Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
File: 4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa (raw, json)
Hash identifier: hxddN/PKqtrky+pAL86DXQkt/FUp8d5V/PMGxNZOso8=
Subject key identifier: 01:12:AE:52:5C:6B:64:6F:89:C1:7A:80:A6:66:4B:A5:E5:0D:96:0A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 01F167BD37B63D7CF755B0882616A6D250C32CF5
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
Signing time: Tue 15 Jul 2025 00:21:11 +0000
ROA not before: Tue 15 Jul 2025 00:21:11 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:f1:67:bd:37:b6:3d:7c:f7:55:b0:88:26:16:a6:d2:50:c3:2c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:11 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=2bc1525069bb28201daf59e20dcb85e70ed52c86b52d88046e53c81674f47e6a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:46:96:1f:59:13:cd:2c:1f:7f:87:80:b7:7c:
3d:92:98:35:6b:c2:ad:a1:1d:45:d0:4f:0f:64:da:
d8:42:51:61:ad:e2:69:d2:d3:04:09:e5:e9:cf:7a:
fc:c2:64:da:e9:10:49:60:c3:d0:50:3f:d9:91:1f:
30:f2:67:0b:ba:8f:1b:ba:55:a4:a4:4b:cc:5d:13:
68:67:d2:3f:2b:44:20:43:b6:94:a9:d8:78:96:42:
cb:69:95:40:e1:73:20:23:96:26:3e:28:26:0b:f7:
90:ec:1a:4f:de:80:41:08:a7:0a:d9:e1:ac:1a:7f:
cf:54:f9:2c:6c:c3:39:78:f5:08:7f:86:34:46:c7:
d7:6c:28:03:75:e5:c0:66:52:05:24:f7:93:f7:82:
02:0a:08:7f:33:34:6f:46:4d:d9:c7:7c:ea:31:ef:
0a:8f:ef:44:5d:0e:9f:77:26:93:24:a0:66:3e:9c:
9b:76:9d:83:53:4e:43:04:d3:2b:ca:4a:a6:2a:42:
2c:df:9a:b4:5e:92:25:48:9a:51:92:c4:4d:f0:43:
79:04:6d:27:19:29:01:fc:02:79:50:66:6d:8b:35:
a3:0d:d2:ab:d4:c9:fb:02:b9:e9:88:98:26:43:7f:
21:04:83:e6:f7:eb:6e:80:7e:02:dc:3b:7e:f3:dc:
ac:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:12:AE:52:5C:6B:64:6F:89:C1:7A:80:A6:66:4B:A5:E5:0D:96:0A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:840::/48
Signature Algorithm: sha256WithRSAEncryption
1c:c3:6f:7b:5c:28:a3:9d:8f:33:92:72:48:24:c3:67:ff:3d:
c6:12:e7:59:1d:bd:f2:46:0d:2d:e2:8f:0f:8e:ba:5c:b0:35:
2d:04:0d:9e:cd:fd:6b:e4:a4:ff:99:b7:26:b9:84:a1:18:33:
de:13:5f:c4:3f:3f:0c:a4:a2:4a:ab:55:90:3a:f8:37:11:f2:
f1:cb:82:cd:13:72:2d:1c:ba:7f:01:42:22:1c:d7:51:d7:ca:
32:37:d9:2d:8d:3c:a5:9e:e0:05:90:6f:81:ed:23:28:11:d4:
9f:ad:7b:7a:1d:c8:c1:c1:dd:16:23:44:18:3c:32:64:45:de:
61:3c:75:eb:a8:39:57:b7:86:23:f2:63:41:54:55:c2:60:b7:
c4:d7:ee:57:f6:a1:4e:2b:52:35:3b:03:cc:fd:79:4e:45:fd:
8c:5a:ef:12:43:23:dc:c2:3f:1a:e9:ee:44:21:9f:0e:6c:62:
4b:8d:12:28:89:cf:44:f0:df:9b:17:c1:13:a2:7a:e9:d6:85:
8f:84:08:25:2a:b8:66:30:f7:bc:0c:cf:83:e2:d5:e7:7b:42:
c1:a2:49:e9:85:8e:8c:ae:a0:17:6b:f5:fa:df:1a:28:13:a9:
b6:e8:bc:5c:22:b8:49:c5:b3:a7:99:25:84:a3:9b:5c:8c:b5:
64:3f:e0:b3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAfFnvTe2PXz3VbCIJham0lDDLPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMTFaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiYzE1MjUwNjliYjI4MjAxZGFmNTllMjBkY2I4NWU3MGVkNTJjODZiNTJk
ODgwNDZlNTNjODE2NzRmNDdlNmExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIdGlh9ZE80sH3+HgLd8PZKYNWvCraEdRdBPD2Ta2EJRYa3iadLTBAnl6c96
/MJk2ukQSWDD0FA/2ZEfMPJnC7qPG7pVpKRLzF0TaGfSPytEIEO2lKnYeJZCy2mV
QOFzICOWJj4oJgv3kOwaT96AQQinCtnhrBp/z1T5LGzDOXj1CH+GNEbH12woA3Xl
wGZSBST3k/eCAgoIfzM0b0ZN2cd86jHvCo/vRF0On3cmkySgZj6cm3adg1NOQwTT
K8pKpipCLN+atF6SJUiaUZLETfBDeQRtJxkpAfwCeVBmbYs1ow3Sq9TJ+wK56YiY
JkN/IQSD5vfrboB+Atw7fvPcrKcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQBEq5S
XGtkb4nBeoCmZkul5Q2WCjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NGMzYTc4YmYtZDljZi00MThmLThhM2EtOGMzZTcyNDcwYzFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
QDANBgkqhkiG9w0BAQsFAAOCAQEAHMNve1woo52PM5JySCTDZ/89xhLnWR298kYN
LeKPD466XLA1LQQNns39a+Sk/5m3JrmEoRgz3hNfxD8/DKSiSqtVkDr4NxHy8cuC
zRNyLRy6fwFCIhzXUdfKMjfZLY08pZ7gBZBvge0jKBHUn617eh3IwcHdFiNEGDwy
ZEXeYTx166g5V7eGI/JjQVRVwmC3xNfuV/ahTitSNTsDzP15TkX9jFrvEkMj3MI/
GunuRCGfDmxiS40SKInPRPDfmxfBE6J66daFj4QIJSq4ZjD3vAzPg+LV53tCwaJJ
6YWOjK6gF2v1+t8aKBOptui8XCK4ScWzp5klhKObXIy1ZD/gsw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:45:24 2025 by rpki-client