ef:01:a6:e0:
2d:9a:ed:51:d2:ea:c4:57:d5:e5:07:89:16:47:5e:5e:29:9d:
8a:35:f3:a7:84:b2:8b:f5:42:55:3d:4a:c4:ef:e5:8f:14:fe:
c5:bd:ac:a6:40:e3:ec:5d:a8:83:1a:99:6e:d8:5c:9a:c7:1e:
1e:cb:7e:24:f5:b9:85:2b:b7:7b:da:38:05:fe:ac:df:8c:94:
4b:5e:ec:7b:20:7b:67:63:22:09:92:b1:71:33:55:b1:36:3e:
c7:40:12:f0:9a:e1:3c:be:4c:b6:31:da:2d:8d:63:dd:e9:6c:
d2:49:ec:7b:34:03:90:48:44:c8:7b:8a:40:3c:13:27:7e:ae:
90:12:49:4d:b5:18:61:03:29:4c:db:7b:3f:dd:b9:6c:a7:69:
cf:7e:0b:4b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURKXgLrqfvjqM2il/1i2E9U7GD58wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwMzZaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmZTdmMWRmMjUyMjI3N2I2MTkzMTYzNjk2ODRiY2M1MWUzNTgzYThlNjVh
NmJjNTViMmIyMjgxZTkyNTg5OGMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPOgSFePQwepgJVfCjgHWvfV/D9C0dyg9SL9d14d3etyE+Fqb6qkB2lVqltM
sqFEMizzSmmWzKF0hX6zrMp3tmO7nMS/Y/iTvSdA4ar8uknbKzSrFqrMXA0j3Wix
PNkGTw1p9mf/ZpcOPshlaZ3b/nw7IIMae3XQHzDF7bEIiyt3AhnJeyx6XGOtU/I5
4JhNPFUnrFzR+6cP9kpGPw93RusIm5tW/dAN0/BzCzVODK++c8WoLHHC82GjqK27
Glac9Pd2g/F4of+5NO6+NHXGzKrjTiRZupPbzwJNs4F6LdLY7QzT5QE10kfcG13g
gwFak/xSAJOyVpFFgF9bmUvowPECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS3laJv
KmXicOCAg/Q1Qya7fN53vDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Mjc0M2ViNTQtMGUxNi00MDQ4LWEwNTgtMWJjMzJjMTQwZmM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8e4
QDANBgkqhkiG9w0BAQsFAAOCAQEAWs+nyAy5C0/V6Rd1j9reOm6iFzgYmLteC9tn
WFXVgU3UbC/S3dqTG4tQbbfYJehSfw7Ichmjj5ZR8/GX3eOvIZwz4ezUFlQ4E4Pc
xK9p8eCIZpSmq7p/JhQXaN4+muN9TD/DjLv0nhXvAabgLZrtUdLqxFfV5QeJFkde
XimdijXzp4Syi/VCVT1KxO/ljxT+xb2spkDj7F2ogxqZbthcmsceHst+JPW5hSu3
e9o4Bf6s34yUS17seyB7Z2MiCZKxcTNVsTY+x0AS8JrhPL5MtjHaLY1j3els0kns
ezQDkEhEyHuKQDwTJ36ukBJJTbUYYQMpTNt7P925bKdpz34LSw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:30:28 2025 by rpki-client