Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50f59e85-50ab-4b5a-9119-096ba93f86f2.roa
File: 50f59e85-50ab-4b5a-9119-096ba93f86f2.roa (raw, json)
Hash identifier: 8MIg/UorxmXdGrLNm32SDNRakltEDQTbpCnG5hXmQHg=
Subject key identifier: D5:C2:1E:41:F7:8F:2C:79:3C:92:30:5D:05:FC:02:00:B9:4D:EA:97
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7D9BFA0DF4F380207E220A488EE08CE6B6441173
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50f59e85-50ab-4b5a-9119-096ba93f86f2.roa
Signing time: Tue 15 Jul 2025 00:30:42 +0000
ROA not before: Tue 15 Jul 2025 00:30:42 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:9b:fa:0d:f4:f3:80:20:7e:22:0a:48:8e:e0:8c:e6:b6:44:11:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:42 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=6344b22f3005f0d7870c1f283168057a614091e8b84366987722c4a6d5b896ce, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:41:26:2c:52:7c:1b:13:af:d5:2b:3c:53:e9:
6d:20:bd:a4:2e:7a:06:11:85:02:df:78:34:c1:5e:
49:f1:d0:00:42:7f:6c:e1:ec:b4:ee:9f:bd:84:82:
85:f6:9d:55:6f:5e:5a:17:e3:0a:06:64:0f:1f:da:
2d:8c:3a:38:e1:7f:ac:2f:c4:98:3b:d1:70:2b:6f:
d7:4f:45:b1:fa:a9:5d:26:e7:f0:b3:1d:c1:b9:b7:
33:03:2e:ed:07:90:00:e4:85:09:ba:23:e4:ff:b9:
46:4c:f7:ec:56:93:49:ca:a6:d3:db:87:05:59:87:
98:31:62:12:08:3e:83:cb:2d:82:c0:e4:1d:cb:a8:
47:23:6a:f1:69:76:e1:ff:f8:2c:8a:09:77:8c:ae:
ec:c6:a4:50:1c:e9:73:b5:32:34:49:19:6c:ff:da:
1f:29:33:19:fa:83:ac:59:08:3d:e0:02:36:1c:71:
a8:f8:dc:e8:0b:e1:9f:f9:d0:38:ca:d9:54:c1:f3:
13:ab:f4:53:04:94:96:04:6d:6e:70:96:2d:a1:4c:
d6:5f:29:e5:f6:87:b4:4d:c1:7c:63:4f:b1:a4:86:
21:33:b4:78:d8:86:42:4f:0c:67:46:5d:a9:46:94:
51:1e:cb:b4:a9:1f:1e:9a:50:5a:2e:98:13:9e:ed:
df:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C2:1E:41:F7:8F:2C:79:3C:92:30:5D:05:FC:02:00:B9:4D:EA:97
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50f59e85-50ab-4b5a-9119-096ba93f86f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:1000::/36
Signature Algorithm: sha256WithRSAEncryption
34:bf:63:8f:17:cc:a4:ee:2e:84:82:6b:cd:05:84:7d:98:35:
cc:ed:46:27:7c:38:ce:c7:5f:23:e4:a8:60:a7:53:ac:f9:9c:
7b:52:9d:1c:97:ab:cc:13:c9:4d:ba:bc:87:74:12:ff:b0:58:
61:11:fe:94:c7:f3:15:90:90:31:77:60:a9:3e:48:c4:8c:01:
66:5e:5c:22:54:0c:18:16:c8:65:a6:db:ad:e1:ac:8e:f6:54:
7f:44:cb:d9:6b:2b:f2:5d:1b:15:7e:ad:dd:f0:6a:62:6d:a7:
5c:c1:1e:48:a4:8d:e4:9a:76:be:31:a7:19:ac:78:5e:fc:30:
d8:8f:f3:bb:0e:40:63:7a:16:f9:62:e7:13:71:e2:5c:ee:1d:
1c:62:35:53:b3:37:8c:f4:27:25:f3:0c:7a:37:0e:86:54:fb:
c5:94:f2:e4:0e:d1:45:59:a1:f7:6c:15:2e:8e:49:a7:a3:04:
da:31:84:9b:09:23:e7:44:8a:86:ea:83:81:92:54:ca:a5:c2:
64:df:5f:e4:a4:0a:2b:fe:9a:56:e5:b5:c3:db:e6:e5:e6:cd:
12:a0:04:36:9f:b8:ac:c8:9c:df:0e:4b:eb:ad:4e:ee:e6:4a:
e8:4c:fa:f2:8d:20:a5:14:d2:2f:66:de:80:89:ea:9a:91:3a:
64:4f:7f:64
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfZv6DfTzgCB+IgpIjuCM5rZEEXMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwNDJaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzNDRiMjJmMzAwNWYwZDc4NzBjMWYyODMxNjgwNTdhNjE0MDkxZThiODQz
NjY5ODc3MjJjNGE2ZDViODk2Y2UxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlBJixSfBsTr9UrPFPpbSC9pC56BhGFAt94NMFeSfHQAEJ/bOHstO6fvYSC
hfadVW9eWhfjCgZkDx/aLYw6OOF/rC/EmDvRcCtv109FsfqpXSbn8LMdwbm3MwMu
7QeQAOSFCboj5P+5Rkz37FaTScqm09uHBVmHmDFiEgg+g8stgsDkHcuoRyNq8Wl2
4f/4LIoJd4yu7MakUBzpc7UyNEkZbP/aHykzGfqDrFkIPeACNhxxqPjc6Avhn/nQ
OMrZVMHzE6v0UwSUlgRtbnCWLaFM1l8p5faHtE3BfGNPsaSGITO0eNiGQk8MZ0Zd
qUaUUR7LtKkfHppQWi6YE57t3z0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVwh5B
948seTySMF0F/AIAuU3qlzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTBmNTllODUtNTBhYi00YjVhLTkxMTktMDk2YmE5M2Y4NmYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8MQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA0v2OPF8yk7i6EgmvNBYR9mDXM7UYnfDjOx18j
5Khgp1Os+Zx7Up0cl6vME8lNuryHdBL/sFhhEf6Ux/MVkJAxd2CpPkjEjAFmXlwi
VAwYFshlptut4ayO9lR/RMvZayvyXRsVfq3d8GpibadcwR5IpI3kmna+MacZrHhe
/DDYj/O7DkBjehb5YucTceJc7h0cYjVTszeM9Ccl8wx6Nw6GVPvFlPLkDtFFWaH3
bBUujkmnowTaMYSbCSPnRIqG6oOBklTKpcJk31/kpAor/ppW5bXD2+bl5s0SoAQ2
n7isyJzfDkvrrU7u5kroTPryjSClFNIvZt6AieqakTpkT39k
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:45:11 2025 by rpki-client