Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
File: 2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa (raw, json)
Hash identifier: +VtF3Fri/aNkPuPK4XAMpArUz69r3mWiqQNVYNzYwQU=
Subject key identifier: 67:11:1D:DD:6B:14:6E:14:60:BA:44:EC:F4:48:FC:58:42:20:C4:85
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 32827ECA1F7F7851235359BCAFA73B8CEB20544C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
Signing time: Tue 15 Jul 2025 00:30:05 +0000
ROA not before: Tue 15 Jul 2025 00:30:05 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:6800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:82:7e:ca:1f:7f:78:51:23:53:59:bc:af:a7:3b:8c:eb:20:54:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:05 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=e6f8a947dcdb01c9ed1aa5aaeaa1d1b24a3ad240c9def39d58362e4f2c19d7b6, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7e:25:8b:53:b2:0c:17:78:3b:2d:f1:a6:35:
dd:d9:1e:cc:2f:5c:15:65:64:59:e7:20:5d:52:d2:
59:49:24:cd:e1:4d:eb:f9:6e:c9:dd:2e:e8:42:8d:
91:27:7d:b1:46:16:12:f7:b8:d6:72:2b:da:58:cb:
0c:4d:7d:05:ca:02:f3:35:46:fe:0b:3d:8d:10:bf:
2a:47:8b:fb:d1:12:53:dd:18:aa:76:05:b0:b7:dd:
e1:81:06:79:df:8c:e9:64:f1:86:48:12:02:96:ef:
22:f1:83:02:f3:4e:fc:32:f6:92:88:60:06:45:9f:
44:8d:80:7a:13:aa:3f:6e:b7:4f:25:cd:e3:f5:2c:
88:6b:2b:bc:5d:22:e6:8d:d0:c4:7f:b6:e6:69:a2:
a8:a2:f9:5d:ca:6c:b8:4d:c8:12:5f:a7:88:fd:ab:
2f:c9:1e:82:16:b2:15:41:5e:3c:ae:ff:d7:fe:aa:
e9:fd:cb:b4:0e:2a:fb:47:67:9c:81:5f:5f:c3:30:
05:cc:1d:7c:07:bc:c1:03:13:d5:d2:f0:b9:cc:0b:
45:ff:a6:53:38:d8:69:c7:fe:70:47:de:7f:55:6f:
f7:92:b0:68:50:7a:41:fd:2b:16:d0:b2:ee:08:b0:
ce:f8:51:37:e9:83:70:22:30:e6:1c:28:f6:9a:3c:
fa:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:11:1D:DD:6B:14:6E:14:60:BA:44:EC:F4:48:FC:58:42:20:C4:85
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:6800::/40
Signature Algorithm: sha256WithRSAEncryption
74:34:f3:31:73:5b:22:1e:f4:36:94:ae:eb:54:96:a1:ab:cb:
08:42:50:7d:f6:e9:13:d3:dc:83:c2:4d:72:7b:f3:89:33:36:
60:b8:44:b4:1e:f8:87:24:04:15:30:ca:63:92:a5:02:38:0a:
05:16:7a:95:be:9d:b4:96:d9:e6:d9:57:29:7c:1c:fd:d0:e0:
3c:6e:46:78:93:46:97:f4:79:0e:3d:ce:55:8e:2b:9d:57:b2:
e6:9c:2d:ee:51:f3:40:dd:db:bc:26:77:61:a7:b7:27:dc:ad:
10:e8:cc:ba:f1:05:df:32:22:2f:8c:a2:b8:59:81:05:b0:22:
06:3b:28:94:ce:bc:15:42:a0:10:a2:dc:79:d8:31:7a:e8:f0:
78:de:05:bd:43:13:96:e8:6d:7b:29:e2:b7:5a:e2:75:c5:38:
63:7b:b9:07:fc:19:5b:f9:86:4a:97:76:bd:e7:9a:1f:51:74:
0e:43:10:98:28:38:1b:3d:10:51:96:b4:e4:0a:2a:4e:37:49:
eb:cf:6d:98:a9:12:58:84:95:69:ec:ba:da:a2:c7:e3:07:43:
6c:14:9a:89:65:a3:8b:01:6d:fe:e5:a7:2f:27:3f:86:76:7e:
0f:fe:15:9d:b7:16:2d:61:52:83:db:22:44:cb:da:f7:47:36:
0c:f9:38:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMoJ+yh9/eFEjU1m8r6c7jOsgVEwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMDVaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2ZjhhOTQ3ZGNkYjAxYzllZDFhYTVhYWVhYTFkMWIyNGEzYWQyNDBjOWRl
ZjM5ZDU4MzYyZTRmMmMxOWQ3YjYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZ+JYtTsgwXeDst8aY13dkezC9cFWVkWecgXVLSWUkkzeFN6/luyd0u6EKN
kSd9sUYWEve41nIr2ljLDE19BcoC8zVG/gs9jRC/KkeL+9ESU90YqnYFsLfd4YEG
ed+M6WTxhkgSApbvIvGDAvNO/DL2kohgBkWfRI2AehOqP263TyXN4/UsiGsrvF0i
5o3QxH+25mmiqKL5XcpsuE3IEl+niP2rL8keghayFUFePK7/1/6q6f3LtA4q+0dn
nIFfX8MwBcwdfAe8wQMT1dLwucwLRf+mUzjYacf+cEfef1Vv95KwaFB6Qf0rFtCy
7giwzvhRN+mDcCIw5hwo9po8+r0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRnER3d
axRuFGC6ROz0SPxYQiDEhTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MmE4MmIwM2UtNTE3Yy00YTgxLTk2YWItMmNmNjA0OWE3ZjNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8No
MA0GCSqGSIb3DQEBCwUAA4IBAQB0NPMxc1siHvQ2lK7rVJahq8sIQlB99ukT09yD
wk1ye/OJMzZguES0HviHJAQVMMpjkqUCOAoFFnqVvp20ltnm2VcpfBz90OA8bkZ4
k0aX9HkOPc5VjiudV7LmnC3uUfNA3du8Jndhp7cn3K0Q6My68QXfMiIvjKK4WYEF
sCIGOyiUzrwVQqAQotx52DF66PB43gW9QxOW6G17KeK3WuJ1xThje7kH/Blb+YZK
l3a955ofUXQOQxCYKDgbPRBRlrTkCipON0nrz22YqRJYhJVp7LraosfjB0NsFJqJ
ZaOLAW3+5acvJz+Gdn4P/hWdtxYtYVKD2yJEy9r3RzYM+Tie
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:25 2025 by rpki-client