Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
File: 50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa (raw, json)
Hash identifier: 88zgZMy4Wt2Qr5FgJfEYqyR0dM8aLHFNY3wLnz5qsbc=
Subject key identifier: 58:84:D8:47:84:26:B7:BC:68:B3:35:F1:50:00:B5:42:74:70:ED:90
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 520E7EC2AE0AFA8BCFDCD2B664F2681F1DBC62E6
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
Signing time: Tue 15 Jul 2025 00:30:21 +0000
ROA not before: Tue 15 Jul 2025 00:30:21 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:c000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:0e:7e:c2:ae:0a:fa:8b:cf:dc:d2:b6:64:f2:68:1f:1d:bc:62:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:21 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=778907d2fab4e1859ef948f872a90b04a344380139779bca0d64abf791889858, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f8:1d:27:ae:d9:8a:4a:ea:27:63:39:18:1f:
f6:13:93:2d:88:d3:90:c7:20:76:39:7e:06:a2:56:
18:0a:ee:f0:7f:f4:d2:53:8a:fa:dd:b9:46:16:5e:
07:de:fc:d1:ed:fb:b7:ec:a8:2f:0c:c6:11:1f:f9:
64:80:ba:b7:98:9b:a0:80:8f:50:1c:a0:4c:15:55:
9f:2d:8b:24:a2:96:53:f6:c4:55:9c:0c:ef:41:af:
11:d3:30:b5:f5:2e:13:20:87:e5:bd:77:fa:84:08:
1c:a5:44:3c:ef:64:e1:34:7d:5f:dd:b2:2f:f8:41:
d8:e4:5f:4f:66:3e:d5:fb:5e:8e:30:4d:6c:99:b2:
6e:75:a5:b4:57:a6:74:7f:8c:f3:2a:d7:cf:81:2f:
dd:07:f1:cb:c7:ab:ae:07:a5:0d:b1:71:79:d3:98:
85:c4:de:18:03:24:fa:a5:83:07:d9:5a:63:b3:f4:
17:af:2d:44:e1:07:58:e4:43:6e:98:ef:3d:7b:06:
4a:18:a6:8d:72:d1:99:1c:ac:b5:fc:06:be:52:23:
0e:a4:e7:8e:0d:a1:9d:ce:66:7e:0f:ae:17:30:a4:
1a:f2:9c:a9:df:18:e5:44:a2:37:9d:ee:df:05:e2:
a9:37:02:90:9b:f3:8f:e0:04:a9:9c:bf:87:d5:bc:
ec:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:84:D8:47:84:26:B7:BC:68:B3:35:F1:50:00:B5:42:74:70:ED:90
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:c000::/36
Signature Algorithm: sha256WithRSAEncryption
6d:85:ec:94:eb:0c:65:60:e7:ca:bc:b0:60:35:83:82:f9:68:
84:bf:5c:6d:cf:42:aa:50:5c:11:a2:20:2d:24:e7:00:60:bf:
51:84:7a:3c:f8:84:83:e7:71:0f:bb:c8:29:b5:21:66:94:c0:
91:b2:32:95:48:97:70:7d:bb:49:80:9b:0d:45:e5:32:fc:ba:
ff:76:dc:0f:36:1e:b2:fc:cb:1a:08:e5:6d:9d:af:95:fc:a5:
d6:48:0d:ac:67:74:be:a0:34:cb:c9:8a:77:d4:86:3e:e1:fe:
ff:b8:ab:24:10:88:b4:56:8c:a5:7c:c6:5f:b8:73:81:dc:3e:
04:81:3f:0e:6d:27:fd:5d:c7:f0:6f:ec:9e:e2:5c:c1:ae:df:
fc:6d:1a:b1:ef:8f:2e:c6:f7:e1:a8:c0:4c:67:d6:34:d5:e5:
cc:56:b7:c8:26:07:ca:36:aa:e9:0a:f1:bc:24:29:11:84:65:
60:ae:7c:d3:bb:1f:ec:05:28:2f:70:05:d4:74:c1:ef:bd:f5:
41:9f:97:72:04:88:a2:fb:d6:2d:23:1a:d8:17:c5:c0:b3:ca:
5e:30:18:bb:60:16:f6:f9:af:09:1e:33:0d:66:80:6b:4f:fb:
25:49:94:3b:e0:cd:03:32:bf:2d:15:2b:23:86:b0:7c:d1:7a:
02:f9:a6:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUg5+wq4K+ovP3NK2ZPJoHx28YuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMjFaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3ODkwN2QyZmFiNGUxODU5ZWY5NDhmODcyYTkwYjA0YTM0NDM4MDEzOTc3
OWJjYTBkNjRhYmY3OTE4ODk4NTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMP4HSeu2YpK6idjORgf9hOTLYjTkMcgdjl+BqJWGAru8H/00lOK+t25RhZe
B9780e37t+yoLwzGER/5ZIC6t5iboICPUBygTBVVny2LJKKWU/bEVZwM70GvEdMw
tfUuEyCH5b13+oQIHKVEPO9k4TR9X92yL/hB2ORfT2Y+1ftejjBNbJmybnWltFem
dH+M8yrXz4Ev3Qfxy8errgelDbFxedOYhcTeGAMk+qWDB9laY7P0F68tROEHWORD
bpjvPXsGShimjXLRmRystfwGvlIjDqTnjg2hnc5mfg+uFzCkGvKcqd8Y5USiN53u
3wXiqTcCkJvzj+AEqZy/h9W87PMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRYhNhH
hCa3vGizNfFQALVCdHDtkDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTBiMGM4ZjUtOWIwMy00ZDAwLWI3YmMtMzBhMjUzYjgzYmUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fA
MA0GCSqGSIb3DQEBCwUAA4IBAQBtheyU6wxlYOfKvLBgNYOC+WiEv1xtz0KqUFwR
oiAtJOcAYL9RhHo8+ISD53EPu8gptSFmlMCRsjKVSJdwfbtJgJsNReUy/Lr/dtwP
Nh6y/MsaCOVtna+V/KXWSA2sZ3S+oDTLyYp31IY+4f7/uKskEIi0VoylfMZfuHOB
3D4EgT8ObSf9Xcfwb+ye4lzBrt/8bRqx748uxvfhqMBMZ9Y01eXMVrfIJgfKNqrp
CvG8JCkRhGVgrnzTux/sBSgvcAXUdMHvvfVBn5dyBIii+9YtIxrYF8XAs8peMBi7
YBb2+a8JHjMNZoBrT/slSZQ74M0DMr8tFSsjhrB80XoC+aYB
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:19 2025 by rpki-client