Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa
File: 3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa (raw, json)
Hash identifier: CQVtZu9EsgkfTYUXTh1l0bPwEgcKbX4imbO1OqxAyy4=
Subject key identifier: B7:6C:4C:0E:90:32:BC:3F:94:EA:A8:92:D5:DA:2E:8F:AB:91:1D:09
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 38E4AF87FEEA54DF1CF53A8F45A414B8DD0FCF07
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa
Signing time: Tue 15 Jul 2025 00:20:32 +0000
ROA not before: Tue 15 Jul 2025 00:20:32 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:5840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:e4:af:87:fe:ea:54:df:1c:f5:3a:8f:45:a4:14:b8:dd:0f:cf:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:32 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=04651ba548f11c7943ae1dbbef0bbab3e3ab0ab08cee35bdfd41fd1bda6a8934, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:80:13:4b:95:71:a7:cc:8f:b8:49:7d:eb:f9:
78:cb:61:b3:bb:ad:fb:1b:0e:ff:68:ee:5d:e1:c9:
f3:aa:eb:6c:e4:bb:71:4c:b9:2a:f6:5e:74:e5:97:
bd:af:35:c7:0a:1f:6f:b6:c6:14:e7:de:8c:88:c4:
03:2d:83:fb:7b:49:09:5d:a1:b6:99:6d:eb:06:22:
15:f5:e0:14:01:25:62:54:9f:89:6c:4e:27:1a:6f:
1b:44:6b:ae:0a:ff:cc:0a:f8:35:59:ef:8b:46:c3:
5c:7f:2c:cf:a3:1c:ee:3f:a8:77:3c:c2:a9:d4:c6:
b4:9a:a2:d7:02:95:5c:52:5e:da:9f:37:24:d9:05:
e9:68:81:67:20:a3:1b:be:3c:f3:05:5f:fb:e9:28:
40:45:f0:7a:c0:ec:73:ce:d7:e3:bd:a5:33:e2:67:
6e:bf:7e:ba:64:7b:1a:bd:c2:2f:9b:36:fc:24:03:
6e:39:cb:05:6e:18:db:17:1b:d6:51:73:1e:5e:c3:
b8:b6:d1:b0:bc:ad:8f:6d:08:9e:38:b4:6c:88:06:
46:6b:7f:05:a2:ba:75:f3:12:7e:c5:32:f9:f8:e6:
20:d0:fc:69:fe:27:b8:da:1f:5b:63:cd:5f:b9:4c:
e9:cf:c8:44:6e:05:f2:1f:cf:44:bd:1d:d0:c9:91:
20:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:6C:4C:0E:90:32:BC:3F:94:EA:A8:92:D5:DA:2E:8F:AB:91:1D:09
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:5840::/46
Signature Algorithm: sha256WithRSAEncryption
01:2b:d5:29:77:61:04:68:c0:02:07:f4:ad:11:6e:5a:e5:b4:
19:3d:28:12:15:f5:5a:8b:b9:de:70:1d:0c:04:8c:d1:0b:23:
64:91:4f:cd:ec:39:7a:3d:40:d1:58:5b:dc:9a:bd:3e:3b:dc:
1b:18:c8:ea:64:db:27:be:9f:c7:f2:b6:34:3d:f2:de:b0:c4:
06:58:a7:d0:2e:09:44:dc:6e:de:07:07:01:57:c1:c5:14:cb:
9a:24:7b:a2:e0:28:98:55:07:b1:74:04:52:64:4c:83:ba:a3:
af:0d:aa:c0:28:45:e2:e9:78:bb:63:0b:9b:1d:39:91:b6:d1:
c0:76:e1:2c:a4:02:eb:ef:c1:c0:1e:a6:38:bf:8a:5b:8e:82:
c1:c9:c0:31:39:0c:40:7a:28:0c:44:5c:3a:95:3f:5b:a4:7e:
aa:7f:15:d0:91:c0:bc:33:46:54:9a:a7:35:64:7f:3a:77:01:
c9:63:2e:0b:9f:ba:b6:0e:ef:95:b0:cb:6b:9f:51:7e:9c:37:
f7:18:d3:df:e4:58:19:68:49:d3:99:94:11:35:c2:53:a3:04:
b1:b0:7f:9e:b8:05:f2:f2:c6:e9:4c:d0:58:a3:74:6f:d0:19:
ca:14:3d:be:85:f2:fc:b0:a8:ef:55:0b:04:22:e0:a4:f4:86:
e6:87:fd:76
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOOSvh/7qVN8c9TqPRaQUuN0PzwcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwMzJaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0NjUxYmE1NDhmMTFjNzk0M2FlMWRiYmVmMGJiYWIzZTNhYjBhYjA4Y2Vl
MzViZGZkNDFmZDFiZGE2YTg5MzQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOAE0uVcafMj7hJfev5eMths7ut+xsO/2juXeHJ86rrbOS7cUy5KvZedOWX
va81xwofb7bGFOfejIjEAy2D+3tJCV2htplt6wYiFfXgFAElYlSfiWxOJxpvG0Rr
rgr/zAr4NVnvi0bDXH8sz6Mc7j+odzzCqdTGtJqi1wKVXFJe2p83JNkF6WiBZyCj
G7488wVf++koQEXwesDsc87X472lM+Jnbr9+umR7Gr3CL5s2/CQDbjnLBW4Y2xcb
1lFzHl7DuLbRsLytj20Inji0bIgGRmt/BaK6dfMSfsUy+fjmIND8af4nuNofW2PN
X7lM6c/IRG4F8h/PRL0d0MmRIEMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS3bEwO
kDK8P5TqqJLV2i6Pq5EdCTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzcxMDY1NGEtMzhlZS00ZmMyLThmNjgtOTYxMmFiNDViYmMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8NY
QDANBgkqhkiG9w0BAQsFAAOCAQEAASvVKXdhBGjAAgf0rRFuWuW0GT0oEhX1Wou5
3nAdDASM0QsjZJFPzew5ej1A0Vhb3Jq9PjvcGxjI6mTbJ76fx/K2ND3y3rDEBlin
0C4JRNxu3gcHAVfBxRTLmiR7ouAomFUHsXQEUmRMg7qjrw2qwChF4ul4u2MLmx05
kbbRwHbhLKQC6+/BwB6mOL+KW46CwcnAMTkMQHooDERcOpU/W6R+qn8V0JHAvDNG
VJqnNWR/OncByWMuC5+6tg7vlbDLa59Rfpw39xjT3+RYGWhJ05mUETXCU6MEsbB/
nrgF8vLG6UzQWKN0b9AZyhQ9voXy/LCo71ULBCLgpPSG5of9dg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:48:50 2025 by rpki-client